import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as enums from "../types/enums"; /** * Auto-naming specification for the resource. */ export interface AutoNamingArgs { /** * The maximum length of the name. */ maxLength?: pulumi.Input; /** * The minimum length of the name. */ minLength?: pulumi.Input; /** * The name of the property in the Cloud Control payload that is used to set the name of the resource. */ propertyName?: pulumi.Input; } /** * A set of tags to apply to the resource. */ export interface CreateOnlyTagArgs { /** * The key name of the tag */ key: pulumi.Input; /** * The value of the tag */ value: pulumi.Input; } /** * The configuration for a Provider to assume a role. */ export interface ProviderAssumeRoleArgs { /** * Number of seconds to restrict the assume role session duration. */ durationSeconds?: pulumi.Input; /** * External identifier to use when assuming the role. */ externalId?: pulumi.Input; /** * IAM Policy JSON describing further restricting permissions for the IAM Role being assumed. */ policy?: pulumi.Input; /** * Set of Amazon Resource Names (ARNs) of IAM Policies describing further restricting permissions for the role. */ policyArns?: pulumi.Input[]>; /** * Amazon Resource Name (ARN) of the IAM Role to assume. */ roleArn?: pulumi.Input; /** * Session name to use when assuming the role. */ sessionName?: pulumi.Input; /** * Map of assume role session tags. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A list of keys for session tags that you want to set as transitive. If you set a tag key as transitive, the corresponding key and value passes to subsequent sessions in a role chain. */ transitiveTagKeys?: pulumi.Input[]>; } /** * The configuration for automatically naming resources. */ export interface ProviderAutoNamingArgs { /** * Automatically trim the auto-generated name to meet the maximum length constraint. */ autoTrim?: pulumi.Input; /** * The minimum length of the random suffix to append to the auto-generated name. */ randomSuffixMinLength?: pulumi.Input; } /** * providerAutoNamingArgsProvideDefaults sets the appropriate defaults for ProviderAutoNamingArgs */ export declare function providerAutoNamingArgsProvideDefaults(val: ProviderAutoNamingArgs): ProviderAutoNamingArgs; /** * The configuration with resource tag settings to apply across all resources handled by this provider. This is designed to replace redundant per-resource `tags` configurations. Provider tags can be overridden with new values, but not excluded from specific resources. To override provider tag values, use the `tags` argument within a resource to configure new tag values for matching keys. */ export interface ProviderDefaultTagsArgs { /** * A group of tags to set across all resources. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The configuration for for customizing service endpoints. */ export interface ProviderEndpointArgs { /** * Override the default endpoint for AWS CloudControl */ cloudcontrol?: pulumi.Input; /** * Override the default endpoint for AWS CloudFormation */ cloudformation?: pulumi.Input; /** * Override the default endpoint for AWS Elastic Compute Cloud (EC2) */ ec2?: pulumi.Input; /** * Override the default endpoint for AWS Systems Manager */ ssm?: pulumi.Input; /** * Override the default endpoint for AWS Security Token Service (STS) */ sts?: pulumi.Input; } /** * The configuration with resource tag settings to ignore across all resources handled by this provider (except any individual service tag resources such as `ec2.Tag`) for situations where external systems are managing certain resource tags. */ export interface ProviderIgnoreTagsArgs { /** * List of exact resource tag keys to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning the tag in any `tags` attributes and displaying any configuration difference for the tag value. If any resource configuration still has this tag key configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or `ignoreChanges` is also used. */ keyPrefixes?: pulumi.Input[]>; /** * List of resource tag key prefixes to ignore across all resources handled by this provider. This configuration prevents Pulumi from returning any tag key matching the prefixes in any `tags` attributes and displaying any configuration difference for those tag values. If any resource configuration still has a tag matching one of the prefixes configured in the `tags` argument, it will display a perpetual difference until the tag is removed from the argument or `ignoreChanges` is also used. */ keys?: pulumi.Input[]>; } /** * A set of tags to apply to the resource. */ export interface TagArgs { /** * The key name of the tag */ key: pulumi.Input; /** * The value of the tag */ value: pulumi.Input; } export declare namespace accessanalyzer { /** * The criteria for an analysis rule for an analyzer. */ interface AnalyzerAnalysisRuleCriteriaArgs { /** * A list of AWS account IDs to apply to the analysis rule criteria. The accounts cannot include the organization analyzer owner account. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers. */ accountIds?: pulumi.Input[]>; /** * An array of key-value pairs to match for your resources. You can use the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. * * For the tag key, you can specify a value that is 1 to 128 characters in length and cannot be prefixed with aws:. * * For the tag value, you can specify a value that is 0 to 256 characters in length. If the specified tag value is 0 characters, the rule is applied to all principals with the specified tag key. */ resourceTags?: pulumi.Input[]>[]>; } /** * An Access Analyzer archive rule. Archive rules automatically archive new findings that meet the criteria you define when you create the rule. */ interface AnalyzerArchiveRuleArgs { /** * The criteria for the rule. */ filter: pulumi.Input[]>; /** * The archive rule name */ ruleName: pulumi.Input; } /** * The configuration for the analyzer */ interface AnalyzerConfigurationPropertiesArgs { /** * Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates access within your AWS environment. */ internalAccessConfiguration?: pulumi.Input; /** * Specifies the configuration of an unused access analyzer for an AWS organization or account. */ unusedAccessConfiguration?: pulumi.Input; } interface AnalyzerFilterArgs { /** * A "contains" condition to match for the rule. */ contains?: pulumi.Input[]>; /** * An "equals" condition to match for the rule. */ eq?: pulumi.Input[]>; /** * An "exists" condition to match for the rule. */ exists?: pulumi.Input; /** * A "not equal" condition to match for the rule. */ neq?: pulumi.Input[]>; /** * The property used to define the criteria in the filter for the rule. */ property: pulumi.Input; } /** * The criteria for an analysis rule for an internal access analyzer. */ interface AnalyzerInternalAccessAnalysisRuleCriteriaArgs { /** * A list of AWS account IDs to apply to the internal access analysis rule criteria. Account IDs can only be applied to the analysis rule criteria for organization-level analyzers and cannot include the organization owner account. */ accountIds?: pulumi.Input[]>; /** * A list of resource ARNs to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources that match these ARNs. */ resourceArns?: pulumi.Input[]>; /** * A list of resource types to apply to the internal access analysis rule criteria. The analyzer will only generate findings for resources of these types. */ resourceTypes?: pulumi.Input[]>; } /** * Specifies the configuration of an internal access analyzer for an AWS organization or account. This configuration determines how the analyzer evaluates internal access within your AWS environment. */ interface AnalyzerInternalAccessConfigurationArgs { /** * Contains information about analysis rules for the internal access analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule. */ internalAccessAnalysisRule?: pulumi.Input; } /** * Contains information about analysis rules for the internal access analyzer. Analysis rules determine which entities will generate findings based on the criteria you define when you create the rule. */ interface AnalyzerInternalAccessConfigurationInternalAccessAnalysisRulePropertiesArgs { /** * A list of rules for the internal access analyzer containing criteria to include in analysis. Only resources that meet the rule criteria will generate findings. */ inclusions?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface AnalyzerTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 127 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 255 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value?: pulumi.Input; } /** * The Configuration for Unused Access Analyzer */ interface AnalyzerUnusedAccessConfigurationArgs { /** * Contains information about rules for the analyzer. */ analysisRule?: pulumi.Input; /** * The specified access age in days for which to generate findings for unused access. For example, if you specify 90 days, the analyzer will generate findings for IAM entities within the accounts of the selected organization for any access that hasn't been used in 90 or more days since the analyzer's last scan. You can choose a value between 1 and 365 days. */ unusedAccessAge?: pulumi.Input; } /** * Contains information about rules for the analyzer. */ interface AnalyzerUnusedAccessConfigurationAnalysisRulePropertiesArgs { /** * A list of rules for the analyzer containing criteria to exclude from analysis. Entities that meet the rule criteria will not generate findings. */ exclusions?: pulumi.Input[]>; } } export declare namespace acmpca { /** * Contains X.509 certificate information to be placed in an issued certificate. An ``APIPassthrough`` or ``APICSRPassthrough`` template variant must be selected, or else this parameter is ignored. * If conflicting or duplicate certificate information is supplied from other sources, AWS Private CA applies [order of operation rules](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations) to determine what information is used. */ interface CertificateApiPassthroughArgs { /** * Specifies X.509 extension information for a certificate. */ extensions?: pulumi.Input; /** * Contains information about the certificate subject. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. */ subject?: pulumi.Input; } /** * Structure that contains X.509 AccessDescription information. */ interface CertificateAuthorityAccessDescriptionArgs { accessLocation: pulumi.Input; accessMethod: pulumi.Input; } /** * Structure that contains X.509 AccessMethod information. Assign one and ONLY one field. */ interface CertificateAuthorityAccessMethodArgs { accessMethodType?: pulumi.Input; customObjectIdentifier?: pulumi.Input; } /** * Your certificate authority can create and maintain a certificate revocation list (CRL). A CRL contains information about certificates that have been revoked. */ interface CertificateAuthorityCrlConfigurationArgs { /** * Configures the default behavior of the CRL Distribution Point extension for certificates issued by your CA. If this field is not provided, then the CRL Distribution Point extension will be present and contain the default CRL URL. */ crlDistributionPointExtensionConfiguration?: pulumi.Input; /** * Specifies the type of CRL. This setting determines the maximum number of certificates that the certificate authority can issue and revoke. For more information, see [AWS Private CA quotas](https://docs.aws.amazon.com/general/latest/gr/pca.html#limits_pca) . * * - `COMPLETE` - The default setting. AWS Private CA maintains a single CRL file for all unexpired certificates issued by a CA that have been revoked for any reason. Each certificate that AWS Private CA issues is bound to a specific CRL through the CRL distribution point (CDP) defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) . * - `PARTITIONED` - Compared to complete CRLs, partitioned CRLs dramatically increase the number of certificates your private CA can issue. * * > When using partitioned CRLs, you must validate that the CRL's associated issuing distribution point (IDP) URI matches the certificate's CDP URI to ensure the right CRL has been fetched. AWS Private CA marks the IDP extension as critical, which your client must be able to process. */ crlType?: pulumi.Input; /** * Name inserted into the certificate *CRL Distribution Points* extension that enables the use of an alias for the CRL distribution point. Use this value if you don't want the name of your S3 bucket to be public. * * > The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://". */ customCname?: pulumi.Input; /** * Designates a custom file path in S3 for CRL(s). For example, `http:////.crl` . */ customPath?: pulumi.Input; /** * Boolean value that specifies whether certificate revocation lists (CRLs) are enabled. You can use this value to enable certificate revocation for a new CA when you call the `CreateCertificateAuthority` operation or for an existing CA when you call the `UpdateCertificateAuthority` operation. */ enabled: pulumi.Input; /** * Validity period of the CRL in days. */ expirationInDays?: pulumi.Input; /** * Name of the S3 bucket that contains the CRL. If you do not provide a value for the *CustomCname* argument, the name of your S3 bucket is placed into the *CRL Distribution Points* extension of the issued certificate. You can change the name of your bucket by calling the [UpdateCertificateAuthority](https://docs.aws.amazon.com/privateca/latest/APIReference/API_UpdateCertificateAuthority.html) operation. You must specify a [bucket policy](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-policies) that allows AWS Private CA to write the CRL to your bucket. * * > The `S3BucketName` parameter must conform to the [S3 bucket naming rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/bucketnamingrules.html) . */ s3BucketName?: pulumi.Input; /** * Determines whether the CRL will be publicly readable or privately held in the CRL Amazon S3 bucket. If you choose PUBLIC_READ, the CRL will be accessible over the public internet. If you choose BUCKET_OWNER_FULL_CONTROL, only the owner of the CRL S3 bucket can access the CRL, and your PKI clients may need an alternative method of access. * * If no value is specified, the default is PUBLIC_READ. * * *Note:* This default can cause CA creation to fail in some circumstances. If you have have enabled the Block Public Access (BPA) feature in your S3 account, then you must specify the value of this parameter as `BUCKET_OWNER_FULL_CONTROL` , and not doing so results in an error. If you have disabled BPA in S3, then you can specify either `BUCKET_OWNER_FULL_CONTROL` or `PUBLIC_READ` as the value. * * For more information, see [Blocking public access to the S3 bucket](https://docs.aws.amazon.com/privateca/latest/userguide/PcaCreateCa.html#s3-bpa) . */ s3ObjectAcl?: pulumi.Input; } /** * Configures the default behavior of the CRL Distribution Point extension for certificates issued by your certificate authority */ interface CertificateAuthorityCrlDistributionPointExtensionConfigurationArgs { /** * Configures whether the CRL Distribution Point extension should be populated with the default URL to the CRL. If set to `true` , then the CDP extension will not be present in any certificates issued by that CA unless otherwise specified through CSR or API passthrough. * * > Only set this if you have another way to distribute the CRL Distribution Points for certificates issued by your CA, such as the Matter Distributed Compliance Ledger. * > * > This configuration cannot be enabled with a custom CNAME set. */ omitExtension: pulumi.Input; } /** * Structure that contains CSR pass though extensions information. */ interface CertificateAuthorityCsrExtensionsArgs { /** * Indicates the purpose of the certificate and of the key contained in the certificate. */ keyUsage?: pulumi.Input; /** * For CA certificates, provides a path to additional information pertaining to the CA, such as revocation and policy. For more information, see [Subject Information Access](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.2.2) in RFC 5280. */ subjectInformationAccess?: pulumi.Input[]>; } /** * Structure that contains X.500 attribute type and value. */ interface CertificateAuthorityCustomAttributeArgs { objectIdentifier: pulumi.Input; value: pulumi.Input; } /** * Structure that contains X.509 EdiPartyName information. */ interface CertificateAuthorityEdiPartyNameArgs { nameAssigner?: pulumi.Input; partyName: pulumi.Input; } /** * Structure that contains X.509 GeneralName information. Assign one and ONLY one field. */ interface CertificateAuthorityGeneralNameArgs { directoryName?: pulumi.Input; dnsName?: pulumi.Input; ediPartyName?: pulumi.Input; ipAddress?: pulumi.Input; otherName?: pulumi.Input; registeredId?: pulumi.Input; rfc822Name?: pulumi.Input; uniformResourceIdentifier?: pulumi.Input; } /** * Structure that contains X.509 KeyUsage information. */ interface CertificateAuthorityKeyUsageArgs { /** * Key can be used to sign CRLs. */ crlSign?: pulumi.Input; /** * Key can be used to decipher data. */ dataEncipherment?: pulumi.Input; /** * Key can be used only to decipher data. */ decipherOnly?: pulumi.Input; /** * Key can be used for digital signing. */ digitalSignature?: pulumi.Input; /** * Key can be used only to encipher data. */ encipherOnly?: pulumi.Input; /** * Key can be used in a key-agreement protocol. */ keyAgreement?: pulumi.Input; /** * Key can be used to sign certificates. */ keyCertSign?: pulumi.Input; /** * Key can be used to encipher data. */ keyEncipherment?: pulumi.Input; /** * Key can be used for non-repudiation. */ nonRepudiation?: pulumi.Input; } /** * Helps to configure online certificate status protocol (OCSP) responder for your certificate authority */ interface CertificateAuthorityOcspConfigurationArgs { /** * Flag enabling use of the Online Certificate Status Protocol (OCSP) for validating certificate revocation status. */ enabled: pulumi.Input; /** * By default, AWS Private CA injects an Amazon domain into certificates being validated by the Online Certificate Status Protocol (OCSP). A customer can alternatively use this object to define a CNAME specifying a customized OCSP domain. * * > The content of a Canonical Name (CNAME) record must conform to [RFC2396](https://docs.aws.amazon.com/https://www.ietf.org/rfc/rfc2396.txt) restrictions on the use of special characters in URIs. Additionally, the value of the CNAME must not include a protocol prefix such as "http://" or "https://". */ ocspCustomCname?: pulumi.Input; } /** * Structure that contains X.509 OtherName information. */ interface CertificateAuthorityOtherNameArgs { typeId: pulumi.Input; value: pulumi.Input; } /** * Certificate Authority revocation information. */ interface CertificateAuthorityRevocationConfigurationArgs { /** * Configuration of the certificate revocation list (CRL), if any, maintained by your private CA. */ crlConfiguration?: pulumi.Input; /** * Configuration of Online Certificate Status Protocol (OCSP) support, if any, maintained by your private CA. */ ocspConfiguration?: pulumi.Input; } /** * Structure that contains X.500 distinguished name information for your CA. */ interface CertificateAuthoritySubjectArgs { commonName?: pulumi.Input; country?: pulumi.Input; customAttributes?: pulumi.Input[]>; distinguishedNameQualifier?: pulumi.Input; generationQualifier?: pulumi.Input; givenName?: pulumi.Input; initials?: pulumi.Input; locality?: pulumi.Input; organization?: pulumi.Input; organizationalUnit?: pulumi.Input; pseudonym?: pulumi.Input; serialNumber?: pulumi.Input; state?: pulumi.Input; surname?: pulumi.Input; title?: pulumi.Input; } /** * Defines the X.500 relative distinguished name (RDN). */ interface CertificateCustomAttributeArgs { /** * Specifies the object identifier (OID) of the attribute type of the relative distinguished name (RDN). */ objectIdentifier: pulumi.Input; /** * Specifies the attribute value of relative distinguished name (RDN). */ value: pulumi.Input; } /** * Specifies the X.509 extension information for a certificate. * Extensions present in ``CustomExtensions`` follow the ``ApiPassthrough``[template rules](https://docs.aws.amazon.com/privateca/latest/userguide/UsingTemplates.html#template-order-of-operations). */ interface CertificateCustomExtensionArgs { /** * Specifies the critical flag of the X.509 extension. */ critical?: pulumi.Input; /** * Specifies the object identifier (OID) of the X.509 extension. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29) */ objectIdentifier: pulumi.Input; /** * Specifies the base64-encoded value of the X.509 extension. */ value: pulumi.Input; } /** * Describes an Electronic Data Interchange (EDI) entity as described in as defined in [Subject Alternative Name](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280) in RFC 5280. */ interface CertificateEdiPartyNameArgs { /** * Specifies the name assigner. */ nameAssigner: pulumi.Input; /** * Specifies the party name. */ partyName: pulumi.Input; } /** * Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the ``KeyUsage`` extension. */ interface CertificateExtendedKeyUsageArgs { /** * Specifies a custom ``ExtendedKeyUsage`` with an object identifier (OID). */ extendedKeyUsageObjectIdentifier?: pulumi.Input; /** * Specifies a standard ``ExtendedKeyUsage`` as defined as in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.12). */ extendedKeyUsageType?: pulumi.Input; } /** * Contains X.509 extension information for a certificate. */ interface CertificateExtensionsArgs { /** * Contains a sequence of one or more policy information terms, each of which consists of an object identifier (OID) and optional qualifiers. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). * In an end-entity certificate, these terms indicate the policy under which the certificate was issued and the purposes for which it may be used. In a CA certificate, these terms limit the set of policies for certification paths that include this certificate. */ certificatePolicies?: pulumi.Input[]>; /** * Contains a sequence of one or more X.509 extensions, each of which consists of an object identifier (OID), a base64-encoded value, and the critical flag. For more information, see the [Global OID reference database.](https://docs.aws.amazon.com/https://oidref.com/2.5.29) */ customExtensions?: pulumi.Input[]>; /** * Specifies additional purposes for which the certified public key may be used other than basic purposes indicated in the ``KeyUsage`` extension. */ extendedKeyUsage?: pulumi.Input[]>; /** * Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false. */ keyUsage?: pulumi.Input; /** * The subject alternative name extension allows identities to be bound to the subject of the certificate. These identities may be included in addition to or in place of the identity in the subject field of the certificate. */ subjectAlternativeNames?: pulumi.Input[]>; } /** * Describes an ASN.1 X.400 ``GeneralName`` as defined in [RFC 5280](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280). Only one of the following naming options should be provided. Providing more than one option results in an ``InvalidArgsException`` error. */ interface CertificateGeneralNameArgs { /** * Contains information about the certificate subject. The certificate can be one issued by your private certificate authority (CA) or it can be your private CA certificate. The Subject field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The Subject must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. The DN must be unique for each entity, but your private CA can issue more than one certificate with the same DN to the same entity. */ directoryName?: pulumi.Input; /** * Represents ``GeneralName`` as a DNS name. */ dnsName?: pulumi.Input; /** * Represents ``GeneralName`` as an ``EdiPartyName`` object. */ ediPartyName?: pulumi.Input; /** * Represents ``GeneralName`` as an IPv4 or IPv6 address. */ ipAddress?: pulumi.Input; /** * Represents ``GeneralName`` using an ``OtherName`` object. */ otherName?: pulumi.Input; /** * Represents ``GeneralName`` as an object identifier (OID). */ registeredId?: pulumi.Input; /** * Represents ``GeneralName`` as an [RFC 822](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc822) email address. */ rfc822Name?: pulumi.Input; /** * Represents ``GeneralName`` as a URI. */ uniformResourceIdentifier?: pulumi.Input; } /** * Defines one or more purposes for which the key contained in the certificate can be used. Default value for each option is false. */ interface CertificateKeyUsageArgs { /** * Key can be used to sign CRLs. */ crlSign?: pulumi.Input; /** * Key can be used to decipher data. */ dataEncipherment?: pulumi.Input; /** * Key can be used only to decipher data. */ decipherOnly?: pulumi.Input; /** * Key can be used for digital signing. */ digitalSignature?: pulumi.Input; /** * Key can be used only to encipher data. */ encipherOnly?: pulumi.Input; /** * Key can be used in a key-agreement protocol. */ keyAgreement?: pulumi.Input; /** * Key can be used to sign certificates. */ keyCertSign?: pulumi.Input; /** * Key can be used to encipher data. */ keyEncipherment?: pulumi.Input; /** * Key can be used for non-repudiation. */ nonRepudiation?: pulumi.Input; } /** * Defines a custom ASN.1 X.400 ``GeneralName`` using an object identifier (OID) and value. The OID must satisfy the regular expression shown below. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). */ interface CertificateOtherNameArgs { /** * Specifies an OID. */ typeId: pulumi.Input; /** * Specifies an OID value. */ value: pulumi.Input; } /** * Defines the X.509 ``CertificatePolicies`` extension. */ interface CertificatePolicyInformationArgs { /** * Specifies the object identifier (OID) of the certificate policy under which the certificate was issued. For more information, see NIST's definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). */ certPolicyId: pulumi.Input; /** * Modifies the given ``CertPolicyId`` with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier. */ policyQualifiers?: pulumi.Input[]>; } /** * Modifies the ``CertPolicyId`` of a ``PolicyInformation`` object with a qualifier. AWS Private CA supports the certification practice statement (CPS) qualifier. */ interface CertificatePolicyQualifierInfoArgs { /** * Identifies the qualifier modifying a ``CertPolicyId``. */ policyQualifierId: pulumi.Input; /** * Defines the qualifier type. AWS Private CA supports the use of a URI for a CPS qualifier in this field. */ qualifier: pulumi.Input; } /** * Defines a ``PolicyInformation`` qualifier. AWS Private CA supports the [certification practice statement (CPS) qualifier](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc5280#section-4.2.1.4) defined in RFC 5280. */ interface CertificateQualifierArgs { /** * Contains a pointer to a certification practice statement (CPS) published by the CA. */ cpsUri: pulumi.Input; } /** * Contains information about the certificate subject. The ``Subject`` field in the certificate identifies the entity that owns or controls the public key in the certificate. The entity can be a user, computer, device, or service. The ``Subject``must contain an X.500 distinguished name (DN). A DN is a sequence of relative distinguished names (RDNs). The RDNs are separated by commas in the certificate. */ interface CertificateSubjectArgs { /** * For CA and end-entity certificates in a private PKI, the common name (CN) can be any string within the length limit. * Note: In publicly trusted certificates, the common name must be a fully qualified domain name (FQDN) associated with the certificate subject. */ commonName?: pulumi.Input; /** * Two-digit code that specifies the country in which the certificate subject located. */ country?: pulumi.Input; /** * Contains a sequence of one or more X.500 relative distinguished names (RDNs), each of which consists of an object identifier (OID) and a value. For more information, see NIST’s definition of [Object Identifier (OID)](https://docs.aws.amazon.com/https://csrc.nist.gov/glossary/term/Object_Identifier). * Custom attributes cannot be used in combination with standard attributes. */ customAttributes?: pulumi.Input[]>; /** * Disambiguating information for the certificate subject. */ distinguishedNameQualifier?: pulumi.Input; /** * Typically a qualifier appended to the name of an individual. Examples include Jr. for junior, Sr. for senior, and III for third. */ generationQualifier?: pulumi.Input; /** * First name. */ givenName?: pulumi.Input; /** * Concatenation that typically contains the first letter of the *GivenName*, the first letter of the middle name if one exists, and the first letter of the *Surname*. */ initials?: pulumi.Input; /** * The locality (such as a city or town) in which the certificate subject is located. */ locality?: pulumi.Input; /** * Legal name of the organization with which the certificate subject is affiliated. */ organization?: pulumi.Input; /** * A subdivision or unit of the organization (such as sales or finance) with which the certificate subject is affiliated. */ organizationalUnit?: pulumi.Input; /** * Typically a shortened version of a longer *GivenName*. For example, Jonathan is often shortened to John. Elizabeth is often shortened to Beth, Liz, or Eliza. */ pseudonym?: pulumi.Input; /** * The certificate serial number. */ serialNumber?: pulumi.Input; /** * State in which the subject of the certificate is located. */ state?: pulumi.Input; /** * Family name. In the US and the UK, for example, the surname of an individual is ordered last. In Asian cultures the surname is typically ordered first. */ surname?: pulumi.Input; /** * A title such as Mr. or Ms., which is pre-pended to the name to refer formally to the certificate subject. */ title?: pulumi.Input; } /** * Length of time for which the certificate issued by your private certificate authority (CA), or by the private CA itself, is valid in days, months, or years. You can issue a certificate by calling the ``IssueCertificate`` operation. */ interface CertificateValidityArgs { /** * Specifies whether the ``Value`` parameter represents days, months, or years. */ type: pulumi.Input; /** * A long integer interpreted according to the value of ``Type``, below. */ value: pulumi.Input; } } export declare namespace aiops { interface InvestigationGroupChatbotNotificationChannelArgs { /** * Returns the Amazon Resource Name (ARN) of any third-party chat integrations configured for the account. */ chatConfigurationArns?: pulumi.Input[]>; /** * Returns the ARN of an Amazon topic used for third-party chat integrations. */ snsTopicArn?: pulumi.Input; } interface InvestigationGroupCrossAccountConfigurationArgs { /** * The ARN of an existing role which will be used to do investigations on your behalf. */ sourceRoleArn?: pulumi.Input; } interface InvestigationGroupEncryptionConfigMapArgs { /** * Displays whether investigation data is encrypted by a customer managed key or an AWS owned key. */ encryptionConfigurationType?: pulumi.Input; /** * If the investigation group uses a customer managed key for encryption, this field displays the ID of that key. */ kmsKeyId?: pulumi.Input; } } export declare namespace amazonmq { interface BrokerConfigurationIdArgs { /** * Required. The unique ID that Amazon MQ generates for the configuration. */ id: pulumi.Input; /** * The revision number of the configuration. */ revision: pulumi.Input; } interface BrokerEncryptionOptionsArgs { /** * The customer master key (CMK) to use for the A KMS (KMS). * This key is used to encrypt your data at rest. If not provided, Amazon MQ will use a default CMK to encrypt your data. * The Key ARN is recommended so that drift can be detected, * but a key ID or key alias will also be accepted for API compatibility reasons. */ kmsKeyId?: pulumi.Input; /** * Enables the use of an AWS owned CMK using AWS (KMS). Set to `true` by default, if no value is provided, for example, for RabbitMQ brokers. */ useAwsOwnedKey: pulumi.Input; } interface BrokerLdapServerMetadataArgs { hosts: pulumi.Input[]>; roleBase: pulumi.Input; roleName?: pulumi.Input; roleSearchMatching: pulumi.Input; roleSearchSubtree?: pulumi.Input; serviceAccountPassword?: pulumi.Input; serviceAccountUsername: pulumi.Input; userBase: pulumi.Input; userRoleName?: pulumi.Input; userSearchMatching: pulumi.Input; userSearchSubtree?: pulumi.Input; } interface BrokerLogListArgs { /** * Enables audit logging. Every user management action made using JMX or the ActiveMQ Web Console is logged. Does not apply to RabbitMQ brokers. */ audit?: pulumi.Input; /** * Enables general logging. */ general?: pulumi.Input; } interface BrokerMaintenanceWindowArgs { /** * _Allowed Values_: MONDAY | TUESDAY | WEDNESDAY | THURSDAY | FRIDAY | SATURDAY | SUNDAY */ dayOfWeek: pulumi.Input; /** * The time, in 24-hour format, and use only numbers separated by a colon, HH:MM or HH:MM:SS. Example: 13:05. * When writing YAML this may need to be quoted to prevent a timestamp being read and converted to a number of minutes or seconds. */ timeOfDay: pulumi.Input; /** * The time zone, UTC by default, in either the Country/City format, or the UTC offset format. */ timeZone: pulumi.Input; } interface BrokerUserArgs { /** * Enables access to the ActiveMQ Web Console for the ActiveMQ user. Does not apply to RabbitMQ brokers. */ consoleAccess?: pulumi.Input; /** * The list of groups (20 maximum) to which the ActiveMQ user belongs. This value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. Does not apply to RabbitMQ brokers. */ groups?: pulumi.Input[]>; /** * Required. The password of the user. This value must be at least 12 characters long, must contain at least 4 unique characters, and must not contain commas, colons, or equal signs (,:=). */ password: pulumi.Input; /** * Defines if this user is intended for CRDR replication purposes. */ replicationUser?: pulumi.Input; /** * The username of the broker user. The following restrictions apply to broker usernames: * * - For Amazon MQ for ActiveMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores, and tildes (- . _ ~). This value must be 2-100 characters long. * - For Amazon MQ for RabbitMQ brokers, this value can contain only alphanumeric characters, dashes, periods, underscores (- . _). This value must not contain a tilde (~) character. Amazon MQ prohibts using `guest` as a valid usename. This value must be 2-100 characters long. * * > Do not add personally identifiable information (PII) or other confidential or sensitive information in broker usernames. Broker usernames are accessible to other AWS services, including CloudWatch Logs . Broker usernames are not intended to be used for private or sensitive data. */ username: pulumi.Input; } } export declare namespace amplify { interface AppAutoBranchCreationConfigArgs { /** * Automated branch creation glob patterns for the Amplify app. */ autoBranchCreationPatterns?: pulumi.Input[]>; /** * Sets password protection for your auto created branch. */ basicAuthConfig?: pulumi.Input; /** * The build specification (build spec) for the autocreated branch. */ buildSpec?: pulumi.Input; /** * Enables automated branch creation for the Amplify app. */ enableAutoBranchCreation?: pulumi.Input; /** * Enables auto building for the auto created branch. */ enableAutoBuild?: pulumi.Input; /** * Enables performance mode for the branch. * * Performance mode optimizes for faster hosting performance by keeping content cached at the edge for a longer interval. When performance mode is enabled, hosting configuration or code changes can take up to 10 minutes to roll out. */ enablePerformanceMode?: pulumi.Input; /** * Sets whether pull request previews are enabled for each branch that Amplify Hosting automatically creates for your app. Amplify creates previews by deploying your app to a unique URL whenever a pull request is opened for the branch. Development and QA teams can use this preview to test the pull request before it's merged into a production or integration branch. * * To provide backend support for your preview, Amplify Hosting automatically provisions a temporary backend environment that it deletes when the pull request is closed. If you want to specify a dedicated backend environment for your previews, use the `PullRequestEnvironmentName` property. * * For more information, see [Web Previews](https://docs.aws.amazon.com/amplify/latest/userguide/pr-previews.html) in the *AWS Amplify Hosting User Guide* . */ enablePullRequestPreview?: pulumi.Input; /** * The environment variables for the autocreated branch. */ environmentVariables?: pulumi.Input[]>; /** * The framework for the autocreated branch. */ framework?: pulumi.Input; /** * If pull request previews are enabled, you can use this property to specify a dedicated backend environment for your previews. For example, you could specify an environment named `prod` , `test` , or `dev` that you initialized with the Amplify CLI. * * To enable pull request previews, set the `EnablePullRequestPreview` property to `true` . * * If you don't specify an environment, Amplify Hosting provides backend support for each preview by automatically provisioning a temporary backend environment. Amplify deletes this environment when the pull request is closed. * * For more information about creating backend environments, see [Feature Branch Deployments and Team Workflows](https://docs.aws.amazon.com/amplify/latest/userguide/multi-environments.html) in the *AWS Amplify Hosting User Guide* . */ pullRequestEnvironmentName?: pulumi.Input; /** * Stage for the auto created branch. */ stage?: pulumi.Input; } interface AppBasicAuthConfigArgs { /** * Enables basic authorization for the Amplify app's branches. */ enableBasicAuth?: pulumi.Input; /** * The password for basic authorization. */ password?: pulumi.Input; /** * The user name for basic authorization. */ username?: pulumi.Input; } interface AppCacheConfigArgs { /** * The type of cache configuration to use for an Amplify app. * * The `AMPLIFY_MANAGED` cache configuration automatically applies an optimized cache configuration for your app based on its platform, routing rules, and rewrite rules. * * The `AMPLIFY_MANAGED_NO_COOKIES` cache configuration type is the same as `AMPLIFY_MANAGED` , except that it excludes all cookies from the cache key. This is the default setting. */ type?: pulumi.Input; } interface AppCustomRuleArgs { /** * The condition for a URL rewrite or redirect rule, such as a country code. */ condition?: pulumi.Input; /** * The source pattern for a URL rewrite or redirect rule. */ source: pulumi.Input; /** * The status code for a URL rewrite or redirect rule. * * - **200** - Represents a 200 rewrite rule. * - **301** - Represents a 301 (moved pemanently) redirect rule. This and all future requests should be directed to the target URL. * - **302** - Represents a 302 temporary redirect rule. * - **404** - Represents a 404 redirect rule. * - **404-200** - Represents a 404 rewrite rule. */ status?: pulumi.Input; /** * The target pattern for a URL rewrite or redirect rule. */ target: pulumi.Input; } interface AppEnvironmentVariableArgs { /** * The environment variable name. */ name: pulumi.Input; /** * The environment variable value. */ value: pulumi.Input; } interface AppJobConfigArgs { /** * Specifies the size of the build instance. Amplify supports three instance sizes: `STANDARD_8GB` , `LARGE_16GB` , and `XLARGE_72GB` . If you don't specify a value, Amplify uses the `STANDARD_8GB` default. * * The following list describes the CPU, memory, and storage capacity for each build instance type: * * - **STANDARD_8GB** - - vCPUs: 4 * - Memory: 8 GiB * - Disk space: 128 GB * - **LARGE_16GB** - - vCPUs: 8 * - Memory: 16 GiB * - Disk space: 128 GB * - **XLARGE_72GB** - - vCPUs: 36 * - Memory: 72 GiB * - Disk space: 256 GB */ buildComputeType: pulumi.Input; } interface BranchBackendArgs { /** * The Amazon Resource Name (ARN) for the CloudFormation stack. */ stackArn?: pulumi.Input; } interface BranchBasicAuthConfigArgs { /** * Enables basic authorization for the branch. */ enableBasicAuth?: pulumi.Input; /** * The password for basic authorization. */ password: pulumi.Input; username: pulumi.Input; } interface BranchEnvironmentVariableArgs { /** * The environment variable name. */ name: pulumi.Input; /** * The environment variable value. */ value: pulumi.Input; } interface DomainCertificateSettingsArgs { /** * The certificate type. * * Specify `AMPLIFY_MANAGED` to use the default certificate that Amplify provisions for you. * * Specify `CUSTOM` to use your own certificate that you have already added to Certificate Manager in your AWS account . Make sure you request (or import) the certificate in the US East (N. Virginia) Region (us-east-1). For more information about using ACM, see [Importing certificates into Certificate Manager](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *ACM User guide* . */ certificateType?: pulumi.Input; /** * The Amazon resource name (ARN) for the custom certificate that you have already added to Certificate Manager in your AWS account . * * This field is required only when the certificate type is `CUSTOM` . */ customCertificateArn?: pulumi.Input; } interface DomainSubDomainSettingArgs { /** * The branch name setting for the subdomain. * * *Length Constraints:* Minimum length of 1. Maximum length of 255. * * *Pattern:* (?s).+ */ branchName: pulumi.Input; /** * The prefix setting for the subdomain. */ prefix: pulumi.Input; } } export declare namespace amplifyuibuilder { interface ComponentActionParametersArgs { /** * The HTML anchor link to the location to open. Specify this value for a navigation action. */ anchor?: pulumi.Input; /** * A dictionary of key-value pairs mapping Amplify Studio properties to fields in a data model. Use when the action performs an operation on an Amplify DataStore model. */ fields?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Specifies whether the user should be signed out globally. Specify this value for an auth sign out action. */ global?: pulumi.Input; /** * The unique ID of the component that the `ActionParameters` apply to. */ id?: pulumi.Input; /** * The name of the data model. Use when the action performs an operation on an Amplify DataStore model. */ model?: pulumi.Input; /** * A key-value pair that specifies the state property name and its initial value. */ state?: pulumi.Input; /** * The element within the same component to modify when the action occurs. */ target?: pulumi.Input; /** * The type of navigation action. Valid values are `url` and `anchor` . This value is required for a navigation action. */ type?: pulumi.Input; /** * The URL to the location to open. Specify this value for a navigation action. */ url?: pulumi.Input; } interface ComponentBindingPropertiesValueArgs { /** * Describes the properties to customize with data at runtime. */ bindingProperties?: pulumi.Input; /** * The default value of the property. */ defaultValue?: pulumi.Input; /** * The property type. */ type?: pulumi.Input; } interface ComponentBindingPropertiesValuePropertiesArgs { /** * An Amazon S3 bucket. */ bucket?: pulumi.Input; /** * The default value to assign to the property. */ defaultValue?: pulumi.Input; /** * The field to bind the data to. */ field?: pulumi.Input; /** * The storage key for an Amazon S3 bucket. */ key?: pulumi.Input; /** * An Amplify DataStore model. */ model?: pulumi.Input; /** * A list of predicates for binding a component's properties to data. */ predicates?: pulumi.Input[]>; /** * The name of a component slot. */ slotName?: pulumi.Input; /** * An authenticated user attribute. */ userAttribute?: pulumi.Input; } interface ComponentChildArgs { /** * The list of `ComponentChild` instances for this component. */ children?: pulumi.Input[]>; /** * The type of the child component. */ componentType: pulumi.Input; /** * Describes the events that can be raised on the child component. Use for the workflow feature in Amplify Studio that allows you to bind events and actions to components. */ events?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of the child component. */ name: pulumi.Input; /** * Describes the properties of the child component. You can't specify `tags` as a valid property for `properties` . */ properties: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The unique ID of the child component in its original source system, such as Figma. */ sourceId?: pulumi.Input; } interface ComponentConditionPropertyArgs { /** * The value to assign to the property if the condition is not met. */ else?: pulumi.Input; /** * The name of a field. Specify this when the property is a data model. */ field?: pulumi.Input; /** * The value of the property to evaluate. */ operand?: pulumi.Input; /** * The type of the property to evaluate. */ operandType?: pulumi.Input; /** * The operator to use to perform the evaluation, such as `eq` to represent equals. */ operator?: pulumi.Input; /** * The name of the conditional property. */ property?: pulumi.Input; /** * The value to assign to the property if the condition is met. */ then?: pulumi.Input; } interface ComponentDataConfigurationArgs { /** * A list of IDs to use to bind data to a component. Use this property to bind specifically chosen data, rather than data retrieved from a query. */ identifiers?: pulumi.Input[]>; /** * The name of the data model to use to bind data to a component. */ model: pulumi.Input; /** * Represents the conditional logic to use when binding data to a component. Use this property to retrieve only a subset of the data in a collection. */ predicate?: pulumi.Input; /** * Describes how to sort the component's properties. */ sort?: pulumi.Input[]>; } interface ComponentEventArgs { /** * The action to perform when a specific event is raised. */ action?: pulumi.Input; /** * Binds an event to an action on a component. When you specify a `bindingEvent` , the event is called when the action is performed. */ bindingEvent?: pulumi.Input; /** * Describes information about the action. */ parameters?: pulumi.Input; } interface ComponentFormBindingElementArgs { /** * The name of the component to retrieve a value from. */ element: pulumi.Input; /** * The property to retrieve a value from. */ property: pulumi.Input; } interface ComponentMutationActionSetStateParameterArgs { /** * The name of the component that is being modified. */ componentName: pulumi.Input; /** * The name of the component property to apply the state configuration to. */ property: pulumi.Input; /** * The state configuration to assign to the property. */ set: pulumi.Input; } interface ComponentPredicateArgs { /** * A list of predicates to combine logically. */ and?: pulumi.Input[]>; /** * The field to query. */ field?: pulumi.Input; /** * The value to use when performing the evaluation. */ operand?: pulumi.Input; /** * The type of value to use when performing the evaluation. */ operandType?: pulumi.Input; /** * The operator to use to perform the evaluation. */ operator?: pulumi.Input; /** * A list of predicates to combine logically. */ or?: pulumi.Input[]>; } interface ComponentPropertyArgs { /** * The information to bind the component property to data at runtime. */ bindingProperties?: pulumi.Input; /** * The information to bind the component property to form data. */ bindings?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The information to bind the component property to data at runtime. Use this for collection components. */ collectionBindingProperties?: pulumi.Input; /** * The name of the component that is affected by an event. */ componentName?: pulumi.Input; /** * A list of component properties to concatenate to create the value to assign to this component property. */ concat?: pulumi.Input[]>; /** * The conditional expression to use to assign a value to the component property. */ condition?: pulumi.Input; /** * Specifies whether the user configured the property in Amplify Studio after importing it. */ configured?: pulumi.Input; /** * The default value to assign to the component property. */ defaultValue?: pulumi.Input; /** * An event that occurs in your app. Use this for workflow data binding. */ event?: pulumi.Input; /** * The default value assigned to the property when the component is imported into an app. */ importedValue?: pulumi.Input; /** * The data model to use to assign a value to the component property. */ model?: pulumi.Input; /** * The name of the component's property that is affected by an event. */ property?: pulumi.Input; /** * The component type. */ type?: pulumi.Input; /** * An authenticated user attribute to use to assign a value to the component property. */ userAttribute?: pulumi.Input; /** * The value to assign to the component property. */ value?: pulumi.Input; } interface ComponentPropertyBindingPropertiesArgs { /** * The data field to bind the property to. */ field?: pulumi.Input; /** * The component property to bind to the data field. */ property: pulumi.Input; } interface ComponentSortPropertyArgs { /** * The direction of the sort, either ascending or descending. */ direction: pulumi.Input; /** * The field to perform the sort on. */ field: pulumi.Input; } interface ComponentVariantArgs { /** * The properties of the component variant that can be overriden when customizing an instance of the component. You can't specify `tags` as a valid property for `overrides` . */ overrides?: pulumi.Input<{ [key: string]: any; }>; /** * The combination of variants that comprise this variant. */ variantValues?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface FormButtonArgs { /** * Describes the button's properties. */ children?: pulumi.Input; /** * Specifies whether the button is visible on the form. */ excluded?: pulumi.Input; /** * The position of the button. */ position?: pulumi.Input; } interface FormCtaArgs { /** * Displays a cancel button. */ cancel?: pulumi.Input; /** * Displays a clear button. */ clear?: pulumi.Input; /** * The position of the button. */ position?: pulumi.Input; /** * Displays a submit button. */ submit?: pulumi.Input; } interface FormDataTypeConfigArgs { /** * The data source type, either an Amplify DataStore model or a custom data type. */ dataSourceType: pulumi.Input; /** * The unique name of the data type you are using as the data source for the form. */ dataTypeName: pulumi.Input; } interface FormFieldConfigArgs { /** * Specifies whether to hide a field. */ excluded?: pulumi.Input; /** * Describes the configuration for the default input value to display for a field. */ inputType?: pulumi.Input; /** * The label for the field. */ label?: pulumi.Input; /** * Specifies the field position. */ position?: pulumi.Input; /** * The validations to perform on the value in the field. */ validations?: pulumi.Input[]>; } interface FormFieldInputConfigArgs { /** * Specifies whether a field has a default value. */ defaultChecked?: pulumi.Input; /** * The default country code for a phone number. */ defaultCountryCode?: pulumi.Input; /** * The default value for the field. */ defaultValue?: pulumi.Input; /** * The text to display to describe the field. */ descriptiveText?: pulumi.Input; /** * The configuration for the file uploader field. */ fileUploaderConfig?: pulumi.Input; /** * Specifies whether to render the field as an array. This property is ignored if the `dataSourceType` for the form is a Data Store. */ isArray?: pulumi.Input; /** * The maximum value to display for the field. */ maxValue?: pulumi.Input; /** * The minimum value to display for the field. */ minValue?: pulumi.Input; /** * The name of the field. */ name?: pulumi.Input; /** * The text to display as a placeholder for the field. */ placeholder?: pulumi.Input; /** * Specifies a read only field. */ readOnly?: pulumi.Input; /** * Specifies a field that requires input. */ required?: pulumi.Input; /** * The stepping increment for a numeric value in a field. */ step?: pulumi.Input; /** * The input type for the field. */ type: pulumi.Input; /** * The value for the field. */ value?: pulumi.Input; /** * The information to use to customize the input fields with data at runtime. */ valueMappings?: pulumi.Input; } interface FormFieldPosition0PropertiesArgs { fixed: pulumi.Input; } interface FormFieldPosition1PropertiesArgs { rightOf: pulumi.Input; } interface FormFieldPosition2PropertiesArgs { below: pulumi.Input; } interface FormFieldValidationConfigurationArgs { /** * The validation to perform on a number value. */ numValues?: pulumi.Input[]>; /** * The validation to perform on a string value. */ strValues?: pulumi.Input[]>; /** * The validation to perform on an object type. `` */ type: pulumi.Input; /** * The validation message to display. */ validationMessage?: pulumi.Input; } interface FormFileUploaderFieldConfigArgs { /** * The file types that are allowed to be uploaded by the file uploader. Provide this information in an array of strings specifying the valid file extensions. */ acceptedFileTypes: pulumi.Input[]>; /** * The access level to assign to the uploaded files in the Amazon S3 bucket where they are stored. The valid values for this property are `private` , `protected` , or `public` . For detailed information about the permissions associated with each access level, see [File access levels](https://docs.aws.amazon.com/https://docs.amplify.aws/lib/storage/configureaccess/q/platform/js/) in the *Amplify documentation* . */ accessLevel: pulumi.Input; /** * Allows the file upload operation to be paused and resumed. The default value is `false` . * * When `isResumable` is set to `true` , the file uploader uses a multipart upload to break the files into chunks before upload. The progress of the upload isn't continuous, because the file uploader uploads a chunk at a time. */ isResumable?: pulumi.Input; /** * Specifies the maximum number of files that can be selected to upload. The default value is an unlimited number of files. */ maxFileCount?: pulumi.Input; /** * The maximum file size in bytes that the file uploader will accept. The default value is an unlimited file size. */ maxSize?: pulumi.Input; /** * Specifies whether to display or hide the image preview after selecting a file for upload. The default value is `true` to display the image preview. */ showThumbnails?: pulumi.Input; } interface FormInputBindingPropertiesValueArgs { /** * Describes the properties to customize with data at runtime. */ bindingProperties?: pulumi.Input; /** * The property type. */ type?: pulumi.Input; } interface FormInputBindingPropertiesValuePropertiesArgs { /** * An Amplify DataStore model. */ model?: pulumi.Input; } interface FormInputValuePropertyArgs { /** * The information to bind fields to data at runtime. */ bindingProperties?: pulumi.Input; /** * A list of form properties to concatenate to create the value to assign to this field property. */ concat?: pulumi.Input[]>; /** * The value to assign to the input field. */ value?: pulumi.Input; } interface FormInputValuePropertyBindingPropertiesArgs { /** * The data field to bind the property to. */ field?: pulumi.Input; /** * The form property to bind to the data field. */ property: pulumi.Input; } interface FormSectionalElementArgs { /** * Excludes a sectional element that was generated by default for a specified data model. */ excluded?: pulumi.Input; /** * Specifies the size of the font for a `Heading` sectional element. Valid values are `1 | 2 | 3 | 4 | 5 | 6` . */ level?: pulumi.Input; /** * Specifies the orientation for a `Divider` sectional element. Valid values are `horizontal` or `vertical` . */ orientation?: pulumi.Input; /** * Specifies the position of the text in a field for a `Text` sectional element. */ position?: pulumi.Input; /** * The text for a `Text` sectional element. */ text?: pulumi.Input; /** * The type of sectional element. Valid values are `Heading` , `Text` , and `Divider` . */ type: pulumi.Input; } interface FormStyleArgs { /** * The spacing for the horizontal gap. */ horizontalGap?: pulumi.Input; /** * The size of the outer padding for the form. */ outerPadding?: pulumi.Input; /** * The spacing for the vertical gap. */ verticalGap?: pulumi.Input; } interface FormStyleConfig0PropertiesArgs { tokenReference: pulumi.Input; } interface FormStyleConfig1PropertiesArgs { value: pulumi.Input; } interface FormValueMappingArgs { /** * The value to display for the complex object. */ displayValue?: pulumi.Input; /** * The complex object. */ value: pulumi.Input; } interface FormValueMappingsArgs { /** * The information to bind fields to data at runtime. */ bindingProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The value and display value pairs. */ values: pulumi.Input[]>; } interface ThemeValueArgs { /** * A list of key-value pairs that define the theme's properties. */ children?: pulumi.Input[]>; /** * The value of a theme property. */ value?: pulumi.Input; } interface ThemeValuesArgs { /** * The name of the property. */ key?: pulumi.Input; /** * The value of the property. */ value?: pulumi.Input; } } export declare namespace apigateway { /** * ``StageKey`` is a property of the [AWS::ApiGateway::ApiKey](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-apikey.html) resource that specifies the stage to associate with the API key. This association allows only clients with the key to make requests to methods in that stage. */ interface ApiKeyStageKeyArgs { /** * The string identifier of the associated RestApi. */ restApiId?: pulumi.Input; /** * The stage name associated with the stage key. */ stageName?: pulumi.Input; } /** * The ``AccessLogSetting`` property type specifies settings for logging access in this stage. * ``AccessLogSetting`` is a property of the [StageDescription](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html) property type. */ interface DeploymentAccessLogSettingArgs { /** * The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with `amazon-apigateway-` . */ destinationArn?: pulumi.Input; /** * A single line format of the access logs of data, as specified by selected $context variables. The format must include at least `$context.requestId` . */ format?: pulumi.Input; } /** * The ``CanarySetting`` property type specifies settings for the canary deployment in this stage. * ``CanarySetting`` is a property of the [StageDescription](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html) property type. */ interface DeploymentCanarySettingArgs { /** * The percent (0-100) of traffic diverted to a canary deployment. */ percentTraffic?: pulumi.Input; /** * Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values. */ stageVariableOverrides?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A Boolean flag to indicate whether the canary deployment uses the stage cache or not. */ useStageCache?: pulumi.Input; } /** * The ``DeploymentCanarySettings`` property type specifies settings for the canary deployment. */ interface DeploymentCanarySettingsArgs { /** * The percentage (0.0-100.0) of traffic routed to the canary deployment. */ percentTraffic?: pulumi.Input; /** * A stage variable overrides used for the canary release deployment. They can override existing stage variables or add new stage variables for the canary release deployment. These stage variables are represented as a string-to-string map between stage variable names and their values. */ stageVariableOverrides?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A Boolean flag to indicate whether the canary release deployment uses the stage cache or not. */ useStageCache?: pulumi.Input; } /** * The ``MethodSetting`` property type configures settings for all methods in a stage. * The ``MethodSettings`` property of the [Amazon API Gateway Deployment StageDescription](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apigateway-deployment-stagedescription.html) property type contains a list of ``MethodSetting`` property types. */ interface DeploymentMethodSettingArgs { /** * Specifies whether the cached responses are encrypted. */ cacheDataEncrypted?: pulumi.Input; /** * Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached. */ cacheTtlInSeconds?: pulumi.Input; /** * Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached. */ cachingEnabled?: pulumi.Input; /** * Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs. */ dataTraceEnabled?: pulumi.Input; /** * The HTTP method. */ httpMethod?: pulumi.Input; /** * Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are `OFF` , `ERROR` , and `INFO` . Choose `ERROR` to write only error-level entries to CloudWatch Logs, or choose `INFO` to include all `ERROR` events as well as extra informational events. */ loggingLevel?: pulumi.Input; /** * Specifies whether Amazon CloudWatch metrics are enabled for this method. */ metricsEnabled?: pulumi.Input; /** * The resource path for this method. Forward slashes (``/``) are encoded as ``~1`` and the initial slash must include a forward slash. For example, the path value ``/resource/subresource`` must be encoded as ``/~1resource~1subresource``. To specify the root path, use only a slash (``/``). */ resourcePath?: pulumi.Input; /** * Specifies the throttling burst limit. */ throttlingBurstLimit?: pulumi.Input; /** * Specifies the throttling rate limit. */ throttlingRateLimit?: pulumi.Input; } /** * ``StageDescription`` is a property of the [AWS::ApiGateway::Deployment](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-deployment.html) resource that configures a deployment stage. */ interface DeploymentStageDescriptionArgs { /** * Specifies settings for logging access in this stage. */ accessLogSetting?: pulumi.Input; /** * Specifies whether a cache cluster is enabled for the stage. To activate a method-level cache, set `CachingEnabled` to `true` for a method. */ cacheClusterEnabled?: pulumi.Input; /** * The size of the stage's cache cluster. For more information, see [cacheClusterSize](https://docs.aws.amazon.com/apigateway/latest/api/API_CreateStage.html#apigw-CreateStage-request-cacheClusterSize) in the *API Gateway API Reference*. */ cacheClusterSize?: pulumi.Input; /** * Indicates whether the cached responses are encrypted. */ cacheDataEncrypted?: pulumi.Input; /** * The time-to-live (TTL) period, in seconds, that specifies how long API Gateway caches responses. */ cacheTtlInSeconds?: pulumi.Input; /** * Indicates whether responses are cached and returned for requests. You must enable a cache cluster on the stage to cache responses. For more information, see [Enable API Gateway Caching in a Stage to Enhance API Performance](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-caching.html) in the *API Gateway Developer Guide*. */ cachingEnabled?: pulumi.Input; /** * Specifies settings for the canary deployment in this stage. */ canarySetting?: pulumi.Input; /** * The identifier of the client certificate that API Gateway uses to call your integration endpoints in the stage. */ clientCertificateId?: pulumi.Input; /** * Indicates whether data trace logging is enabled for methods in the stage. API Gateway pushes these logs to Amazon CloudWatch Logs. */ dataTraceEnabled?: pulumi.Input; /** * A description of the purpose of the stage. */ description?: pulumi.Input; /** * The version identifier of the API documentation snapshot. */ documentationVersion?: pulumi.Input; /** * The logging level for this method. For valid values, see the ``loggingLevel`` property of the [MethodSetting](https://docs.aws.amazon.com/apigateway/latest/api/API_MethodSetting.html) resource in the *Amazon API Gateway API Reference*. */ loggingLevel?: pulumi.Input; /** * Configures settings for all of the stage's methods. */ methodSettings?: pulumi.Input[]>; /** * Indicates whether Amazon CloudWatch metrics are enabled for methods in the stage. */ metricsEnabled?: pulumi.Input; /** * An array of arbitrary tags (key-value pairs) to associate with the stage. */ tags?: pulumi.Input[]>; /** * The target request burst rate limit. This allows more requests through for a period of time than the target rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*. */ throttlingBurstLimit?: pulumi.Input; /** * The target request steady-state rate limit. For more information, see [Manage API Request Throttling](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-request-throttling.html) in the *API Gateway Developer Guide*. */ throttlingRateLimit?: pulumi.Input; /** * Specifies whether active tracing with X-ray is enabled for this stage. * For more information, see [Trace API Gateway API Execution with X-Ray](https://docs.aws.amazon.com/apigateway/latest/developerguide/apigateway-xray.html) in the *API Gateway Developer Guide*. */ tracingEnabled?: pulumi.Input; /** * A map that defines the stage variables. Variable names must consist of alphanumeric characters, and the values must match the following regular expression: ``[A-Za-z0-9-._~:/?#&=,]+``. */ variables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * An array of key-value pairs to apply to this resource. * For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). */ interface DeploymentTagArgs { /** * A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources. */ key: pulumi.Input; /** * The value for the specified tag key. */ value: pulumi.Input; } /** * The ``Location`` property specifies the location of the Amazon API Gateway API entity that the documentation applies to. ``Location`` is a property of the [AWS::ApiGateway::DocumentationPart](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-documentationpart.html) resource. * For more information about each property, including constraints and valid values, see [DocumentationPart](https://docs.aws.amazon.com/apigateway/latest/api/API_DocumentationPartLocation.html) in the *Amazon API Gateway REST API Reference*. */ interface DocumentationPartLocationArgs { /** * The HTTP verb of a method. It is a valid field for the API entity types of `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `*` for any method. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other `location` attributes, the child entity's `method` attribute must match that of the parent entity exactly. */ method?: pulumi.Input; /** * The name of the targeted API entity. It is a valid and required field for the API entity types of `AUTHORIZER` , `MODEL` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` and `RESPONSE_HEADER` . It is an invalid field for any other entity type. */ name?: pulumi.Input; /** * The URL path of the target. It is a valid field for the API entity types of `RESOURCE` , `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `/` for the root resource. When an applicable child entity inherits the content of another entity of the same type with more general specifications of the other `location` attributes, the child entity's `path` attribute must match that of the parent entity as a prefix. */ path?: pulumi.Input; /** * The HTTP status code of a response. It is a valid field for the API entity types of `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . The default value is `*` for any status code. When an applicable child entity inherits the content of an entity of the same type with more general specifications of the other `location` attributes, the child entity's `statusCode` attribute must match that of the parent entity exactly. */ statusCode?: pulumi.Input; /** * The type of API entity to which the documentation content applies. Valid values are `API` , `AUTHORIZER` , `MODEL` , `RESOURCE` , `METHOD` , `PATH_PARAMETER` , `QUERY_PARAMETER` , `REQUEST_HEADER` , `REQUEST_BODY` , `RESPONSE` , `RESPONSE_HEADER` , and `RESPONSE_BODY` . Content inheritance does not apply to any entity of the `API` , `AUTHORIZER` , `METHOD` , `MODEL` , `REQUEST_BODY` , or `RESOURCE` type. */ type?: pulumi.Input; } /** * The ``EndpointConfiguration`` property type specifies the endpoint types and IP address types of an Amazon API Gateway domain name. * ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::DomainName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-domainname.html) resource. */ interface DomainNameEndpointConfigurationArgs { /** * The IP address types that can invoke this DomainName. Use `ipv4` to allow only IPv4 addresses to invoke this DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke this DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported. */ ipAddressType?: pulumi.Input; /** * A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `"EDGE"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` . */ types?: pulumi.Input[]>; } interface DomainNameMutualTlsAuthenticationArgs { /** * An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example `s3://bucket-name/key-name` . The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object. */ truststoreUri?: pulumi.Input; /** * The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } interface DomainNameV2EndpointConfigurationArgs { /** * The IP address types that can invoke an API (RestApi) or a DomainName. Use `ipv4` to allow only IPv4 addresses to invoke an API or DomainName, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API or a DomainName. For the `PRIVATE` endpoint type, only `dualstack` is supported. */ ipAddressType?: pulumi.Input; /** * A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `"EDGE"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` . */ types?: pulumi.Input[]>; } /** * ``Integration`` is a property of the [AWS::ApiGateway::Method](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-method.html) resource that specifies information about the target backend that a method calls. */ interface MethodIntegrationArgs { /** * A list of request parameters whose values API Gateway caches. To be valid values for `cacheKeyParameters` , these parameters must also be specified for Method `requestParameters` . */ cacheKeyParameters?: pulumi.Input[]>; /** * Specifies a group of related cached parameters. By default, API Gateway uses the resource ID as the `cacheNamespace` . You can specify the same `cacheNamespace` across resources to return the same cached data for requests to different resources. */ cacheNamespace?: pulumi.Input; /** * The ID of the VpcLink used for the integration when `connectionType=VPC_LINK` and undefined, otherwise. */ connectionId?: pulumi.Input; /** * The type of the network connection to the integration endpoint. The valid value is `INTERNET` for connections through the public routable internet or `VPC_LINK` for private connections between API Gateway and a network load balancer in a VPC. The default value is `INTERNET` . */ connectionType?: pulumi.Input; /** * Specifies how to handle request payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors: * * If this property is not defined, the request payload will be passed through from the method request to integration request without modification, provided that the `passthroughBehavior` is configured to support payload pass-through. */ contentHandling?: pulumi.Input; /** * Specifies the credentials required for the integration, if any. For AWS integrations, three options are available. To specify an IAM Role for API Gateway to assume, use the role's Amazon Resource Name (ARN). To require that the caller's identity be passed through from the request, specify the string `arn:aws:iam::\*:user/\*` . To use resource-based permissions on supported AWS services, specify null. */ credentials?: pulumi.Input; /** * Specifies the integration's HTTP method type. For the Type property, if you specify `MOCK` , this property is optional. For Lambda integrations, you must set the integration method to `POST` . For all other types, you must specify this property. */ integrationHttpMethod?: pulumi.Input; /** * Specifies the integration's responses. */ integrationResponses?: pulumi.Input[]>; /** * The ALB or NLB listener to send the request to. Only supported for private integrations that use VPC links V2. */ integrationTarget?: pulumi.Input; /** * Specifies how the method request body of an unmapped content type will be passed through the integration request to the back end without transformation. A content type is unmapped if no mapping template is defined in the integration or the content type does not match any of the mapped content types, as specified in `requestTemplates` . The valid value is one of the following: `WHEN_NO_MATCH` : passes the method request body through the integration request to the back end without transformation when the method request content type does not match any content type associated with the mapping templates defined in the integration request. `WHEN_NO_TEMPLATES` : passes the method request body through the integration request to the back end without transformation when no mapping template is defined in the integration request. If a template is defined when this option is selected, the method request of an unmapped content-type will be rejected with an HTTP 415 Unsupported Media Type response. `NEVER` : rejects the method request with an HTTP 415 Unsupported Media Type response when either the method request content type does not match any content type associated with the mapping templates defined in the integration request or no mapping template is defined in the integration request. */ passthroughBehavior?: pulumi.Input; /** * A key-value map specifying request parameters that are passed from the method request to the back end. The key is an integration request parameter name and the associated value is a method request parameter value or static value that must be enclosed within single quotes and pre-encoded as required by the back end. The method request parameter value must match the pattern of `method.request.{location}.{name}` , where `location` is `querystring` , `path` , or `header` and `name` must be a valid and unique method request parameter name. */ requestParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Represents a map of Velocity templates that are applied on the request payload based on the value of the Content-Type header sent by the client. The content type value is the key in this map, and the template (as a String) is the value. */ requestTemplates?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The response transfer mode of the integration. Use `STREAM` to have API Gateway stream response your back to you or use `BUFFERED` to have API Gateway wait to receive the complete response before beginning transmission. */ responseTransferMode?: pulumi.Input; /** * Custom timeout between 50 and 29,000 milliseconds. The default value is 29,000 milliseconds or 29 seconds. You can increase the default value to longer than 29 seconds for Regional or private APIs only. */ timeoutInMillis?: pulumi.Input; /** * Specifies an API method integration type. The valid value is one of the following: * * For the HTTP and HTTP proxy integrations, each integration can specify a protocol ( `http/https` ), port and path. Standard 80 and 443 ports are supported as well as custom ports above 1024. An HTTP or HTTP proxy integration with a `connectionType` of `VPC_LINK` is referred to as a private integration and uses a VpcLink to connect API Gateway to a network load balancer of a VPC. */ type: pulumi.Input; /** * Specifies Uniform Resource Identifier (URI) of the integration endpoint. * * For `HTTP` or `HTTP_PROXY` integrations, the URI must be a fully formed, encoded HTTP(S) URL according to the RFC-3986 specification for standard integrations. If `connectionType` is `VPC_LINK` specify the Network Load Balancer DNS name. For `AWS` or `AWS_PROXY` integrations, the URI is of the form `arn:aws:apigateway:{region}:{subdomain.service|service}:path|action/{service_api}` . Here, {Region} is the API Gateway region (e.g., us-east-1); {service} is the name of the integrated AWS service (e.g., s3); and {subdomain} is a designated subdomain supported by certain AWS service for fast host-name lookup. action can be used for an AWS service action-based API, using an Action={name}&{p1}={v1}&p2={v2}... query string. The ensuing {service_api} refers to a supported action {name} plus any required input parameters. Alternatively, path can be used for an AWS service path-based API. The ensuing service_api refers to the path to an AWS service resource, including the region of the integrated AWS service, if applicable. For example, for integration with the S3 API of GetObject, the uri can be either `arn:aws:apigateway:us-west-2:s3:action/GetObject&Bucket={bucket}&Key={key}` or `arn:aws:apigateway:us-west-2:s3:path/{bucket}/{key}` */ uri?: pulumi.Input; } /** * ``IntegrationResponse`` is a property of the [Amazon API Gateway Method Integration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-apitgateway-method-integration.html) property type that specifies the response that API Gateway sends after a method's backend finishes processing a request. */ interface MethodIntegrationResponseArgs { /** * Specifies how to handle response payload content type conversions. Supported values are `CONVERT_TO_BINARY` and `CONVERT_TO_TEXT` , with the following behaviors: * * If this property is not defined, the response payload will be passed through from the integration response to the method response without modification. */ contentHandling?: pulumi.Input; /** * A key-value map specifying response parameters that are passed to the method response from the back end. The key is a method response header parameter name and the mapped value is an integration response header value, a static value enclosed within a pair of single quotes, or a JSON expression from the integration response body. The mapping key must match the pattern of `method.response.header.{name}` , where `name` is a valid and unique header name. The mapped non-static value must match the pattern of `integration.response.header.{name}` or `integration.response.body.{JSON-expression}` , where `name` is a valid and unique response header name and `JSON-expression` is a valid JSON expression without the `$` prefix. */ responseParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Specifies the templates used to transform the integration response body. Response templates are represented as a key/value map, with a content-type as the key and a template as the value. */ responseTemplates?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Specifies the regular expression (regex) pattern used to choose an integration response based on the response from the back end. For example, if the success response returns nothing and the error response returns some string, you could use the `.+` regex to match error response. However, make sure that the error response does not contain any newline ( `\n` ) character in such cases. If the back end is an AWS Lambda function, the AWS Lambda function error header is matched. For all other HTTP and AWS back ends, the HTTP status code is matched. */ selectionPattern?: pulumi.Input; /** * Specifies the status code that is used to map the integration response to an existing MethodResponse. */ statusCode: pulumi.Input; } interface MethodResponseArgs { /** * Specifies the Model resources used for the response's content-type. Response models are represented as a key/value map, with a content-type as the key and a Model name as the value. */ responseModels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A key-value map specifying required or optional response parameters that API Gateway can send back to the caller. A key defines a method response header and the value specifies whether the associated method response header is required or not. The expression of the key must match the pattern `method.response.header.{name}` , where `name` is a valid and unique header name. API Gateway passes certain integration response data to the method response headers specified here according to the mapping you prescribe in the API's IntegrationResponse. The integration response data that can be mapped include an integration response header expressed in `integration.response.header.{name}` , a static value enclosed within a pair of single quotes (e.g., `'application/json'` ), or a JSON expression from the back-end response payload in the form of `integration.response.body.{JSON-expression}` , where `JSON-expression` is a valid JSON expression without the `$` prefix.) */ responseParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The method response's status code. */ statusCode: pulumi.Input; } /** * The ``EndpointConfiguration`` property type specifies the endpoint types and IP address types of a REST API. * ``EndpointConfiguration`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource. */ interface RestApiEndpointConfigurationArgs { /** * The IP address types that can invoke an API (RestApi). Use `ipv4` to allow only IPv4 addresses to invoke an API, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke an API. For the `PRIVATE` endpoint type, only `dualstack` is supported. */ ipAddressType?: pulumi.Input; /** * A list of endpoint types of an API (RestApi) or its custom domain name (DomainName). For an edge-optimized API and its custom domain name, the endpoint type is `"EDGE"` . For a regional API and its custom domain name, the endpoint type is `REGIONAL` . For a private API, the endpoint type is `PRIVATE` . */ types?: pulumi.Input[]>; /** * A list of VpcEndpointIds of an API (RestApi) against which to create Route53 ALIASes. It is only supported for `PRIVATE` endpoint type. */ vpcEndpointIds?: pulumi.Input[]>; } /** * ``S3Location`` is a property of the [AWS::ApiGateway::RestApi](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-restapi.html) resource that specifies the Amazon S3 location of a OpenAPI (formerly Swagger) file that defines a set of RESTful APIs in JSON or YAML. * On January 1, 2016, the Swagger Specification was donated to the [OpenAPI initiative](https://docs.aws.amazon.com/https://www.openapis.org/), becoming the foundation of the OpenAPI Specification. */ interface RestApiS3LocationArgs { /** * The name of the S3 bucket where the OpenAPI file is stored. */ bucket?: pulumi.Input; /** * The Amazon S3 ETag (a file checksum) of the OpenAPI file. If you don't specify a value, API Gateway skips ETag validation of your OpenAPI file. */ eTag?: pulumi.Input; /** * The file name of the OpenAPI file (Amazon S3 object name). */ key?: pulumi.Input; /** * For versioning-enabled buckets, a specific version of the OpenAPI file. */ version?: pulumi.Input; } /** * The ``AccessLogSetting`` property type specifies settings for logging access in this stage. * ``AccessLogSetting`` is a property of the [AWS::ApiGateway::Stage](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-stage.html) resource. */ interface StageAccessLogSettingArgs { /** * The Amazon Resource Name (ARN) of the CloudWatch Logs log group or Kinesis Data Firehose delivery stream to receive access logs. If you specify a Kinesis Data Firehose delivery stream, the stream name must begin with ``amazon-apigateway-``. This parameter is required to enable access logging. */ destinationArn?: pulumi.Input; /** * A single line format of the access logs of data, as specified by selected [$context variables](https://docs.aws.amazon.com/apigateway/latest/developerguide/api-gateway-mapping-template-reference.html#context-variable-reference). The format must include at least ``$context.requestId``. This parameter is required to enable access logging. */ format?: pulumi.Input; } interface StageCanarySettingArgs { /** * The ID of the canary deployment. */ deploymentId?: pulumi.Input; /** * The percent (0-100) of traffic diverted to a canary deployment. */ percentTraffic?: pulumi.Input; /** * Stage variables overridden for a canary release deployment, including new stage variables introduced in the canary. These stage variables are represented as a string-to-string map between stage variable names and their values. */ stageVariableOverrides?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A Boolean flag to indicate whether the canary deployment uses the stage cache or not. */ useStageCache?: pulumi.Input; } /** * The ``MethodSetting`` property type configures settings for all methods in a stage. * The ``MethodSettings`` property of the ``AWS::ApiGateway::Stage`` resource contains a list of ``MethodSetting`` property types. */ interface StageMethodSettingArgs { /** * Specifies whether the cached responses are encrypted. */ cacheDataEncrypted?: pulumi.Input; /** * Specifies the time to live (TTL), in seconds, for cached responses. The higher the TTL, the longer the response will be cached. */ cacheTtlInSeconds?: pulumi.Input; /** * Specifies whether responses should be cached and returned for requests. A cache cluster must be enabled on the stage for responses to be cached. */ cachingEnabled?: pulumi.Input; /** * Specifies whether data trace logging is enabled for this method, which affects the log entries pushed to Amazon CloudWatch Logs. This can be useful to troubleshoot APIs, but can result in logging sensitive data. We recommend that you don't enable this option for production APIs. */ dataTraceEnabled?: pulumi.Input; /** * The HTTP method. To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a ``MethodSetting``. */ httpMethod?: pulumi.Input; /** * Specifies the logging level for this method, which affects the log entries pushed to Amazon CloudWatch Logs. Valid values are `OFF` , `ERROR` , and `INFO` . Choose `ERROR` to write only error-level entries to CloudWatch Logs, or choose `INFO` to include all `ERROR` events as well as extra informational events. */ loggingLevel?: pulumi.Input; /** * Specifies whether Amazon CloudWatch metrics are enabled for this method. */ metricsEnabled?: pulumi.Input; /** * The resource path for this method. Forward slashes (``/``) are encoded as ``~1`` and the initial slash must include a forward slash. For example, the path value ``/resource/subresource`` must be encoded as ``/~1resource~1subresource``. To specify the root path, use only a slash (``/``). To apply settings to multiple resources and methods, specify an asterisk (``*``) for the ``HttpMethod`` and ``/*`` for the ``ResourcePath``. This parameter is required when you specify a ``MethodSetting``. */ resourcePath?: pulumi.Input; /** * Specifies the throttling burst limit. */ throttlingBurstLimit?: pulumi.Input; /** * Specifies the throttling rate limit. */ throttlingRateLimit?: pulumi.Input; } interface UsagePlanApiStageArgs { /** * API Id of the associated API stage in a usage plan. */ apiId?: pulumi.Input; /** * API stage name of the associated API stage in a usage plan. */ stage?: pulumi.Input; /** * Map containing method level throttling information for API stage in a usage plan. */ throttle?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * ``QuotaSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies a target for the maximum number of requests users can make to your REST APIs. * In some cases clients can exceed the targets that you set. Don’t rely on usage plans to control costs. Consider using [](https://docs.aws.amazon.com/cost-management/latest/userguide/budgets-managing-costs.html) to monitor costs and [](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) to manage API requests. */ interface UsagePlanQuotaSettingsArgs { /** * The target maximum number of requests that can be made in a given time period. */ limit?: pulumi.Input; /** * The number of requests subtracted from the given limit in the initial time period. */ offset?: pulumi.Input; /** * The time period in which the limit applies. Valid values are "DAY", "WEEK" or "MONTH". */ period?: pulumi.Input; } /** * ``ThrottleSettings`` is a property of the [AWS::ApiGateway::UsagePlan](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigateway-usageplan.html) resource that specifies the overall request rate (average requests per second) and burst capacity when users call your REST APIs. */ interface UsagePlanThrottleSettingsArgs { burstLimit?: pulumi.Input; rateLimit?: pulumi.Input; } } export declare namespace apigatewayv2 { /** * The ``BodyS3Location`` property specifies an S3 location from which to import an OpenAPI definition. Supported only for HTTP APIs. */ interface ApiBodyS3LocationArgs { /** * The S3 bucket that contains the OpenAPI definition to import. Required if you specify a ``BodyS3Location`` for an API. */ bucket?: pulumi.Input; /** * The Etag of the S3 object. */ etag?: pulumi.Input; /** * The key of the S3 object. Required if you specify a ``BodyS3Location`` for an API. */ key?: pulumi.Input; /** * The version of the S3 object. */ version?: pulumi.Input; } /** * The ``Cors`` property specifies a CORS configuration for an API. Supported only for HTTP APIs. See [Configuring CORS](https://docs.aws.amazon.com/apigateway/latest/developerguide/http-api-cors.html) for more information. */ interface ApiCorsArgs { /** * Specifies whether credentials are included in the CORS request. Supported only for HTTP APIs. */ allowCredentials?: pulumi.Input; /** * Represents a collection of allowed headers. Supported only for HTTP APIs. */ allowHeaders?: pulumi.Input[]>; /** * Represents a collection of allowed HTTP methods. Supported only for HTTP APIs. */ allowMethods?: pulumi.Input[]>; /** * Represents a collection of allowed origins. Supported only for HTTP APIs. */ allowOrigins?: pulumi.Input[]>; /** * Represents a collection of exposed headers. Supported only for HTTP APIs. */ exposeHeaders?: pulumi.Input[]>; /** * The number of seconds that the browser should cache preflight request results. Supported only for HTTP APIs. */ maxAge?: pulumi.Input; } /** * The ``JWTConfiguration`` property specifies the configuration of a JWT authorizer. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. */ interface AuthorizerJwtConfigurationArgs { /** * A list of the intended recipients of the JWT. A valid JWT must provide an ``aud`` that matches at least one entry in this list. See [RFC 7519](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc7519#section-4.1.3). Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. */ audience?: pulumi.Input[]>; /** * The base domain of the identity provider that issues JSON Web Tokens. For example, an Amazon Cognito user pool has the following format: ``https://cognito-idp.{region}.amazonaws.com/{userPoolId}``. Required for the ``JWT`` authorizer type. Supported only for HTTP APIs. */ issuer?: pulumi.Input; } /** * The ``DomainNameConfiguration`` property type specifies the configuration for an API's domain name. * ``DomainNameConfiguration`` is a property of the [AWS::ApiGatewayV2::DomainName](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-apigatewayv2-domainname.html) resource. */ interface DomainNameConfigurationArgs { /** * An AWS-managed certificate that will be used by the edge-optimized endpoint for this domain name. AWS Certificate Manager is the only supported source. */ certificateArn?: pulumi.Input; /** * The user-friendly name of the certificate that will be used by the edge-optimized endpoint for this domain name. */ certificateName?: pulumi.Input; /** * The endpoint type. */ endpointType?: pulumi.Input; /** * The IP address types that can invoke the domain name. Use `ipv4` to allow only IPv4 addresses to invoke your domain name, or use `dualstack` to allow both IPv4 and IPv6 addresses to invoke your domain name. */ ipAddressType?: pulumi.Input; /** * The Amazon resource name (ARN) for the public certificate issued by ACMlong. This ARN is used to validate custom domain ownership. It's required only if you configure mutual TLS and use either an ACM-imported or a private CA certificate ARN as the regionalCertificateArn. */ ownershipVerificationCertificateArn?: pulumi.Input; /** * The Transport Layer Security (TLS) version of the security policy for this domain name. The valid values are ``TLS_1_0`` and ``TLS_1_2``. */ securityPolicy?: pulumi.Input; } /** * If specified, API Gateway performs two-way authentication between the client and the server. Clients must present a trusted certificate to access your API. */ interface DomainNameMutualTlsAuthenticationArgs { /** * An Amazon S3 URL that specifies the truststore for mutual TLS authentication, for example, ``s3://bucket-name/key-name``. The truststore can contain certificates from public or private certificate authorities. To update the truststore, upload a new version to S3, and then update your custom domain name to use the new version. To update the truststore, you must have permissions to access the S3 object. */ truststoreUri?: pulumi.Input; /** * The version of the S3 object that contains your truststore. To specify a version, you must have versioning enabled for the S3 bucket. */ truststoreVersion?: pulumi.Input; } /** * response parameter */ interface IntegrationResponseParameterArgs { destination?: pulumi.Input; source?: pulumi.Input; } /** * map of response parameter lists */ interface IntegrationResponseParameterMapArgs { responseParameters?: pulumi.Input[]>; } /** * The TlsConfig property specifies the TLS configuration for a private integration. Supported only for HTTP APIs. */ interface IntegrationTlsConfigArgs { /** * If you specify a server name, API Gateway uses it to verify the hostname on the integration's certificate. The server name is also included in the TLS handshake to support Server Name Indication (SNI) or virtual hosting. */ serverNameToVerify?: pulumi.Input; } interface RouteParameterConstraintsArgs { required: pulumi.Input; } /** * Specifies whether the parameter is required. */ interface RouteResponseParameterConstraintsArgs { /** * Specifies whether the parameter is required. */ required: pulumi.Input; } interface RoutingRuleActionArgs { /** * Represents an InvokeApi action. */ invokeApi: pulumi.Input; } interface RoutingRuleActionInvokeApiArgs { /** * The API identifier of the target API. */ apiId: pulumi.Input; /** * The name of the target stage. */ stage: pulumi.Input; /** * The strip base path setting. When true, API Gateway strips the incoming matched base path when forwarding the request to the target API. */ stripBasePath?: pulumi.Input; } interface RoutingRuleConditionArgs { /** * The base path to be matched. */ matchBasePaths?: pulumi.Input; /** * The headers to be matched. */ matchHeaders?: pulumi.Input; } interface RoutingRuleMatchBasePathsArgs { /** * The string of the case sensitive base path to be matched. */ anyOf: pulumi.Input[]>; } interface RoutingRuleMatchHeaderValueArgs { /** * The case insensitive header name to be matched. The header name must be less than 40 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~.` . */ header: pulumi.Input; /** * The case sensitive header glob value to be matched against entire header value. The header glob value must be less than 128 characters and the only allowed characters are `a-z` , `A-Z` , `0-9` , and the following special characters: `*?-!#$%&'.^_`|~` . Wildcard matching is supported for header glob values but must be for `*prefix-match` , `suffix-match*` , or `*infix*-match` . */ valueGlob: pulumi.Input; } interface RoutingRuleMatchHeadersArgs { /** * The header name and header value glob to be matched. The matchHeaders condition is matched if any of the header name and header value globs are matched. */ anyOf: pulumi.Input[]>; } interface StageAccessLogSettingsArgs { /** * The ARN of the CloudWatch Logs log group to receive access logs. This parameter is required to enable access logging. */ destinationArn?: pulumi.Input; /** * A single line format of the access logs of data, as specified by selected $context variables. The format must include at least $context.requestId. This parameter is required to enable access logging. */ format?: pulumi.Input; } interface StageRouteSettingsArgs { /** * Specifies whether ( `true` ) or not ( `false` ) data trace logging is enabled for this route. This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs. */ dataTraceEnabled?: pulumi.Input; /** * Specifies whether detailed metrics are enabled. */ detailedMetricsEnabled?: pulumi.Input; /** * Specifies the logging level for this route: `INFO` , `ERROR` , or `OFF` . This property affects the log entries pushed to Amazon CloudWatch Logs. Supported only for WebSocket APIs. */ loggingLevel?: pulumi.Input; /** * Specifies the throttling burst limit. */ throttlingBurstLimit?: pulumi.Input; /** * Specifies the throttling rate limit. */ throttlingRateLimit?: pulumi.Input; } } export declare namespace appconfig { /** * A list of methods for validating the configuration. */ interface ConfigurationProfileValidatorsArgs { /** * Either the JSON Schema content or the Amazon Resource Name (ARN) of an Lambda function. */ content?: pulumi.Input; /** * AWS AppConfig supports validators of type JSON_SCHEMA and LAMBDA. */ type?: pulumi.Input; } interface DeploymentDynamicExtensionParametersArgs { /** * The ARN or ID of the extension for which you are inserting a dynamic parameter. */ extensionReference?: pulumi.Input; /** * The parameter name. */ parameterName?: pulumi.Input; /** * The parameter value. */ parameterValue?: pulumi.Input; } /** * Amazon CloudWatch alarm to monitor during the deployment process. */ interface EnvironmentMonitorArgs { /** * Amazon Resource Name (ARN) of the Amazon CloudWatch alarm. */ alarmArn: pulumi.Input; /** * ARN of an AWS Identity and Access Management (IAM) role for AWS AppConfig to monitor AlarmArn. */ alarmRoleArn?: pulumi.Input; } /** * An action for an extension to take at a specific action point. */ interface ExtensionActionArgs { /** * The description of the extension Action. */ description?: pulumi.Input; /** * The name of the extension action. */ name: pulumi.Input; /** * The ARN of the role for invoking the extension action. */ roleArn?: pulumi.Input; /** * The URI of the extension action. */ uri: pulumi.Input; } /** * A parameter for the extension to send to a specific action. */ interface ExtensionParameterArgs { /** * The description of the extension Parameter. */ description?: pulumi.Input; dynamic?: pulumi.Input; required: pulumi.Input; } } export declare namespace appflow { /** * Contains information about the configuration of the lambda which is being registered as the connector. */ interface ConnectorLambdaConnectorProvisioningConfigArgs { /** * Lambda ARN of the connector being registered. */ lambdaArn: pulumi.Input; } interface ConnectorProfileAmplitudeConnectorProfileCredentialsArgs { /** * A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; /** * The Secret Access Key portion of the credentials. */ secretKey: pulumi.Input; } interface ConnectorProfileApiKeyCredentialsArgs { /** * The API key required for API key authentication. */ apiKey: pulumi.Input; /** * The API secret key required for API key authentication. */ apiSecretKey?: pulumi.Input; } interface ConnectorProfileBasicAuthCredentialsArgs { /** * The password to use to connect to a resource. */ password: pulumi.Input; /** * The username to use to connect to a resource. */ username: pulumi.Input; } /** * Connector specific configurations needed to create connector profile */ interface ConnectorProfileConfigArgs { /** * The connector-specific credentials required by each connector. */ connectorProfileCredentials?: pulumi.Input; /** * The connector-specific properties of the profile configuration. */ connectorProfileProperties?: pulumi.Input; } interface ConnectorProfileConnectorOAuthRequestArgs { /** * The code provided by the connector when it has been authenticated via the connected app. */ authCode?: pulumi.Input; /** * The URL to which the authentication server redirects the browser after authorization has been * granted. */ redirectUri?: pulumi.Input; } /** * Connector specific configuration needed to create connector profile based on Authentication mechanism */ interface ConnectorProfileCredentialsArgs { /** * The connector-specific credentials required when using Amplitude. */ amplitude?: pulumi.Input; /** * The connector-specific profile credentials that are required when using the custom connector. */ customConnector?: pulumi.Input; /** * The connector-specific credentials required when using Datadog. */ datadog?: pulumi.Input; /** * The connector-specific credentials required when using Dynatrace. */ dynatrace?: pulumi.Input; /** * The connector-specific credentials required when using Google Analytics. */ googleAnalytics?: pulumi.Input; /** * The connector-specific credentials required when using Infor Nexus. */ inforNexus?: pulumi.Input; /** * The connector-specific credentials required when using Marketo. */ marketo?: pulumi.Input; /** * The connector-specific credentials required when using Salesforce Pardot. */ pardot?: pulumi.Input; /** * The connector-specific credentials required when using Amazon Redshift. */ redshift?: pulumi.Input; /** * The connector-specific credentials required when using Salesforce. */ salesforce?: pulumi.Input; /** * The connector-specific profile credentials required when using SAPOData. */ sapoData?: pulumi.Input; /** * The connector-specific credentials required when using ServiceNow. */ serviceNow?: pulumi.Input; /** * The connector-specific credentials required when using Singular. */ singular?: pulumi.Input; /** * The connector-specific credentials required when using Slack. */ slack?: pulumi.Input; /** * The connector-specific credentials required when using Snowflake. */ snowflake?: pulumi.Input; /** * The connector-specific credentials required when using Trend Micro. */ trendmicro?: pulumi.Input; /** * The connector-specific credentials required when using Veeva. */ veeva?: pulumi.Input; /** * The connector-specific credentials required when using Zendesk. */ zendesk?: pulumi.Input; } interface ConnectorProfileCustomAuthCredentialsArgs { /** * A map that holds custom authentication credentials. */ credentialsMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The custom authentication type that the connector uses. */ customAuthenticationType: pulumi.Input; } interface ConnectorProfileCustomConnectorProfileCredentialsArgs { /** * The API keys required for the authentication of the user. */ apiKey?: pulumi.Input; /** * The authentication type that the custom connector uses for authenticating while creating a connector profile. */ authenticationType: pulumi.Input; /** * The basic credentials that are required for the authentication of the user. */ basic?: pulumi.Input; /** * If the connector uses the custom authentication mechanism, this holds the required credentials. */ custom?: pulumi.Input; /** * The OAuth 2.0 credentials required for the authentication of the user. */ oauth2?: pulumi.Input; } interface ConnectorProfileCustomConnectorProfilePropertiesArgs { /** * The OAuth 2.0 properties required for OAuth 2.0 authentication. */ oAuth2Properties?: pulumi.Input; /** * A map of properties that are required to create a profile for the custom connector. */ profileProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface ConnectorProfileDatadogConnectorProfileCredentialsArgs { /** * A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; /** * Application keys, in conjunction with your API key, give you full access to Datadog’s programmatic API. Application keys are associated with the user account that created them. The application key is used to log all requests made to the API. */ applicationKey: pulumi.Input; } interface ConnectorProfileDatadogConnectorProfilePropertiesArgs { /** * The location of the Datadog resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileDynatraceConnectorProfileCredentialsArgs { /** * The API tokens used by Dynatrace API to authenticate various API calls. */ apiToken: pulumi.Input; } interface ConnectorProfileDynatraceConnectorProfilePropertiesArgs { /** * The location of the Dynatrace resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileGoogleAnalyticsConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the oauth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; /** * The credentials used to acquire new access tokens. */ refreshToken?: pulumi.Input; } interface ConnectorProfileInforNexusConnectorProfileCredentialsArgs { /** * The Access Key portion of the credentials. */ accessKeyId: pulumi.Input; /** * The encryption keys used to encrypt data. */ datakey: pulumi.Input; /** * The secret key used to sign requests. */ secretAccessKey: pulumi.Input; /** * The identifier for the user. */ userId: pulumi.Input; } interface ConnectorProfileInforNexusConnectorProfilePropertiesArgs { /** * The location of the InforNexus resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileMarketoConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the oauth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; } interface ConnectorProfileMarketoConnectorProfilePropertiesArgs { /** * The location of the Marketo resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileOAuth2CredentialsArgs { /** * The access token used to access the connector on your behalf. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId?: pulumi.Input; /** * The client secret used by the OAuth client to authenticate to the authorization server. */ clientSecret?: pulumi.Input; oAuthRequest?: pulumi.Input; /** * The refresh token used to refresh an expired access token. */ refreshToken?: pulumi.Input; } interface ConnectorProfileOAuth2PropertiesArgs { /** * The OAuth 2.0 grant type used by connector for OAuth 2.0 authentication. */ oAuth2GrantType?: pulumi.Input; /** * The token URL required for OAuth 2.0 authentication. */ tokenUrl?: pulumi.Input; /** * Associates your token URL with a map of properties that you define. Use this parameter to provide any additional details that the connector requires to authenticate your request. */ tokenUrlCustomProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface ConnectorProfileOAuthPropertiesArgs { /** * The authorization code url required to redirect to SAP Login Page to fetch authorization code for OAuth type authentication. */ authCodeUrl?: pulumi.Input; /** * The OAuth scopes required for OAuth type authentication. */ oAuthScopes?: pulumi.Input[]>; /** * The token url required to fetch access/refresh tokens using authorization code and also to refresh expired access token using refresh token. */ tokenUrl?: pulumi.Input; } interface ConnectorProfilePardotConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The client credentials to fetch access token and refresh token. */ clientCredentialsArn?: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; /** * The credentials used to acquire new access tokens. */ refreshToken?: pulumi.Input; } interface ConnectorProfilePardotConnectorProfilePropertiesArgs { /** * The Business unit id of Salesforce Pardot instance to be connected */ businessUnitId: pulumi.Input; /** * The location of the Salesforce Pardot resource */ instanceUrl?: pulumi.Input; /** * Indicates whether the connector profile applies to a demo or production environment */ isSandboxEnvironment?: pulumi.Input; } /** * Connector specific properties needed to create connector profile - currently not needed for Amplitude, Trendmicro, Googleanalytics and Singular */ interface ConnectorProfilePropertiesArgs { /** * The properties required by the custom connector. */ customConnector?: pulumi.Input; /** * The connector-specific properties required by Datadog. */ datadog?: pulumi.Input; /** * The connector-specific properties required by Dynatrace. */ dynatrace?: pulumi.Input; /** * The connector-specific properties required by Infor Nexus. */ inforNexus?: pulumi.Input; /** * The connector-specific properties required by Marketo. */ marketo?: pulumi.Input; /** * The connector-specific properties required by Salesforce Pardot. */ pardot?: pulumi.Input; /** * The connector-specific properties required by Amazon Redshift. */ redshift?: pulumi.Input; /** * The connector-specific properties required by Salesforce. */ salesforce?: pulumi.Input; /** * The connector-specific profile properties required when using SAPOData. */ sapoData?: pulumi.Input; /** * The connector-specific properties required by serviceNow. */ serviceNow?: pulumi.Input; /** * The connector-specific properties required by Slack. */ slack?: pulumi.Input; /** * The connector-specific properties required by Snowflake. */ snowflake?: pulumi.Input; /** * The connector-specific properties required by Veeva. */ veeva?: pulumi.Input; /** * The connector-specific properties required by Zendesk. */ zendesk?: pulumi.Input; } interface ConnectorProfileRedshiftConnectorProfileCredentialsArgs { /** * The password that corresponds to the username. */ password?: pulumi.Input; /** * The name of the user. */ username?: pulumi.Input; } interface ConnectorProfileRedshiftConnectorProfilePropertiesArgs { /** * The name of the Amazon S3 bucket associated with Redshift. */ bucketName: pulumi.Input; /** * The object key for the destination bucket in which Amazon AppFlow will place the files. */ bucketPrefix?: pulumi.Input; /** * The unique identifier of the Amazon Redshift cluster. */ clusterIdentifier?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that grants Amazon AppFlow access to the data through the Amazon Redshift Data API. */ dataApiRoleArn?: pulumi.Input; /** * The name of the Amazon Redshift database that will store the transferred data. */ databaseName?: pulumi.Input; /** * The JDBC URL of the Amazon Redshift cluster. */ databaseUrl?: pulumi.Input; /** * If Amazon AppFlow will connect to Amazon Redshift Serverless or Amazon Redshift cluster. */ isRedshiftServerless?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role. */ roleArn: pulumi.Input; /** * The name of the Amazon Redshift serverless workgroup */ workgroupName?: pulumi.Input; } interface ConnectorProfileSalesforceConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The client credentials to fetch access token and refresh token. */ clientCredentialsArn?: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; /** * The credentials used to access your Salesforce records */ jwtToken?: pulumi.Input; /** * The grant types to fetch an access token */ oAuth2GrantType?: pulumi.Input; /** * The credentials used to acquire new access tokens. */ refreshToken?: pulumi.Input; } interface ConnectorProfileSalesforceConnectorProfilePropertiesArgs { /** * The location of the Salesforce resource */ instanceUrl?: pulumi.Input; /** * Indicates whether the connector profile applies to a sandbox or production environment */ isSandboxEnvironment?: pulumi.Input; /** * Indicates whether to make Metadata And Authorization calls over Pivate Network */ usePrivateLinkForMetadataAndAuthorization?: pulumi.Input; } interface ConnectorProfileSapoDataConnectorProfileCredentialsArgs { /** * The SAPOData basic authentication credentials. */ basicAuthCredentials?: pulumi.Input; /** * The SAPOData OAuth type authentication credentials. */ oAuthCredentials?: pulumi.Input; } /** * The SAPOData OAuth type authentication credentials. */ interface ConnectorProfileSapoDataConnectorProfileCredentialsOAuthCredentialsPropertiesArgs { accessToken?: pulumi.Input; clientId?: pulumi.Input; clientSecret?: pulumi.Input; connectorOAuthRequest?: pulumi.Input; refreshToken?: pulumi.Input; } interface ConnectorProfileSapoDataConnectorProfilePropertiesArgs { /** * The location of the SAPOData resource. */ applicationHostUrl?: pulumi.Input; /** * The application path to catalog service. */ applicationServicePath?: pulumi.Input; /** * The client number for the client creating the connection. */ clientNumber?: pulumi.Input; /** * If you set this parameter to true, Amazon AppFlow bypasses the single sign-on (SSO) settings in your SAP account when it accesses your SAP OData instance. */ disableSso?: pulumi.Input; /** * The logon language of SAPOData instance. */ logonLanguage?: pulumi.Input; /** * The SAPOData OAuth properties required for OAuth type authentication. */ oAuthProperties?: pulumi.Input; /** * The port number of the SAPOData instance. */ portNumber?: pulumi.Input; /** * The SAPOData Private Link service name to be used for private data transfers. */ privateLinkServiceName?: pulumi.Input; } interface ConnectorProfileServiceNowConnectorProfileCredentialsArgs { /** * The OAuth 2.0 credentials required to authenticate the user. */ oAuth2Credentials?: pulumi.Input; /** * The password that corresponds to the username. */ password?: pulumi.Input; /** * The name of the user. */ username?: pulumi.Input; } interface ConnectorProfileServiceNowConnectorProfilePropertiesArgs { /** * The location of the ServiceNow resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileSingularConnectorProfileCredentialsArgs { /** * A unique alphanumeric identifier used to authenticate a user, developer, or calling program to your API. */ apiKey: pulumi.Input; } interface ConnectorProfileSlackConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the oauth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; } interface ConnectorProfileSlackConnectorProfilePropertiesArgs { /** * The location of the Slack resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileSnowflakeConnectorProfileCredentialsArgs { /** * The password that corresponds to the username. */ password: pulumi.Input; /** * The name of the user. */ username: pulumi.Input; } interface ConnectorProfileSnowflakeConnectorProfilePropertiesArgs { /** * The name of the account. */ accountName?: pulumi.Input; /** * The name of the Amazon S3 bucket associated with Snowflake. */ bucketName: pulumi.Input; /** * The bucket prefix that refers to the Amazon S3 bucket associated with Snowflake. */ bucketPrefix?: pulumi.Input; /** * The Snowflake Private Link service name to be used for private data transfers. */ privateLinkServiceName?: pulumi.Input; /** * The region of the Snowflake account. */ region?: pulumi.Input; /** * The name of the Amazon S3 stage that was created while setting up an Amazon S3 stage in the * Snowflake account. This is written in the following format: < Database>< Schema>. */ stage: pulumi.Input; /** * The name of the Snowflake warehouse. */ warehouse: pulumi.Input; } interface ConnectorProfileTrendmicroConnectorProfileCredentialsArgs { /** * The Secret Access Key portion of the credentials. */ apiSecretKey: pulumi.Input; } interface ConnectorProfileVeevaConnectorProfileCredentialsArgs { /** * The password that corresponds to the username. */ password: pulumi.Input; /** * The name of the user. */ username: pulumi.Input; } interface ConnectorProfileVeevaConnectorProfilePropertiesArgs { /** * The location of the Veeva resource */ instanceUrl: pulumi.Input; } interface ConnectorProfileZendeskConnectorProfileCredentialsArgs { /** * The credentials used to access protected resources. */ accessToken?: pulumi.Input; /** * The identifier for the desired client. */ clientId: pulumi.Input; /** * The client secret used by the oauth client to authenticate to the authorization server. */ clientSecret: pulumi.Input; /** * The oauth needed to request security tokens from the connector endpoint. */ connectorOAuthRequest?: pulumi.Input; } interface ConnectorProfileZendeskConnectorProfilePropertiesArgs { /** * The location of the Zendesk resource */ instanceUrl: pulumi.Input; } /** * Contains information about the configuration of the connector being registered. */ interface ConnectorProvisioningConfigArgs { /** * Contains information about the configuration of the lambda which is being registered as the connector. */ lambda?: pulumi.Input; } interface FlowAggregationConfigArgs { /** * Specifies whether Amazon AppFlow aggregates the flow records into a single file, or leave them unaggregated. */ aggregationType?: pulumi.Input; /** * The desired file size, in MB, for each output file that Amazon AppFlow writes to the flow destination. For each file, Amazon AppFlow attempts to achieve the size that you specify. The actual file sizes might differ from this target based on the number and size of the records that each file contains. */ targetFileSize?: pulumi.Input; } interface FlowAmplitudeSourcePropertiesArgs { /** * The object specified in the Amplitude flow source. */ object: pulumi.Input; } /** * Operation to be performed on provided source fields */ interface FlowConnectorOperatorArgs { /** * The operation to be performed on the provided Amplitude source fields. */ amplitude?: pulumi.Input; /** * Operators supported by the custom connector. */ customConnector?: pulumi.Input; /** * The operation to be performed on the provided Datadog source fields. */ datadog?: pulumi.Input; /** * The operation to be performed on the provided Dynatrace source fields. */ dynatrace?: pulumi.Input; /** * The operation to be performed on the provided Google Analytics source fields. */ googleAnalytics?: pulumi.Input; /** * The operation to be performed on the provided Infor Nexus source fields. */ inforNexus?: pulumi.Input; /** * The operation to be performed on the provided Marketo source fields. */ marketo?: pulumi.Input; /** * The operation to be performed on the provided Salesforce Pardot source fields. */ pardot?: pulumi.Input; /** * The operation to be performed on the provided Amazon S3 source fields. */ s3?: pulumi.Input; /** * The operation to be performed on the provided Salesforce source fields. */ salesforce?: pulumi.Input; /** * The operation to be performed on the provided SAPOData source fields. */ sapoData?: pulumi.Input; /** * The operation to be performed on the provided ServiceNow source fields. */ serviceNow?: pulumi.Input; /** * The operation to be performed on the provided Singular source fields. */ singular?: pulumi.Input; /** * The operation to be performed on the provided Slack source fields. */ slack?: pulumi.Input; /** * The operation to be performed on the provided Trend Micro source fields. */ trendmicro?: pulumi.Input; /** * The operation to be performed on the provided Veeva source fields. */ veeva?: pulumi.Input; /** * The operation to be performed on the provided Zendesk source fields. */ zendesk?: pulumi.Input; } interface FlowCustomConnectorDestinationPropertiesArgs { /** * The custom properties that are specific to the connector when it's used as a destination in the flow. */ customProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The entity specified in the custom connector as a destination in the flow. */ entityName: pulumi.Input; /** * The settings that determine how Amazon AppFlow handles an error when placing data in the custom connector as destination. */ errorHandlingConfig?: pulumi.Input; /** * List of fields used as ID when performing a write operation. */ idFieldNames?: pulumi.Input[]>; /** * Specifies the type of write operation to be performed in the custom connector when it's used as destination. */ writeOperationType?: pulumi.Input; } interface FlowCustomConnectorSourcePropertiesArgs { /** * Custom properties that are required to use the custom connector as a source. */ customProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The API of the connector application that Amazon AppFlow uses to transfer your data. */ dataTransferApi?: pulumi.Input; /** * The entity specified in the custom connector as a source in the flow. */ entityName: pulumi.Input; } /** * The API of the connector application that Amazon AppFlow uses to transfer your data. */ interface FlowCustomConnectorSourcePropertiesDataTransferApiPropertiesArgs { name: pulumi.Input; type: pulumi.Input; } interface FlowDatadogSourcePropertiesArgs { /** * The object specified in the Datadog flow source. */ object: pulumi.Input; } /** * Destination connector details */ interface FlowDestinationConnectorPropertiesArgs { /** * The properties that are required to query the custom Connector. */ customConnector?: pulumi.Input; /** * The properties required to query Amazon EventBridge. */ eventBridge?: pulumi.Input; /** * The properties required to query Amazon Lookout for Metrics. */ lookoutMetrics?: pulumi.Input; /** * The properties required to query Marketo. */ marketo?: pulumi.Input; /** * The properties required to query Amazon Redshift. */ redshift?: pulumi.Input; /** * The properties required to query Amazon S3. */ s3?: pulumi.Input; /** * The properties required to query Salesforce. */ salesforce?: pulumi.Input; /** * The properties required to query SAPOData. */ sapoData?: pulumi.Input; /** * The properties required to query Snowflake. */ snowflake?: pulumi.Input; /** * The properties required to query Upsolver. */ upsolver?: pulumi.Input; /** * The properties required to query Zendesk. */ zendesk?: pulumi.Input; } /** * Configurations of destination connector. */ interface FlowDestinationFlowConfigArgs { /** * The API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of destination connector profile */ connectorProfileName?: pulumi.Input; /** * Destination connector type */ connectorType: pulumi.Input; /** * Destination connector details */ destinationConnectorProperties: pulumi.Input; } interface FlowDynatraceSourcePropertiesArgs { /** * The object specified in the Dynatrace flow source. */ object: pulumi.Input; } interface FlowErrorHandlingConfigArgs { /** * Specifies the name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * Specifies the Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; /** * Specifies if the flow should fail after the first instance of a failure when attempting to place data in the destination. */ failOnFirstError?: pulumi.Input; } interface FlowEventBridgeDestinationPropertiesArgs { /** * The object specified in the Amplitude flow source. */ errorHandlingConfig?: pulumi.Input; /** * The object specified in the Amazon EventBridge flow destination. */ object: pulumi.Input; } /** * Trigger settings of the flow. */ interface FlowGlueDataCatalogArgs { /** * A string containing the value for the tag */ databaseName: pulumi.Input; /** * A string containing the value for the tag */ roleArn: pulumi.Input; /** * A string containing the value for the tag */ tablePrefix: pulumi.Input; } interface FlowGoogleAnalyticsSourcePropertiesArgs { /** * The object specified in the Google Analytics flow source. */ object: pulumi.Input; } /** * Configuration for scheduled incremental data pull */ interface FlowIncrementalPullConfigArgs { /** * A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. */ datetimeTypeFieldName?: pulumi.Input; } interface FlowInforNexusSourcePropertiesArgs { /** * The object specified in the Infor Nexus flow source. */ object: pulumi.Input; } interface FlowLookoutMetricsDestinationPropertiesArgs { /** * The object specified in the Amazon Lookout for Metrics flow destination. */ object?: pulumi.Input; } interface FlowMarketoDestinationPropertiesArgs { /** * The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * The object specified in the Marketo flow destination. */ object: pulumi.Input; } interface FlowMarketoSourcePropertiesArgs { /** * The object specified in the Marketo flow source. */ object: pulumi.Input; } /** * Configurations of metadata catalog of the flow. */ interface FlowMetadataCatalogConfigArgs { /** * Configurations of glue data catalog of the flow. */ glueDataCatalog?: pulumi.Input; } interface FlowPardotSourcePropertiesArgs { /** * The object specified in the Salesforce Pardot flow source. */ object: pulumi.Input; } interface FlowPrefixConfigArgs { /** * Specifies whether the destination file path includes either or both of the following elements: * * - **EXECUTION_ID** - The ID that Amazon AppFlow assigns to the flow run. * - **SCHEMA_VERSION** - The version number of your data schema. Amazon AppFlow assigns this version number. The version number increases by one when you change any of the following settings in your flow configuration: * * - Source-to-destination field mappings * - Field data types * - Partition keys */ pathPrefixHierarchy?: pulumi.Input[]>; /** * Determines the level of granularity for the date and time that's included in the prefix. */ prefixFormat?: pulumi.Input; /** * Determines the format of the prefix, and whether it applies to the file name, file path, or both. */ prefixType?: pulumi.Input; } interface FlowRedshiftDestinationPropertiesArgs { /** * The object key for the bucket in which Amazon AppFlow places the destination files. */ bucketPrefix?: pulumi.Input; /** * The settings that determine how Amazon AppFlow handles an error when placing data in the Amazon Redshift destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * The intermediate bucket that Amazon AppFlow uses when moving data into Amazon Redshift. */ intermediateBucketName: pulumi.Input; /** * The object specified in the Amazon Redshift flow destination. */ object: pulumi.Input; } interface FlowS3DestinationPropertiesArgs { /** * The Amazon S3 bucket name in which Amazon AppFlow places the transferred data. */ bucketName: pulumi.Input; /** * The object key for the destination bucket in which Amazon AppFlow places the files. */ bucketPrefix?: pulumi.Input; /** * The configuration that determines how Amazon AppFlow should format the flow output data when Amazon S3 is used as the destination. */ s3OutputFormatConfig?: pulumi.Input; } interface FlowS3InputFormatConfigArgs { /** * The file type that Amazon AppFlow gets from your Amazon S3 bucket. */ s3InputFileType?: pulumi.Input; } interface FlowS3OutputFormatConfigArgs { /** * The aggregation settings that you can use to customize the output format of your flow data. */ aggregationConfig?: pulumi.Input; /** * Indicates the file type that Amazon AppFlow places in the Amazon S3 bucket. */ fileType?: pulumi.Input; /** * Determines the prefix that Amazon AppFlow applies to the folder name in the Amazon S3 bucket. You can name folders according to the flow frequency and date. */ prefixConfig?: pulumi.Input; /** * If your file output format is Parquet, use this parameter to set whether Amazon AppFlow preserves the data types in your source data when it writes the output to Amazon S3. * * - `true` : Amazon AppFlow preserves the data types when it writes to Amazon S3. For example, an integer or `1` in your source data is still an integer in your output. * - `false` : Amazon AppFlow converts all of the source data into strings when it writes to Amazon S3. For example, an integer of `1` in your source data becomes the string `"1"` in the output. */ preserveSourceDataTyping?: pulumi.Input; } interface FlowS3SourcePropertiesArgs { /** * The Amazon S3 bucket name where the source files are stored. */ bucketName: pulumi.Input; /** * The object key for the Amazon S3 bucket in which the source files are stored. */ bucketPrefix: pulumi.Input; /** * When you use Amazon S3 as the source, the configuration format that you provide the flow input data. */ s3InputFormatConfig?: pulumi.Input; } interface FlowSalesforceDestinationPropertiesArgs { /** * Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data to Salesforce. * * - **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers to Salesforce. If your flow transfers fewer than 1,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0. * * Each of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900 records, and it might use Bulk API 2.0 on the next day to transfer 1,100 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields. * * By choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output. * - **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers. * * Note that Bulk API 2.0 does not transfer Salesforce compound fields. * - **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail with a timed out error. */ dataTransferApi?: pulumi.Input; /** * The settings that determine how Amazon AppFlow handles an error when placing data in the Salesforce destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * List of fields used as ID when performing a write operation. */ idFieldNames?: pulumi.Input[]>; /** * The object specified in the Salesforce flow destination. */ object: pulumi.Input; /** * This specifies the type of write operation to be performed in Salesforce. When the value is `UPSERT` , then `idFieldNames` is required. */ writeOperationType?: pulumi.Input; } interface FlowSalesforceSourcePropertiesArgs { /** * Specifies which Salesforce API is used by Amazon AppFlow when your flow transfers data from Salesforce. * * - **AUTOMATIC** - The default. Amazon AppFlow selects which API to use based on the number of records that your flow transfers from Salesforce. If your flow transfers fewer than 1,000,000 records, Amazon AppFlow uses Salesforce REST API. If your flow transfers 1,000,000 records or more, Amazon AppFlow uses Salesforce Bulk API 2.0. * * Each of these Salesforce APIs structures data differently. If Amazon AppFlow selects the API automatically, be aware that, for recurring flows, the data output might vary from one flow run to the next. For example, if a flow runs daily, it might use REST API on one day to transfer 900,000 records, and it might use Bulk API 2.0 on the next day to transfer 1,100,000 records. For each of these flow runs, the respective Salesforce API formats the data differently. Some of the differences include how dates are formatted and null values are represented. Also, Bulk API 2.0 doesn't transfer Salesforce compound fields. * * By choosing this option, you optimize flow performance for both small and large data transfers, but the tradeoff is inconsistent formatting in the output. * - **BULKV2** - Amazon AppFlow uses only Salesforce Bulk API 2.0. This API runs asynchronous data transfers, and it's optimal for large sets of data. By choosing this option, you ensure that your flow writes consistent output, but you optimize performance only for large data transfers. * * Note that Bulk API 2.0 does not transfer Salesforce compound fields. * - **REST_SYNC** - Amazon AppFlow uses only Salesforce REST API. By choosing this option, you ensure that your flow writes consistent output, but you decrease performance for large data transfers that are better suited for Bulk API 2.0. In some cases, if your flow attempts to transfer a vary large set of data, it might fail wituh a timed out error. */ dataTransferApi?: pulumi.Input; /** * The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow. */ enableDynamicFieldUpdate?: pulumi.Input; /** * Indicates whether Amazon AppFlow includes deleted files in the flow run. */ includeDeletedRecords?: pulumi.Input; /** * The object specified in the Salesforce flow source. */ object: pulumi.Input; } interface FlowSapoDataDestinationPropertiesArgs { /** * The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * List of fields used as ID when performing a write operation. */ idFieldNames?: pulumi.Input[]>; /** * The object path specified in the SAPOData flow destination. */ objectPath: pulumi.Input; /** * Determines how Amazon AppFlow handles the success response that it gets from the connector after placing data. * * For example, this setting would determine where to write the response from a destination connector upon a successful insert operation. */ successResponseHandlingConfig?: pulumi.Input; /** * The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation. */ writeOperationType?: pulumi.Input; } /** * SAP Source connector page size */ interface FlowSapoDataPaginationConfigArgs { /** * The maximum number of records that Amazon AppFlow receives in each page of the response from your SAP application. For transfers of OData records, the maximum page size is 3,000. For transfers of data that comes from an ODP provider, the maximum page size is 10,000. */ maxPageSize: pulumi.Input; } /** * SAP Source connector parallelism factor */ interface FlowSapoDataParallelismConfigArgs { /** * The maximum number of processes that Amazon AppFlow runs at the same time when it retrieves your data from your SAP application. */ maxParallelism: pulumi.Input; } interface FlowSapoDataSourcePropertiesArgs { /** * The object path specified in the SAPOData flow source. */ objectPath: pulumi.Input; /** * Sets the page size for each concurrent process that transfers OData records from your SAP instance. */ paginationConfig?: pulumi.Input; /** * Sets the number of concurrent processes that transfers OData records from your SAP instance. */ parallelismConfig?: pulumi.Input; } /** * Details required for scheduled trigger type */ interface FlowScheduledTriggerPropertiesArgs { /** * Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. */ dataPullMode?: pulumi.Input; /** * Specifies the date range for the records to import from the connector in the first flow run. */ firstExecutionFrom?: pulumi.Input; /** * Defines how many times a scheduled flow fails consecutively before Amazon AppFlow deactivates it. */ flowErrorDeactivationThreshold?: pulumi.Input; /** * The time at which the scheduled flow ends. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-27T13:00:00-07:00` . */ scheduleEndTime?: pulumi.Input; /** * The scheduling expression that determines the rate at which the schedule will run, for example `rate(5minutes)` . */ scheduleExpression: pulumi.Input; /** * Specifies the optional offset that is added to the time interval for a schedule-triggered flow. */ scheduleOffset?: pulumi.Input; /** * The time at which the scheduled flow starts. The time is formatted as a timestamp that follows the ISO 8601 standard, such as `2022-04-26T13:00:00-07:00` . */ scheduleStartTime?: pulumi.Input; /** * Specifies the time zone used when referring to the dates and times of a scheduled flow, such as `America/New_York` . This time zone is only a descriptive label. It doesn't affect how Amazon AppFlow interprets the timestamps that you specify to schedule the flow. * * If you want to schedule a flow by using times in a particular time zone, indicate the time zone as a UTC offset in your timestamps. For example, the UTC offsets for the `America/New_York` timezone are `-04:00` EDT and `-05:00 EST` . */ timeZone?: pulumi.Input; } interface FlowServiceNowSourcePropertiesArgs { /** * The object specified in the ServiceNow flow source. */ object: pulumi.Input; } interface FlowSingularSourcePropertiesArgs { /** * The object specified in the Singular flow source. */ object: pulumi.Input; } interface FlowSlackSourcePropertiesArgs { /** * The object specified in the Slack flow source. */ object: pulumi.Input; } interface FlowSnowflakeDestinationPropertiesArgs { /** * The object key for the destination bucket in which Amazon AppFlow places the files. */ bucketPrefix?: pulumi.Input; /** * The settings that determine how Amazon AppFlow handles an error when placing data in the Snowflake destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * The intermediate bucket that Amazon AppFlow uses when moving data into Snowflake. */ intermediateBucketName: pulumi.Input; /** * The object specified in the Snowflake flow destination. */ object: pulumi.Input; } /** * Source connector details required to query a connector */ interface FlowSourceConnectorPropertiesArgs { /** * Specifies the information that is required for querying Amplitude. */ amplitude?: pulumi.Input; /** * The properties that are applied when the custom connector is being used as a source. */ customConnector?: pulumi.Input; /** * Specifies the information that is required for querying Datadog. */ datadog?: pulumi.Input; /** * Specifies the information that is required for querying Dynatrace. */ dynatrace?: pulumi.Input; /** * Specifies the information that is required for querying Google Analytics. */ googleAnalytics?: pulumi.Input; /** * Specifies the information that is required for querying Infor Nexus. */ inforNexus?: pulumi.Input; /** * Specifies the information that is required for querying Marketo. */ marketo?: pulumi.Input; /** * Specifies the information that is required for querying Salesforce Pardot. */ pardot?: pulumi.Input; /** * Specifies the information that is required for querying Amazon S3. */ s3?: pulumi.Input; /** * Specifies the information that is required for querying Salesforce. */ salesforce?: pulumi.Input; /** * The properties that are applied when using SAPOData as a flow source. */ sapoData?: pulumi.Input; /** * Specifies the information that is required for querying ServiceNow. */ serviceNow?: pulumi.Input; /** * Specifies the information that is required for querying Singular. */ singular?: pulumi.Input; /** * Specifies the information that is required for querying Slack. */ slack?: pulumi.Input; /** * Specifies the information that is required for querying Trend Micro. */ trendmicro?: pulumi.Input; /** * Specifies the information that is required for querying Veeva. */ veeva?: pulumi.Input; /** * Specifies the information that is required for querying Zendesk. */ zendesk?: pulumi.Input; } /** * Configurations of Source connector of the flow. */ interface FlowSourceFlowConfigArgs { /** * The API version that the destination connector uses. */ apiVersion?: pulumi.Input; /** * Name of source connector profile */ connectorProfileName?: pulumi.Input; /** * Type of source connector */ connectorType: pulumi.Input; /** * Configuration for scheduled incremental data pull */ incrementalPullConfig?: pulumi.Input; /** * Source connector details required to query a connector */ sourceConnectorProperties: pulumi.Input; } interface FlowSuccessResponseHandlingConfigArgs { /** * The name of the Amazon S3 bucket. */ bucketName?: pulumi.Input; /** * The Amazon S3 bucket prefix. */ bucketPrefix?: pulumi.Input; } interface FlowTaskArgs { /** * Operation to be performed on provided source fields */ connectorOperator?: pulumi.Input; /** * A field value on which source field should be validated */ destinationField?: pulumi.Input; /** * Source fields on which particular task will be applied */ sourceFields: pulumi.Input[]>; /** * A Map used to store task related info */ taskProperties?: pulumi.Input[]>; /** * Type of task */ taskType: pulumi.Input; } /** * An object used to store task related info */ interface FlowTaskPropertiesObjectArgs { /** * The task property key. */ key: pulumi.Input; /** * The task property value. */ value: pulumi.Input; } interface FlowTrendmicroSourcePropertiesArgs { /** * The object specified in the Trend Micro flow source. */ object: pulumi.Input; } /** * Trigger settings of the flow. */ interface FlowTriggerConfigArgs { /** * Details required based on the type of trigger */ triggerProperties?: pulumi.Input; /** * Trigger type of the flow */ triggerType: pulumi.Input; } interface FlowUpsolverDestinationPropertiesArgs { /** * The Upsolver Amazon S3 bucket name in which Amazon AppFlow places the transferred data. */ bucketName: pulumi.Input; /** * The object key for the destination Upsolver Amazon S3 bucket in which Amazon AppFlow places the files. */ bucketPrefix?: pulumi.Input; /** * The configuration that determines how data is formatted when Upsolver is used as the flow destination. */ s3OutputFormatConfig: pulumi.Input; } interface FlowUpsolverS3OutputFormatConfigArgs { /** * The aggregation settings that you can use to customize the output format of your flow data. */ aggregationConfig?: pulumi.Input; /** * Indicates the file type that Amazon AppFlow places in the Upsolver Amazon S3 bucket. */ fileType?: pulumi.Input; /** * Specifies elements that Amazon AppFlow includes in the file and folder names in the flow destination. */ prefixConfig: pulumi.Input; } interface FlowVeevaSourcePropertiesArgs { /** * The document type specified in the Veeva document extract flow. */ documentType?: pulumi.Input; /** * Boolean value to include All Versions of files in Veeva document extract flow. */ includeAllVersions?: pulumi.Input; /** * Boolean value to include file renditions in Veeva document extract flow. */ includeRenditions?: pulumi.Input; /** * Boolean value to include source files in Veeva document extract flow. */ includeSourceFiles?: pulumi.Input; /** * The object specified in the Veeva flow source. */ object: pulumi.Input; } interface FlowZendeskDestinationPropertiesArgs { /** * The settings that determine how Amazon AppFlow handles an error when placing data in the destination. For example, this setting would determine if the flow should fail after one insertion error, or continue and attempt to insert every record regardless of the initial failure. `ErrorHandlingConfig` is a part of the destination connector details. */ errorHandlingConfig?: pulumi.Input; /** * List of fields used as ID when performing a write operation. */ idFieldNames?: pulumi.Input[]>; /** * The object specified in the Zendesk flow destination. */ object: pulumi.Input; /** * The possible write operations in the destination connector. When this value is not provided, this defaults to the `INSERT` operation. */ writeOperationType?: pulumi.Input; } interface FlowZendeskSourcePropertiesArgs { /** * The object specified in the Zendesk flow source. */ object: pulumi.Input; } } export declare namespace appintegrations { interface ApplicationConfigArgs { contactHandling?: pulumi.Input; } interface ApplicationContactHandlingArgs { scope: pulumi.Input; } interface ApplicationExternalUrlConfigArgs { /** * The URL to access the application. */ accessUrl: pulumi.Input; /** * Additional URLs to allow list if different than the access URL. */ approvedOrigins?: pulumi.Input[]>; } interface ApplicationIframeConfigArgs { allow?: pulumi.Input[]>; sandbox?: pulumi.Input[]>; } /** * Application source config */ interface ApplicationSourceConfigPropertiesArgs { /** * The external URL source for the application. */ externalUrlConfig: pulumi.Input; } /** * The configuration for what files should be pulled from the source. */ interface DataIntegrationFileConfigurationArgs { /** * Restrictions for what files should be pulled from the source. */ filters?: pulumi.Input<{ [key: string]: pulumi.Input[]>; }>; /** * Identifiers for the source folders to pull all files from recursively. */ folders: pulumi.Input[]>; } interface DataIntegrationScheduleConfigArgs { /** * The start date for objects to import in the first flow run. Epoch or ISO timestamp format is supported. */ firstExecutionFrom?: pulumi.Input; /** * The name of the object to pull from the data source. */ object?: pulumi.Input; /** * How often the data should be pulled from data source. */ scheduleExpression: pulumi.Input; } interface EventIntegrationEventFilterArgs { /** * The source of the events. */ source: pulumi.Input; } } export declare namespace applicationautoscaling { /** * ``ScalableTargetAction`` specifies the minimum and maximum capacity for the ``ScalableTargetAction`` property of the [AWS::ApplicationAutoScaling::ScalableTarget ScheduledAction](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalabletarget-scheduledaction.html) property type. */ interface ScalableTargetActionArgs { /** * The maximum capacity. */ maxCapacity?: pulumi.Input; /** * The minimum capacity. */ minCapacity?: pulumi.Input; } /** * ``ScheduledAction`` is a property of the [AWS::ApplicationAutoScaling::ScalableTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalabletarget.html) resource that specifies a scheduled action for a scalable target. * For more information, see [Scheduled scaling](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-scheduled-scaling.html) in the *Application Auto Scaling User Guide*. */ interface ScalableTargetScheduledActionArgs { /** * The date and time that the action is scheduled to end, in UTC. */ endTime?: pulumi.Input; /** * The new minimum and maximum capacity. You can set both values or just one. At the scheduled time, if the current capacity is below the minimum capacity, Application Auto Scaling scales out to the minimum capacity. If the current capacity is above the maximum capacity, Application Auto Scaling scales in to the maximum capacity. */ scalableTargetAction?: pulumi.Input; /** * The schedule for this action. The following formats are supported: * + At expressions - "``at(yyyy-mm-ddThh:mm:ss)``" * + Rate expressions - "``rate(valueunit)``" * + Cron expressions - "``cron(fields)``" * * At expressions are useful for one-time schedules. Cron expressions are useful for scheduled actions that run periodically at a specified date and time, and rate expressions are useful for scheduled actions that run at a regular interval. * At and cron expressions use Universal Coordinated Time (UTC) by default. * The cron format consists of six fields separated by white spaces: [Minutes] [Hours] [Day_of_Month] [Month] [Day_of_Week] [Year]. * For rate expressions, *value* is a positive integer and *unit* is ``minute`` | ``minutes`` | ``hour`` | ``hours`` | ``day`` | ``days``. */ schedule: pulumi.Input; /** * The name of the scheduled action. This name must be unique among all other scheduled actions on the specified scalable target. */ scheduledActionName: pulumi.Input; /** * The date and time that the action is scheduled to begin, in UTC. */ startTime?: pulumi.Input; /** * The time zone used when referring to the date and time of a scheduled action, when the scheduled action uses an at or cron expression. */ timezone?: pulumi.Input; } /** * ``SuspendedState`` is a property of the [AWS::ApplicationAutoScaling::ScalableTarget](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalabletarget.html) resource that specifies whether the scaling activities for a scalable target are in a suspended state. * For more information, see [Suspending and resuming scaling](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-suspend-resume-scaling.html) in the *Application Auto Scaling User Guide*. */ interface ScalableTargetSuspendedStateArgs { /** * Whether scale in by a target tracking scaling policy or a step scaling policy is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to remove capacity when a scaling policy is triggered. The default is ``false``. */ dynamicScalingInSuspended?: pulumi.Input; /** * Whether scale out by a target tracking scaling policy or a step scaling policy is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to add capacity when a scaling policy is triggered. The default is ``false``. */ dynamicScalingOutSuspended?: pulumi.Input; /** * Whether scheduled scaling is suspended. Set the value to ``true`` if you don't want Application Auto Scaling to add or remove capacity by initiating scheduled actions. The default is ``false``. */ scheduledScalingSuspended?: pulumi.Input; } /** * Contains customized metric specification information for a target tracking scaling policy for Application Auto Scaling. * For information about the available metrics for a service, see [services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide*. * To create your customized metric specification: * + Add values for each required parameter from CloudWatch. You can use an existing metric, or a new metric that you create. To use your own metric, you must first publish the metric to CloudWatch. For more information, see [Publish custom metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/publishingMetrics.html) in the *Amazon CloudWatch User Guide*. * + Choose a metric that changes proportionally with capacity. The value of the metric should increase or decrease in inverse proportion to the number of capacity units. That is, the value of the metric should decrease when capacity increases, and increase when capacity decreases. * * For an example of how creating new metrics can be useful, see [Scaling based on Amazon SQS](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-using-sqs-queue.html) in the *Amazon EC2 Auto Scaling User Guide*. This topic mentions Auto Scaling groups, but the same scenario for Amazon SQS can apply to the target tracking scaling policies that you create for a Spot Fleet by using Application Auto Scaling. * For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html). * ``CustomizedMetricSpecification`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy TargetTrackingScalingPolicyConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingscalingpolicyconfiguration.html) property type. */ interface ScalingPolicyCustomizedMetricSpecificationArgs { /** * The dimensions of the metric. * Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy. */ dimensions?: pulumi.Input[]>; /** * The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that's returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html). */ metricName?: pulumi.Input; /** * The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions. */ metrics?: pulumi.Input[]>; /** * The namespace of the metric. */ namespace?: pulumi.Input; /** * The statistic of the metric. */ statistic?: pulumi.Input; /** * The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference*. */ unit?: pulumi.Input; } /** * ``MetricDimension`` specifies a name/value pair that is part of the identity of a CloudWatch metric for the ``Dimensions`` property of the [AWS::ApplicationAutoScaling::ScalingPolicy CustomizedMetricSpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-customizedmetricspecification.html) property type. Duplicate dimensions are not allowed. */ interface ScalingPolicyMetricDimensionArgs { /** * The name of the dimension. */ name: pulumi.Input; /** * The value of the dimension. */ value: pulumi.Input; } /** * Contains predefined metric specification information for a target tracking scaling policy for Application Auto Scaling. * ``PredefinedMetricSpecification`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy TargetTrackingScalingPolicyConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingscalingpolicyconfiguration.html) property type. */ interface ScalingPolicyPredefinedMetricSpecificationArgs { /** * The metric type. The ``ALBRequestCountPerTarget`` metric type applies only to Spot fleet requests and ECS services. */ predefinedMetricType: pulumi.Input; /** * Identifies the resource associated with the metric type. You can't specify a resource label unless the metric type is ``ALBRequestCountPerTarget`` and there is a target group attached to the Spot Fleet or ECS service. * You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is: * ``app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff``. * Where: * + app// is the final portion of the load balancer ARN * + targetgroup// is the final portion of the target group ARN. * * To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation. */ resourceLabel?: pulumi.Input; } /** * Represents a CloudWatch metric of your choosing for a predictive scaling policy. */ interface ScalingPolicyPredictiveScalingCustomizedCapacityMetricArgs { /** * One or more metric data queries to provide data points for a metric specification. */ metricDataQueries: pulumi.Input[]>; } /** * The customized load metric specification. */ interface ScalingPolicyPredictiveScalingCustomizedLoadMetricArgs { metricDataQueries: pulumi.Input[]>; } /** * One or more metric data queries to provide data points for a metric specification. */ interface ScalingPolicyPredictiveScalingCustomizedScalingMetricArgs { /** * One or more metric data queries to provide data points for a metric specification. */ metricDataQueries: pulumi.Input[]>; } /** * Describes the scaling metric. */ interface ScalingPolicyPredictiveScalingMetricArgs { /** * Describes the dimensions of the metric. */ dimensions?: pulumi.Input[]>; /** * The name of the metric. */ metricName?: pulumi.Input; /** * The namespace of the metric. */ namespace?: pulumi.Input; } /** * The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp. */ interface ScalingPolicyPredictiveScalingMetricDataQueryArgs { /** * The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. * Conditional: Within each ``MetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both. */ expression?: pulumi.Input; /** * A short name that identifies the object's results in the response. This name must be unique among all ``MetricDataQuery`` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter. */ id?: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents. */ label?: pulumi.Input; /** * Information about the metric data to return. * Conditional: Within each ``MetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both. */ metricStat?: pulumi.Input; /** * Indicates whether to return the timestamps and raw data values of this metric. * If you use any math expressions, specify ``true`` for this value for only the final math expression that the metric specification is based on. You must specify ``false`` for ``ReturnData`` for all the other metrics and expressions used in the metric specification. * If you are only retrieving metrics and not performing any math expressions, do not specify anything for ``ReturnData``. This sets it to its default (``true``). */ returnData?: pulumi.Input; } /** * Describes the dimension of a metric. */ interface ScalingPolicyPredictiveScalingMetricDimensionArgs { /** * The name of the dimension. */ name?: pulumi.Input; /** * The value of the dimension. */ value?: pulumi.Input; } /** * This structure specifies the metrics and target utilization settings for a predictive scaling policy. * You must specify either a metric pair, or a load metric and a scaling metric individually. Specifying a metric pair instead of individual metrics provides a simpler way to configure metrics for a scaling policy. You choose the metric pair, and the policy automatically knows the correct sum and average statistics to use for the load metric and the scaling metric. */ interface ScalingPolicyPredictiveScalingMetricSpecificationArgs { /** * The customized capacity metric specification. */ customizedCapacityMetricSpecification?: pulumi.Input; /** * The customized load metric specification. */ customizedLoadMetricSpecification?: pulumi.Input; /** * The customized scaling metric specification. */ customizedScalingMetricSpecification?: pulumi.Input; /** * The predefined load metric specification. */ predefinedLoadMetricSpecification?: pulumi.Input; /** * The predefined metric pair specification that determines the appropriate scaling metric and load metric to use. */ predefinedMetricPairSpecification?: pulumi.Input; /** * The predefined scaling metric specification. */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Specifies the target utilization. */ targetValue: pulumi.Input; } /** * This structure defines the CloudWatch metric to return, along with the statistic and unit. */ interface ScalingPolicyPredictiveScalingMetricStatArgs { /** * The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html). */ metric?: pulumi.Input; /** * The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide*. * The most commonly used metrics for predictive scaling are ``Average`` and ``Sum``. */ stat?: pulumi.Input; /** * The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference*. */ unit?: pulumi.Input; } /** * Represents a predictive scaling policy configuration. Predictive scaling is supported on Amazon ECS services. */ interface ScalingPolicyPredictiveScalingPolicyConfigurationArgs { /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity. Defaults to ``HonorMaxCapacity`` if not specified. */ maxCapacityBreachBehavior?: pulumi.Input; /** * The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55. * Required if the ``MaxCapacityBreachBehavior`` property is set to ``IncreaseMaxCapacity``, and cannot be used otherwise. */ maxCapacityBuffer?: pulumi.Input; /** * This structure includes the metrics and target utilization to use for predictive scaling. * This is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric. */ metricSpecifications: pulumi.Input[]>; /** * The predictive scaling mode. Defaults to ``ForecastOnly`` if not specified. */ mode?: pulumi.Input; /** * The amount of time, in seconds, that the start time can be advanced. * The value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified. */ schedulingBufferTime?: pulumi.Input; } /** * Describes a load metric for a predictive scaling policy. * When returned in the output of ``DescribePolicies``, it indicates that a predictive scaling policy uses individually specified load and scaling metrics instead of a metric pair. * The following predefined metrics are available for predictive scaling: * + ``ECSServiceAverageCPUUtilization`` * + ``ECSServiceAverageMemoryUtilization`` * + ``ECSServiceCPUUtilization`` * + ``ECSServiceMemoryUtilization`` * + ``ECSServiceTotalCPUUtilization`` * + ``ECSServiceTotalMemoryUtilization`` * + ``ALBRequestCount`` * + ``ALBRequestCountPerTarget`` * + ``TotalALBRequestCount`` */ interface ScalingPolicyPredictiveScalingPredefinedLoadMetricArgs { /** * The metric type. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a target group. */ resourceLabel?: pulumi.Input; } /** * Represents a metric pair for a predictive scaling policy. * The following predefined metrics are available for predictive scaling: * + ``ECSServiceAverageCPUUtilization`` * + ``ECSServiceAverageMemoryUtilization`` * + ``ECSServiceCPUUtilization`` * + ``ECSServiceMemoryUtilization`` * + ``ECSServiceTotalCPUUtilization`` * + ``ECSServiceTotalMemoryUtilization`` * + ``ALBRequestCount`` * + ``ALBRequestCountPerTarget`` * + ``TotalALBRequestCount`` */ interface ScalingPolicyPredictiveScalingPredefinedMetricPairArgs { /** * Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific target group from which to determine the total and average request count. */ resourceLabel?: pulumi.Input; } /** * Describes a scaling metric for a predictive scaling policy. * When returned in the output of ``DescribePolicies``, it indicates that a predictive scaling policy uses individually specified load and scaling metrics instead of a metric pair. * The following predefined metrics are available for predictive scaling: * + ``ECSServiceAverageCPUUtilization`` * + ``ECSServiceAverageMemoryUtilization`` * + ``ECSServiceCPUUtilization`` * + ``ECSServiceMemoryUtilization`` * + ``ECSServiceTotalCPUUtilization`` * + ``ECSServiceTotalMemoryUtilization`` * + ``ALBRequestCount`` * + ``ALBRequestCountPerTarget`` * + ``TotalALBRequestCount`` */ interface ScalingPolicyPredictiveScalingPredefinedScalingMetricArgs { /** * The metric type. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific target group from which to determine the average request count. */ resourceLabel?: pulumi.Input; } /** * ``StepAdjustment`` specifies a step adjustment for the ``StepAdjustments`` property of the [AWS::ApplicationAutoScaling::ScalingPolicy StepScalingPolicyConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-stepscalingpolicyconfiguration.html) property type. * For the following examples, suppose that you have an alarm with a breach threshold of 50: * + To trigger a step adjustment when the metric is greater than or equal to 50 and less than 60, specify a lower bound of 0 and an upper bound of 10. * + To trigger a step adjustment when the metric is greater than 40 and less than or equal to 50, specify a lower bound of -10 and an upper bound of 0. * * For more information, see [Step adjustments](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html#as-scaling-steps) in the *Application Auto Scaling User Guide*. * You can find a sample template snippet in the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalingpolicy.html#aws-resource-applicationautoscaling-scalingpolicy--examples) section of the ``AWS::ApplicationAutoScaling::ScalingPolicy`` documentation. */ interface ScalingPolicyStepAdjustmentArgs { /** * The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity. * You must specify at least one upper or lower bound. */ metricIntervalLowerBound?: pulumi.Input; /** * The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity. * You must specify at least one upper or lower bound. */ metricIntervalUpperBound?: pulumi.Input; /** * The amount by which to scale. The adjustment is based on the value that you specified in the ``AdjustmentType`` property (either an absolute number or a percentage). A positive value adds to the current capacity and a negative number subtracts from the current capacity. */ scalingAdjustment: pulumi.Input; } /** * ``StepScalingPolicyConfiguration`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalingpolicy.html) resource that specifies a step scaling policy configuration for Application Auto Scaling. * For more information, see [Step scaling policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-step-scaling-policies.html) in the *Application Auto Scaling User Guide*. */ interface ScalingPolicyStepScalingPolicyConfigurationArgs { /** * Specifies whether the ``ScalingAdjustment`` value in the ``StepAdjustment`` property is an absolute number or a percentage of the current capacity. */ adjustmentType?: pulumi.Input; /** * The amount of time, in seconds, to wait for a previous scaling activity to take effect. If not specified, the default value is 300. For more information, see [Cooldown period](https://docs.aws.amazon.com/autoscaling/application/userguide/step-scaling-policy-overview.html#step-scaling-cooldown) in the *Application Auto Scaling User Guide*. */ cooldown?: pulumi.Input; /** * The aggregation type for the CloudWatch metrics. Valid values are ``Minimum``, ``Maximum``, and ``Average``. If the aggregation type is null, the value is treated as ``Average``. */ metricAggregationType?: pulumi.Input; /** * The minimum value to scale by when the adjustment type is ``PercentChangeInCapacity``. For example, suppose that you create a step scaling policy to scale out an Amazon ECS service by 25 percent and you specify a ``MinAdjustmentMagnitude`` of 2. If the service has 4 tasks and the scaling policy is performed, 25 percent of 4 is 1. However, because you specified a ``MinAdjustmentMagnitude`` of 2, Application Auto Scaling scales out the service by 2 tasks. */ minAdjustmentMagnitude?: pulumi.Input; /** * A set of adjustments that enable you to scale based on the size of the alarm breach. * At least one step adjustment is required if you are adding a new step scaling policy configuration. */ stepAdjustments?: pulumi.Input[]>; } /** * Represents a specific metric for a target tracking scaling policy for Application Auto Scaling. * Metric is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy TargetTrackingMetricStat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingmetricstat.html) property type. */ interface ScalingPolicyTargetTrackingMetricArgs { /** * The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide*. * Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy. */ dimensions?: pulumi.Input[]>; /** * The name of the metric. */ metricName?: pulumi.Input; /** * The namespace of the metric. For more information, see the table in [services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide*. */ namespace?: pulumi.Input; } /** * The metric data to return. Also defines whether this call is returning data for one metric only, or whether it is performing a math expression on the values of returned metric statistics to create a new time series. A time series is a series of data points, each of which is associated with a timestamp. * You can call for a single metric or perform math expressions on multiple metrics. Any expressions used in a metric specification must eventually return a single time series. * For more information and examples, see [Create a target tracking scaling policy for Application Auto Scaling using metric math](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking-metric-math.html) in the *Application Auto Scaling User Guide*. * ``TargetTrackingMetricDataQuery`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy CustomizedMetricSpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-customizedmetricspecification.html) property type. */ interface ScalingPolicyTargetTrackingMetricDataQueryArgs { /** * The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. * Conditional: Within each ``TargetTrackingMetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both. */ expression?: pulumi.Input; /** * A short name that identifies the object's results in the response. This name must be unique among all ``MetricDataQuery`` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter. */ id?: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents. */ label?: pulumi.Input; /** * Information about the metric data to return. * Conditional: Within each ``MetricDataQuery`` object, you must specify either ``Expression`` or ``MetricStat``, but not both. */ metricStat?: pulumi.Input; /** * Indicates whether to return the timestamps and raw data values of this metric. * If you use any math expressions, specify ``true`` for this value for only the final math expression that the metric specification is based on. You must specify ``false`` for ``ReturnData`` for all the other metrics and expressions used in the metric specification. * If you are only retrieving metrics and not performing any math expressions, do not specify anything for ``ReturnData``. This sets it to its default (``true``). */ returnData?: pulumi.Input; } /** * ``TargetTrackingMetricDimension`` specifies a name/value pair that is part of the identity of a CloudWatch metric for the ``Dimensions`` property of the [AWS::ApplicationAutoScaling::ScalingPolicy TargetTrackingMetric](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingmetric.html) property type. Duplicate dimensions are not allowed. */ interface ScalingPolicyTargetTrackingMetricDimensionArgs { /** * The name of the dimension. */ name?: pulumi.Input; /** * The value of the dimension. */ value?: pulumi.Input; } /** * This structure defines the CloudWatch metric to return, along with the statistic and unit. * ``TargetTrackingMetricStat`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy TargetTrackingMetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-applicationautoscaling-scalingpolicy-targettrackingmetricdataquery.html) property type. * For more information about the CloudWatch terminology below, see [Amazon CloudWatch concepts](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html) in the *Amazon CloudWatch User Guide*. */ interface ScalingPolicyTargetTrackingMetricStatArgs { /** * The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html). */ metric?: pulumi.Input; /** * The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide*. * The most commonly used metric for scaling is ``Average``. */ stat?: pulumi.Input; /** * The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference*. */ unit?: pulumi.Input; } /** * ``TargetTrackingScalingPolicyConfiguration`` is a property of the [AWS::ApplicationAutoScaling::ScalingPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-applicationautoscaling-scalingpolicy.html) resource that specifies a target tracking scaling policy configuration for Application Auto Scaling. Use a target tracking scaling policy to adjust the capacity of the specified scalable target in response to actual workloads, so that resource utilization remains at or near the target utilization value. * For more information, see [Target tracking scaling policies](https://docs.aws.amazon.com/autoscaling/application/userguide/application-auto-scaling-target-tracking.html) in the *Application Auto Scaling User Guide*. */ interface ScalingPolicyTargetTrackingScalingPolicyConfigurationArgs { /** * A customized metric. You can specify either a predefined metric or a customized metric. */ customizedMetricSpecification?: pulumi.Input; /** * Indicates whether scale in by the target tracking scaling policy is disabled. If the value is ``true``, scale in is disabled and the target tracking scaling policy won't remove capacity from the scalable target. Otherwise, scale in is enabled and the target tracking scaling policy can remove capacity from the scalable target. The default value is ``false``. */ disableScaleIn?: pulumi.Input; /** * A predefined metric. You can specify either a predefined metric or a customized metric. */ predefinedMetricSpecification?: pulumi.Input; /** * The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide*. */ scaleInCooldown?: pulumi.Input; /** * The amount of time, in seconds, to wait for a previous scale-out activity to take effect. For more information and for default values, see [Define cooldown periods](https://docs.aws.amazon.com/autoscaling/application/userguide/target-tracking-scaling-policy-overview.html#target-tracking-cooldown) in the *Application Auto Scaling User Guide*. */ scaleOutCooldown?: pulumi.Input; /** * The target value for the metric. Although this property accepts numbers of type Double, it won't accept values that are either too small or too large. Values must be in the range of -2^360 to 2^360. The value must be a valid number based on the choice of metric. For example, if the metric is CPU utilization, then the target value is a percent value that represents how much of the CPU can be used before scaling out. */ targetValue: pulumi.Input; } } export declare namespace applicationinsights { /** * A CloudWatch alarm to be monitored for the component. */ interface ApplicationAlarmArgs { /** * The name of the CloudWatch alarm to be monitored for the component. */ alarmName: pulumi.Input; /** * Indicates the degree of outage when the alarm goes off. */ severity?: pulumi.Input; } /** * A metric to be monitored for the component. */ interface ApplicationAlarmMetricArgs { /** * The name of the metric to be monitored for the component. */ alarmMetricName: pulumi.Input; } /** * The configuration settings of the component. */ interface ApplicationComponentConfigurationArgs { /** * The configuration settings */ configurationDetails?: pulumi.Input; /** * Sub component configurations of the component. */ subComponentTypeConfigurations?: pulumi.Input[]>; } /** * The monitoring setting of the component. */ interface ApplicationComponentMonitoringSettingArgs { /** * The ARN of the compnonent. */ componentArn?: pulumi.Input; /** * The component monitoring configuration mode. */ componentConfigurationMode: pulumi.Input; /** * The name of the component. */ componentName?: pulumi.Input; /** * The monitoring configuration of the component. */ customComponentConfiguration?: pulumi.Input; /** * The overwritten settings on default component monitoring configuration. */ defaultOverwriteComponentConfiguration?: pulumi.Input; /** * The tier of the application component. */ tier: pulumi.Input; } /** * The configuration settings. */ interface ApplicationConfigurationDetailsArgs { /** * A list of metrics to monitor for the component. */ alarmMetrics?: pulumi.Input[]>; /** * A list of alarms to monitor for the component. */ alarms?: pulumi.Input[]>; /** * The HA cluster Prometheus Exporter settings. */ haClusterPrometheusExporter?: pulumi.Input; /** * The HANA DB Prometheus Exporter settings. */ hanaPrometheusExporter?: pulumi.Input; /** * The JMX Prometheus Exporter settings. */ jmxPrometheusExporter?: pulumi.Input; /** * A list of logs to monitor for the component. */ logs?: pulumi.Input[]>; /** * The NetWeaver Prometheus Exporter settings. */ netWeaverPrometheusExporter?: pulumi.Input; /** * A list of processes to monitor for the component. Only Windows EC2 instances can have a processes section. */ processes?: pulumi.Input[]>; /** * The SQL Prometheus Exporter settings. */ sqlServerPrometheusExporter?: pulumi.Input; /** * A list of Windows Events to log. */ windowsEvents?: pulumi.Input[]>; } /** * The custom grouped component. */ interface ApplicationCustomComponentArgs { /** * The name of the component. */ componentName: pulumi.Input; /** * The list of resource ARNs that belong to the component. */ resourceList: pulumi.Input[]>; } /** * The HA cluster Prometheus Exporter settings. */ interface ApplicationHaClusterPrometheusExporterArgs { /** * Prometheus exporter port. */ prometheusPort?: pulumi.Input; } /** * The HANA DB Prometheus Exporter settings. */ interface ApplicationHanaPrometheusExporterArgs { /** * A flag which indicates agreeing to install SAP HANA DB client. */ agreeToInstallHanadbClient: pulumi.Input; /** * The HANA DB port. */ hanaPort: pulumi.Input; /** * The secret name which manages the HANA DB credentials e.g. { * "username": "<>", * "password": "<>" * }. */ hanaSecretName: pulumi.Input; /** * HANA DB SID. */ hanasid: pulumi.Input; /** * Prometheus exporter port. */ prometheusPort?: pulumi.Input; } /** * The JMX Prometheus Exporter settings. */ interface ApplicationJmxPrometheusExporterArgs { /** * Java agent host port */ hostPort?: pulumi.Input; /** * JMX service URL. */ jmxurl?: pulumi.Input; /** * Prometheus exporter port. */ prometheusPort?: pulumi.Input; } /** * A log to be monitored for the component. */ interface ApplicationLogArgs { /** * The type of encoding of the logs to be monitored. */ encoding?: pulumi.Input; /** * The CloudWatch log group name to be associated to the monitored log. */ logGroupName?: pulumi.Input; /** * The path of the logs to be monitored. */ logPath?: pulumi.Input; /** * The log type decides the log patterns against which Application Insights analyzes the log. */ logType: pulumi.Input; /** * The name of the log pattern set. */ patternSet?: pulumi.Input; } /** * The log pattern. */ interface ApplicationLogPatternArgs { /** * The log pattern. */ pattern: pulumi.Input; /** * The name of the log pattern. */ patternName: pulumi.Input; /** * Rank of the log pattern. */ rank: pulumi.Input; } /** * The log pattern set. */ interface ApplicationLogPatternSetArgs { /** * The log patterns of a set. */ logPatterns: pulumi.Input[]>; /** * The name of the log pattern set. */ patternSetName: pulumi.Input; } /** * The NetWeaver Prometheus Exporter Settings. */ interface ApplicationNetWeaverPrometheusExporterArgs { /** * SAP instance numbers for ASCS, ERS, and App Servers. */ instanceNumbers: pulumi.Input[]>; /** * Prometheus exporter port. */ prometheusPort?: pulumi.Input; /** * SAP NetWeaver SID. */ sapsid: pulumi.Input; } /** * A process to be monitored for the component. */ interface ApplicationProcessArgs { /** * A list of metrics to monitor for the component. */ alarmMetrics: pulumi.Input[]>; /** * The name of the process to be monitored for the component. */ processName: pulumi.Input; } /** * The SQL prometheus exporter settings. */ interface ApplicationSqlServerPrometheusExporterArgs { /** * Prometheus exporter port. */ prometheusPort: pulumi.Input; /** * Secret name which managers SQL exporter connection. e.g. {"data_source_name": "sqlserver://:@localhost:1433"} */ sqlSecretName: pulumi.Input; } /** * The configuration settings of sub components. */ interface ApplicationSubComponentConfigurationDetailsArgs { /** * A list of metrics to monitor for the component. */ alarmMetrics?: pulumi.Input[]>; /** * A list of logs to monitor for the component. */ logs?: pulumi.Input[]>; /** * A list of processes to monitor for the component. Only Windows EC2 instances can have a processes section. */ processes?: pulumi.Input[]>; /** * A list of Windows Events to log. */ windowsEvents?: pulumi.Input[]>; } /** * One type sub component configurations for the component. */ interface ApplicationSubComponentTypeConfigurationArgs { /** * The configuration settings of sub components. */ subComponentConfigurationDetails: pulumi.Input; /** * The sub component type. */ subComponentType: pulumi.Input; } /** * A Windows Event to be monitored for the component. */ interface ApplicationWindowsEventArgs { /** * The levels of event to log. */ eventLevels: pulumi.Input[]>; /** * The type of Windows Events to log. */ eventName: pulumi.Input; /** * The CloudWatch log group name to be associated to the monitored log. */ logGroupName: pulumi.Input; /** * The name of the log pattern set. */ patternSet?: pulumi.Input; } } export declare namespace applicationsignals { interface GroupingConfigurationGroupingAttributeDefinitionArgs { defaultGroupingValue?: pulumi.Input; groupingName: pulumi.Input; groupingSourceKeys: pulumi.Input[]>; } /** * This object defines the length of the look-back window used to calculate one burn rate metric for this SLO. The burn rate measures how fast the service is consuming the error budget, relative to the attainment goal of the SLO. A burn rate of exactly 1 indicates that the SLO goal will be met exactly. * For example, if you specify 60 as the number of minutes in the look-back window, the burn rate is calculated as the following: * burn rate = error rate over the look-back window / (1 - attainment goal percentage) */ interface ServiceLevelObjectiveBurnRateConfigurationArgs { /** * The number of minutes to use as the look-back window. */ lookBackWindowMinutes: pulumi.Input; } /** * If the interval for this service level objective is a calendar interval, this structure contains the interval specifications. */ interface ServiceLevelObjectiveCalendarIntervalArgs { /** * Specifies the duration of each calendar interval. For example, if `Duration` is `1` and `DurationUnit` is `MONTH` , each interval is one month, aligned with the calendar. */ duration: pulumi.Input; /** * Specifies the calendar interval unit. */ durationUnit: pulumi.Input; /** * Epoch time in seconds you want the first interval to start. Be sure to choose a time that configures the intervals the way that you want. For example, if you want weekly intervals starting on Mondays at 6 a.m., be sure to specify a start time that is a Monday at 6 a.m. * As soon as one calendar interval ends, another automatically begins. */ startTime: pulumi.Input; } /** * Configuration for identifying a dependency and its operation */ interface ServiceLevelObjectiveDependencyConfigArgs { /** * If this SLO is related to a metric collected by Application Signals, you must use this field to specify which dependency the SLO metric is related to. * * - `Type` designates the type of object this is. * - `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` . * - `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Environment` specifies the location where this object is hosted, or what it belongs to. */ dependencyKeyAttributes: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * When the SLO monitors a specific operation of the dependency, this field specifies the name of that operation in the dependency. */ dependencyOperationName: pulumi.Input; } /** * A dimension is a name/value pair that is part of the identity of a metric. Because dimensions are part of the unique identifier for a metric, whenever you add a unique name/value pair to one of your metrics, you are creating a new variation of that metric. For example, many Amazon EC2 metrics publish `InstanceId` as a dimension name, and the actual instance ID as the value for that dimension. You can assign up to 30 dimensions to a metric. */ interface ServiceLevelObjectiveDimensionArgs { /** * The name of the dimension. Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). ASCII control characters are not supported as part of dimension names. */ name: pulumi.Input; /** * The value of the dimension. Dimension values must contain only ASCII characters and must include at least one non-whitespace character. ASCII control characters are not supported as part of dimension values */ value: pulumi.Input; } /** * This object defines a time exclusion window for this SLO. The time exclusion window is used to exclude breaching data points from affecting attainment rate, error budget, and burn rate metrics. */ interface ServiceLevelObjectiveExclusionWindowArgs { /** * An optional reason for scheduling this time exclusion window. Default is 'No reason'. */ reason?: pulumi.Input; recurrenceRule?: pulumi.Input; /** * The time you want the exclusion window to start at. Note that time exclusion windows can only be scheduled in the future, not the past. */ startTime?: pulumi.Input; window: pulumi.Input; } /** * A structure that contains the attributes that determine the goal of the SLO. This includes the time period for evaluation and the attainment threshold. */ interface ServiceLevelObjectiveGoalArgs { /** * The threshold that determines if the goal is being met. An attainment goal is the ratio of good periods that meet the threshold requirements to the total periods within the interval. For example, an attainment goal of 99.9% means that within your interval, you are targeting 99.9% of the periods to be in healthy state. * If you omit this parameter, 99 is used to represent 99% as the attainment goal. */ attainmentGoal?: pulumi.Input; /** * The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval. * * If you omit this parameter, a rolling interval of 7 days is used. */ interval?: pulumi.Input; /** * The percentage of remaining budget over total budget that you want to get warnings for. If you omit this parameter, the default of 50.0 is used. */ warningThreshold?: pulumi.Input; } /** * The time period used to evaluate the SLO. It can be either a calendar interval or rolling interval. * If you omit this parameter, a rolling interval of 7 days is used. */ interface ServiceLevelObjectiveIntervalArgs { /** * If the interval is a calendar interval, this structure contains the interval specifications. */ calendarInterval?: pulumi.Input; /** * If the interval is a rolling interval, this structure contains the interval specifications. */ rollingInterval?: pulumi.Input; } /** * This structure defines the metric used for a service level indicator, including the metric name, namespace, and dimensions. */ interface ServiceLevelObjectiveMetricArgs { /** * An array of one or more dimensions to use to define the metric that you want to use. */ dimensions?: pulumi.Input[]>; /** * The name of the metric to use. */ metricName?: pulumi.Input; /** * The namespace of the metric. */ namespace?: pulumi.Input; } /** * Use this structure to define a metric or metric math expression that you want to use as for a service level objective. * Each `MetricDataQuery` in the `MetricDataQueries` array specifies either a metric to retrieve, or a metric math expression to be performed on retrieved metrics. A single `MetricDataQueries` array can include as many as 20 `MetricDataQuery` structures in the array. The 20 structures can include as many as 10 structures that contain a `MetricStat` parameter to retrieve a metric, and as many as 10 structures that contain the `Expression` parameter to perform a math expression. Of those Expression structures, exactly one must have true as the value for `ReturnData`. The result of this expression used for the SLO. */ interface ServiceLevelObjectiveMetricDataQueryArgs { /** * The ID of the account where the metrics are located, if this is a cross-account alarm. */ accountId?: pulumi.Input; /** * The math expression to be performed on the returned data. */ expression?: pulumi.Input; /** * A short name used to tie this object to the results in the response. */ id: pulumi.Input; /** * A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery, you must specify either Expression or MetricStat but not both. */ metricStat?: pulumi.Input; /** * This option indicates whether to return the timestamps and raw data values of this metric. */ returnData?: pulumi.Input; } /** * A metric to be used directly for the SLO, or to be used in the math expression that will be used for the SLO. Within one MetricDataQuery object, you must specify either Expression or MetricStat but not both. */ interface ServiceLevelObjectiveMetricStatArgs { metric: pulumi.Input; /** * The granularity, in seconds, to be used for the metric. */ period: pulumi.Input; /** * The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic. */ stat: pulumi.Input; /** * If you omit Unit then all data that was collected with any unit is returned, along with the corresponding units that were specified when the data was reported to CloudWatch. If you specify a unit, the operation returns only data that was collected with that unit specified. If you specify a unit that does not match the data collected, the results of the operation are null. CloudWatch does not perform unit conversions. */ unit?: pulumi.Input; } /** * This structure defines the metric that is used as the "good request" or "bad request" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` is divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks. */ interface ServiceLevelObjectiveMonitoredRequestCountMetricArgs { /** * If you want to count "bad requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "bad requests" in this structure. */ badCountMetric?: pulumi.Input[]>; /** * If you want to count "good requests" to determine the percentage of successful requests for this request-based SLO, specify the metric to use as "good requests" in this structure. */ goodCountMetric?: pulumi.Input[]>; } /** * This object defines how often to repeat a time exclusion window. */ interface ServiceLevelObjectiveRecurrenceRuleArgs { /** * A cron or rate expression denoting how often to repeat this exclusion window. */ expression: pulumi.Input; } /** * This structure contains information about the performance metric that a request-based SLO monitors. */ interface ServiceLevelObjectiveRequestBasedSliArgs { /** * The arithmetic operation used when comparing the specified metric to the threshold. */ comparisonOperator?: pulumi.Input; /** * The value that the SLI metric is compared to. */ metricThreshold?: pulumi.Input; /** * A structure that contains information about the metric that the SLO monitors. */ requestBasedSliMetric: pulumi.Input; } /** * This structure contains the information about the metric that is used for a request-based SLO. */ interface ServiceLevelObjectiveRequestBasedSliMetricArgs { /** * Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` . */ dependencyConfig?: pulumi.Input; /** * This is a string-to-string map that contains information about the type of object that this SLO is related to. It can include the following fields. * * - `Type` designates the type of object that this SLO is related to. * - `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` . * - `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Environment` specifies the location where this object is hosted, or what it belongs to. * - `AwsAccountId` allows you to create an SLO for an object that exists in another account. */ keyAttributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used. */ metricType?: pulumi.Input; /** * Use this structure to define the metric that you want to use as the "good request" or "bad request" value for a request-based SLO. This value observed for the metric defined in `TotalRequestCountMetric` will be divided by the number found for `MonitoredRequestCountMetric` to determine the percentage of successful requests that this SLO tracks. */ monitoredRequestCountMetric?: pulumi.Input; /** * If the SLO monitors a specific operation of the service, this field displays that operation name. */ operationName?: pulumi.Input; /** * This structure defines the metric that is used as the "total requests" number for a request-based SLO. The number observed for this metric is divided by the number of "good requests" or "bad requests" that is observed for the metric defined in `MonitoredRequestCountMetric`. */ totalRequestCountMetric?: pulumi.Input[]>; } /** * If the interval is a calendar interval, this structure contains the interval specifications. */ interface ServiceLevelObjectiveRollingIntervalArgs { /** * Specifies the duration of each rolling interval. For example, if `Duration` is `7` and `DurationUnit` is `DAY` , each rolling interval is seven days. */ duration: pulumi.Input; /** * Specifies the rolling interval unit. */ durationUnit: pulumi.Input; } /** * This structure contains information about the performance metric that an SLO monitors. */ interface ServiceLevelObjectiveSliArgs { /** * The arithmetic operation used when comparing the specified metric to the threshold. */ comparisonOperator: pulumi.Input; /** * The value that the SLI metric is compared to. */ metricThreshold: pulumi.Input; /** * Use this structure to specify the metric to be used for the SLO. */ sliMetric: pulumi.Input; } /** * A structure that contains information about the metric that the SLO monitors. */ interface ServiceLevelObjectiveSliMetricArgs { /** * Identifies the dependency using the `DependencyKeyAttributes` and `DependencyOperationName` . */ dependencyConfig?: pulumi.Input; /** * If this SLO is related to a metric collected by Application Signals, you must use this field to specify which service the SLO metric is related to. To do so, you must specify at least the `Type` , `Name` , and `Environment` attributes. * * This is a string-to-string map. It can include the following fields. * * - `Type` designates the type of object this is. * - `ResourceType` specifies the type of the resource. This field is used only when the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Name` specifies the name of the object. This is used only if the value of the `Type` field is `Service` , `RemoteService` , or `AWS::Service` . * - `Identifier` identifies the resource objects of this resource. This is used only if the value of the `Type` field is `Resource` or `AWS::Resource` . * - `Environment` specifies the location where this object is hosted, or what it belongs to. */ keyAttributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * If this SLO monitors a CloudWatch metric or the result of a CloudWatch metric math expression, use this structure to specify that metric or expression. */ metricDataQueries?: pulumi.Input[]>; /** * If the SLO monitors either the LATENCY or AVAILABILITY metric that Application Signals collects, this field displays which of those metrics is used. */ metricType?: pulumi.Input; /** * If the SLO monitors a specific operation of the service, this field displays that operation name. */ operationName?: pulumi.Input; /** * The number of seconds to use as the period for SLO evaluation. Your application's performance is compared to the SLI during each period. For each period, the application is determined to have either achieved or not achieved the necessary performance. */ periodSeconds?: pulumi.Input; /** * The statistic to use for comparison to the threshold. It can be any CloudWatch statistic or extended statistic */ statistic?: pulumi.Input; } /** * This object defines the length of time an exclusion window should span. */ interface ServiceLevelObjectiveWindowArgs { duration: pulumi.Input; durationUnit: pulumi.Input; } } export declare namespace apprunner { /** * Describes the configuration of the tracing feature within an AWS App Runner observability configuration. */ interface ObservabilityConfigurationTraceConfigurationArgs { /** * The implementation provider chosen for tracing App Runner services. */ vendor: pulumi.Input; } /** * Authentication Configuration */ interface ServiceAuthenticationConfigurationArgs { /** * Access Role Arn */ accessRoleArn?: pulumi.Input; /** * Connection Arn */ connectionArn?: pulumi.Input; } /** * Code Configuration */ interface ServiceCodeConfigurationArgs { /** * The basic configuration for building and running the App Runner service. Use it to quickly launch an App Runner service without providing a `apprunner.yaml` file in the source code repository (or ignoring the file if it exists). */ codeConfigurationValues?: pulumi.Input; /** * Configuration Source */ configurationSource: pulumi.Input; } /** * Code Configuration Values */ interface ServiceCodeConfigurationValuesArgs { /** * Build Command */ buildCommand?: pulumi.Input; /** * Port */ port?: pulumi.Input; /** * Runtime */ runtime: pulumi.Input; /** * The secrets and parameters that get referenced by your service as environment variables */ runtimeEnvironmentSecrets?: pulumi.Input[]>; /** * The environment variables that are available to your running AWS App Runner service. An array of key-value pairs. */ runtimeEnvironmentVariables?: pulumi.Input[]>; /** * Start Command */ startCommand?: pulumi.Input; } /** * Source Code Repository */ interface ServiceCodeRepositoryArgs { /** * Configuration for building and running the service from a source code repository. * * > `CodeConfiguration` is required only for `CreateService` request. */ codeConfiguration?: pulumi.Input; /** * Repository Url */ repositoryUrl: pulumi.Input; /** * The version that should be used within the source code repository. */ sourceCodeVersion: pulumi.Input; /** * Source Directory */ sourceDirectory?: pulumi.Input; } /** * Network egress configuration */ interface ServiceEgressConfigurationArgs { /** * Network egress type. */ egressType: pulumi.Input; /** * The Amazon Resource Name (ARN) of the App Runner VpcConnector. */ vpcConnectorArn?: pulumi.Input; } /** * Encryption configuration (KMS key) */ interface ServiceEncryptionConfigurationArgs { /** * The KMS Key */ kmsKey: pulumi.Input; } /** * Health check configuration */ interface ServiceHealthCheckConfigurationArgs { /** * Health check Healthy Threshold */ healthyThreshold?: pulumi.Input; /** * Health check Interval */ interval?: pulumi.Input; /** * Health check Path */ path?: pulumi.Input; /** * Health Check Protocol */ protocol?: pulumi.Input; /** * Health check Timeout */ timeout?: pulumi.Input; /** * Health check Unhealthy Threshold */ unhealthyThreshold?: pulumi.Input; } /** * Image Configuration */ interface ServiceImageConfigurationArgs { /** * Port */ port?: pulumi.Input; /** * The secrets and parameters that get referenced by your service as environment variables */ runtimeEnvironmentSecrets?: pulumi.Input[]>; /** * Environment variables that are available to your running App Runner service. An array of key-value pairs. */ runtimeEnvironmentVariables?: pulumi.Input[]>; /** * Start Command */ startCommand?: pulumi.Input; } /** * Image Repository */ interface ServiceImageRepositoryArgs { /** * Configuration for running the identified image. */ imageConfiguration?: pulumi.Input; /** * Image Identifier */ imageIdentifier: pulumi.Input; /** * Image Repository Type */ imageRepositoryType: pulumi.Input; } /** * Network ingress configuration */ interface ServiceIngressConfigurationArgs { /** * It's set to true if the Apprunner service is publicly accessible. It's set to false otherwise. */ isPubliclyAccessible: pulumi.Input; } /** * Instance Configuration */ interface ServiceInstanceConfigurationArgs { /** * CPU */ cpu?: pulumi.Input; /** * Instance Role Arn */ instanceRoleArn?: pulumi.Input; /** * Memory */ memory?: pulumi.Input; } interface ServiceKeyValuePairArgs { /** * The key name string to map to a value. */ name?: pulumi.Input; /** * The value string to which the key name is mapped. */ value?: pulumi.Input; } /** * Network configuration */ interface ServiceNetworkConfigurationArgs { /** * Network configuration settings for outbound message traffic. */ egressConfiguration?: pulumi.Input; /** * Network configuration settings for inbound message traffic. */ ingressConfiguration?: pulumi.Input; /** * App Runner service endpoint IP address type */ ipAddressType?: pulumi.Input; } /** * Service observability configuration */ interface ServiceObservabilityConfigurationArgs { /** * The Amazon Resource Name (ARN) of the App Runner ObservabilityConfiguration. */ observabilityConfigurationArn?: pulumi.Input; /** * Observability enabled */ observabilityEnabled: pulumi.Input; } /** * Source Code Version */ interface ServiceSourceCodeVersionArgs { /** * Source Code Version Type */ type: pulumi.Input; /** * Source Code Version Value */ value: pulumi.Input; } /** * Source Code configuration */ interface ServiceSourceConfigurationArgs { /** * Describes the resources that are needed to authenticate access to some source repositories. */ authenticationConfiguration?: pulumi.Input; /** * Auto Deployment enabled */ autoDeploymentsEnabled?: pulumi.Input; /** * The description of a source code repository. * * You must provide either this member or `ImageRepository` (but not both). */ codeRepository?: pulumi.Input; /** * The description of a source image repository. * * You must provide either this member or `CodeRepository` (but not both). */ imageRepository?: pulumi.Input; } /** * The configuration of customer’s VPC and related VPC endpoint */ interface VpcIngressConnectionIngressVpcConfigurationArgs { /** * The ID of the VPC endpoint that your App Runner service connects to. */ vpcEndpointId: pulumi.Input; /** * The ID of the VPC that the VPC endpoint is used in. */ vpcId: pulumi.Input; } } export declare namespace appstream { interface AppBlockBuilderAccessEndpointArgs { /** * The type of interface endpoint. */ endpointType: pulumi.Input; /** * The identifier (ID) of the VPC in which the interface endpoint is used. */ vpceId: pulumi.Input; } interface AppBlockBuilderVpcConfigArgs { /** * The identifiers of the security groups for the fleet or image builder. */ securityGroupIds?: pulumi.Input[]>; /** * The identifiers of the subnets to which a network interface is attached from the fleet instance or image builder instance. Fleet instances use one or more subnets. Image builder instances use one subnet. */ subnetIds?: pulumi.Input[]>; } interface AppBlockS3LocationArgs { /** * The S3 bucket of the app block. */ s3Bucket: pulumi.Input; /** * The S3 key of the S3 object of the virtual hard disk. * * This is required when it's used by `SetupScriptDetails` and `PostSetupScriptDetails` . */ s3Key?: pulumi.Input; } interface AppBlockScriptDetailsArgs { /** * The parameters used in the run path for the script. */ executableParameters?: pulumi.Input; /** * The run path for the script. */ executablePath: pulumi.Input; /** * The S3 object location of the script. */ scriptS3Location: pulumi.Input; /** * The run timeout, in seconds, for the script. */ timeoutInSeconds: pulumi.Input; } interface AppBlockTag0PropertiesArgs { key: pulumi.Input; value: pulumi.Input; } interface AppBlockTag1PropertiesArgs { tagKey: pulumi.Input; tagValue: pulumi.Input; } interface ApplicationS3LocationArgs { /** * The S3 bucket of the S3 object. */ s3Bucket: pulumi.Input; /** * The S3 key of the S3 object. */ s3Key: pulumi.Input; } interface ApplicationTag0PropertiesArgs { key: pulumi.Input; value: pulumi.Input; } interface ApplicationTag1PropertiesArgs { tagKey: pulumi.Input; tagValue: pulumi.Input; } interface DirectoryConfigCertificateBasedAuthPropertiesArgs { /** * The ARN of the AWS Certificate Manager Private CA resource. */ certificateAuthorityArn?: pulumi.Input; /** * The status of the certificate-based authentication properties. Fallback is turned on by default when certificate-based authentication is *Enabled* . Fallback allows users to log in using their AD domain password if certificate-based authentication is unsuccessful, or to unlock a desktop lock screen. *Enabled_no_directory_login_fallback* enables certificate-based authentication, but does not allow users to log in using their AD domain password. Users will be disconnected to re-authenticate using certificates. */ status?: pulumi.Input; } interface DirectoryConfigServiceAccountCredentialsArgs { /** * The user name of the account. This account must have the following privileges: create computer objects, join computers to the domain, and change/reset the password on descendant computer objects for the organizational units specified. */ accountName: pulumi.Input; /** * The password for the account. */ accountPassword: pulumi.Input; } interface EntitlementAttributeArgs { /** * A supported AWS IAM SAML PrincipalTag attribute that is matched to a value when a user identity federates to an AppStream 2.0 SAML application. * * The following are supported values: * * - roles * - department * - organization * - groups * - title * - costCenter * - userType */ name: pulumi.Input; /** * A value that is matched to a supported SAML attribute name when a user identity federates to an AppStream 2.0 SAML application. */ value: pulumi.Input; } interface ImageBuilderAccessEndpointArgs { /** * The type of interface endpoint. */ endpointType: pulumi.Input; /** * The identifier (ID) of the VPC in which the interface endpoint is used. */ vpceId: pulumi.Input; } interface ImageBuilderDomainJoinInfoArgs { /** * The fully qualified name of the directory (for example, corp.example.com). */ directoryName?: pulumi.Input; /** * The distinguished name of the organizational unit for computer accounts. */ organizationalUnitDistinguishedName?: pulumi.Input; } interface ImageBuilderVolumeConfigArgs { volumeSizeInGb?: pulumi.Input; } interface ImageBuilderVpcConfigArgs { /** * The identifiers of the security groups for the image builder. */ securityGroupIds?: pulumi.Input[]>; /** * The identifier of the subnet to which a network interface is attached from the image builder instance. An image builder instance can use one subnet. */ subnetIds?: pulumi.Input[]>; } /** * Describes an interface VPC endpoint (interface endpoint) that lets you create a private connection between the virtual private cloud (VPC) that you specify and AppStream 2.0. When you specify an interface endpoint for a stack, users of the stack can connect to AppStream 2.0 only through that endpoint. When you specify an interface endpoint for an image builder, administrators can connect to the image builder only through that endpoint. */ interface StackAccessEndpointArgs { /** * The type of interface endpoint. */ endpointType: pulumi.Input; /** * The identifier (ID) of the VPC in which the interface endpoint is used. */ vpceId: pulumi.Input; } /** * The persistent application settings for users of a stack. */ interface StackApplicationSettingsArgs { /** * Enables or disables persistent application settings for users during their streaming sessions. */ enabled: pulumi.Input; /** * The path prefix for the S3 bucket where users’ persistent application settings are stored. You can allow the same persistent application settings to be used across multiple stacks by specifying the same settings group for each stack. */ settingsGroup?: pulumi.Input; } /** * A connector that enables persistent storage for users. */ interface StackStorageConnectorArgs { /** * The type of storage connector. */ connectorType: pulumi.Input; /** * The names of the domains for the account. */ domains?: pulumi.Input[]>; /** * The ARN of the storage connector. */ resourceIdentifier?: pulumi.Input; } /** * The streaming protocol that you want your stack to prefer. This can be UDP or TCP. Currently, UDP is only supported in the Windows native client. */ interface StackStreamingExperienceSettingsArgs { /** * The preferred protocol that you want to use while streaming your application. */ preferredProtocol?: pulumi.Input; } /** * Specifies an action and whether the action is enabled or disabled for users during their streaming sessions. */ interface StackUserSettingArgs { /** * The action that is enabled or disabled. */ action: pulumi.Input; /** * Specifies the number of characters that can be copied by end users from the local device to the remote session, and to the local device from the remote session. This can be specified only for the CLIPBOARD_COPY_FROM_LOCAL_DEVICE and CLIPBOARD_COPY_TO_LOCAL_DEVICE actions. This defaults to 20,971,520 (20 MB) when unspecified and the permission is ENABLED. This can't be specified when the permission is DISABLED. The value can be between 1 and 20,971,520 (20 MB). */ maximumLength?: pulumi.Input; /** * Indicates whether the action is enabled or disabled. */ permission: pulumi.Input; } } export declare namespace appsync { /** * An auth mode. */ interface ApiAuthModeArgs { authType?: pulumi.Input; } /** * An auth provider for the AppSync API. */ interface ApiAuthProviderArgs { authType: pulumi.Input; cognitoConfig?: pulumi.Input; lambdaAuthorizerConfig?: pulumi.Input; openIdConnectConfig?: pulumi.Input; } /** * Optional authorization configuration for using Amazon Cognito user pools with your API endpoint. */ interface ApiCognitoConfigArgs { appIdClientRegex?: pulumi.Input; awsRegion: pulumi.Input; userPoolId: pulumi.Input; } /** * The configuration for an Event Api */ interface ApiEventConfigArgs { /** * A list of authorization providers. */ authProviders: pulumi.Input[]>; /** * A list of valid authorization modes for the Event API connections. */ connectionAuthModes: pulumi.Input[]>; /** * A list of valid authorization modes for the Event API publishing. */ defaultPublishAuthModes: pulumi.Input[]>; /** * A list of valid authorization modes for the Event API subscriptions. */ defaultSubscribeAuthModes: pulumi.Input[]>; /** * The CloudWatch Logs configuration for the Event API. */ logConfig?: pulumi.Input; } /** * The log config for the AppSync API. */ interface ApiEventLogConfigArgs { /** * The IAM service role that AWS AppSync assumes to publish CloudWatch Logs in your account. */ cloudWatchLogsRoleArn: pulumi.Input; /** * The type of information to log for the Event API. */ logLevel: pulumi.Input; } /** * A LambdaAuthorizerConfig holds configuration on how to authorize AWS AppSync API access when using the AWS_LAMBDA authorizer mode. Be aware that an AWS AppSync API may have only one Lambda authorizer configured at a time. */ interface ApiLambdaAuthorizerConfigArgs { authorizerResultTtlInSeconds?: pulumi.Input; authorizerUri: pulumi.Input; identityValidationExpression?: pulumi.Input; } /** * The OpenID Connect configuration. */ interface ApiOpenIdConnectConfigArgs { authTtl?: pulumi.Input; clientId?: pulumi.Input; iatTtl?: pulumi.Input; issuer: pulumi.Input; } /** * An auth mode. */ interface ChannelNamespaceAuthModeArgs { authType?: pulumi.Input; } interface ChannelNamespaceHandlerConfigArgs { /** * The behavior for the handler. */ behavior: pulumi.Input; /** * The integration data source configuration for the handler. */ integration: pulumi.Input; } interface ChannelNamespaceHandlerConfigsArgs { /** * The configuration for the `OnPublish` handler. */ onPublish?: pulumi.Input; /** * The configuration for the `OnSubscribe` handler. */ onSubscribe?: pulumi.Input; } interface ChannelNamespaceIntegrationArgs { /** * Data source to invoke for this integration. */ dataSourceName: pulumi.Input; /** * The configuration for a Lambda data source. */ lambdaConfig?: pulumi.Input; } interface ChannelNamespaceLambdaConfigArgs { /** * The invocation type for a Lambda data source. */ invokeType: pulumi.Input; } interface DataSourceAuthorizationConfigArgs { /** * The authorization type that the HTTP endpoint requires. */ authorizationType: pulumi.Input; /** * The AWS Identity and Access Management settings. */ awsIamConfig?: pulumi.Input; } interface DataSourceAwsIamConfigArgs { /** * The signing Region for AWS Identity and Access Management authorization. */ signingRegion?: pulumi.Input; /** * The signing service name for AWS Identity and Access Management authorization. */ signingServiceName?: pulumi.Input; } interface DataSourceDeltaSyncConfigArgs { /** * The number of minutes that an Item is stored in the data source. */ baseTableTtl: pulumi.Input; /** * The Delta Sync table name. */ deltaSyncTableName: pulumi.Input; /** * The number of minutes that a Delta Sync log entry is stored in the Delta Sync table. */ deltaSyncTableTtl: pulumi.Input; } interface DataSourceDynamoDbConfigArgs { /** * The AWS Region. */ awsRegion: pulumi.Input; /** * The DeltaSyncConfig for a versioned datasource. */ deltaSyncConfig?: pulumi.Input; /** * The table name. */ tableName: pulumi.Input; /** * Set to TRUE to use AWS Identity and Access Management with this data source. */ useCallerCredentials?: pulumi.Input; /** * Set to TRUE to use Conflict Detection and Resolution with this data source. */ versioned?: pulumi.Input; } interface DataSourceElasticsearchConfigArgs { /** * The AWS Region. */ awsRegion: pulumi.Input; /** * The endpoint. */ endpoint: pulumi.Input; } interface DataSourceEventBridgeConfigArgs { /** * ARN for the EventBridge bus. */ eventBusArn: pulumi.Input; } interface DataSourceHttpConfigArgs { /** * The authorization configuration. */ authorizationConfig?: pulumi.Input; /** * The endpoint. */ endpoint: pulumi.Input; } interface DataSourceLambdaConfigArgs { /** * The ARN for the Lambda function. */ lambdaFunctionArn: pulumi.Input; } interface DataSourceOpenSearchServiceConfigArgs { /** * The AWS Region. */ awsRegion: pulumi.Input; /** * The endpoint. */ endpoint: pulumi.Input; } interface DataSourceRdsHttpEndpointConfigArgs { /** * AWS Region for RDS HTTP endpoint. */ awsRegion: pulumi.Input; /** * The ARN for database credentials stored in AWS Secrets Manager. */ awsSecretStoreArn: pulumi.Input; /** * Logical database name. */ databaseName?: pulumi.Input; /** * Amazon RDS cluster Amazon Resource Name (ARN). */ dbClusterIdentifier: pulumi.Input; /** * Logical schema name. */ schema?: pulumi.Input; } interface DataSourceRelationalDatabaseConfigArgs { /** * Information about the Amazon RDS resource. */ rdsHttpEndpointConfig?: pulumi.Input; /** * The type of relational data source. */ relationalDatabaseSourceType: pulumi.Input; } /** * Describes a runtime used by an AWS AppSync pipeline resolver or AWS AppSync function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. */ interface FunctionConfigurationAppSyncRuntimeArgs { /** * The name of the runtime to use. Currently, the only allowed value is APPSYNC_JS. */ name: pulumi.Input; /** * The version of the runtime to use. Currently, the only allowed version is 1.0.0. */ runtimeVersion: pulumi.Input; } /** * The LambdaConflictHandlerConfig when configuring LAMBDA as the Conflict Handler. */ interface FunctionConfigurationLambdaConflictHandlerConfigArgs { /** * The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } /** * Describes a Sync configuration for a resolver. Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked. */ interface FunctionConfigurationSyncConfigArgs { /** * The Conflict Detection strategy to use. */ conflictDetection: pulumi.Input; /** * The Conflict Resolution strategy to perform in the event of a conflict. */ conflictHandler?: pulumi.Input; /** * The `LambdaConflictHandlerConfig` when configuring `LAMBDA` as the Conflict Handler. */ lambdaConflictHandlerConfig?: pulumi.Input; } interface GraphQlApiAdditionalAuthenticationProviderArgs { /** * The authentication type for API key, AWS Identity and Access Management, OIDC, Amazon Cognito user pools, or AWS Lambda. */ authenticationType: pulumi.Input; /** * Configuration for AWS Lambda function authorization. */ lambdaAuthorizerConfig?: pulumi.Input; /** * The OIDC configuration. */ openIdConnectConfig?: pulumi.Input; /** * The Amazon Cognito user pool configuration. */ userPoolConfig?: pulumi.Input; } interface GraphQlApiCognitoUserPoolConfigArgs { /** * A regular expression for validating the incoming Amazon Cognito user pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * The AWS Region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * The user pool ID */ userPoolId?: pulumi.Input; } interface GraphQlApiEnhancedMetricsConfigArgs { /** * Controls how data source metrics will be emitted to CloudWatch. Data source metrics include: */ dataSourceLevelMetricsBehavior: pulumi.Input; /** * Controls how operation metrics will be emitted to CloudWatch. Operation metrics include: */ operationLevelMetricsConfig: pulumi.Input; /** * Controls how resolver metrics will be emitted to CloudWatch. Resolver metrics include: */ resolverLevelMetricsBehavior: pulumi.Input; } interface GraphQlApiLambdaAuthorizerConfigArgs { /** * The number of seconds a response should be cached for. */ authorizerResultTtlInSeconds?: pulumi.Input; /** * The ARN of the Lambda function to be called for authorization. */ authorizerUri?: pulumi.Input; /** * A regular expression for validation of tokens before the Lambda function is called. */ identityValidationExpression?: pulumi.Input; } interface GraphQlApiLogConfigArgs { /** * The service role that AWS AppSync will assume to publish to Amazon CloudWatch Logs in your account. */ cloudWatchLogsRoleArn: pulumi.Input; /** * Set to TRUE to exclude sections that contain information such as headers, context, and evaluated mapping templates, regardless of logging level. */ excludeVerboseContent?: pulumi.Input; /** * The field logging level. Values can be NONE, ERROR, INFO, DEBUG, or ALL. */ fieldLogLevel: pulumi.Input; } interface GraphQlApiOpenIdConnectConfigArgs { /** * The number of milliseconds that a token is valid after being authenticated. */ authTtl?: pulumi.Input; /** * The client identifier of the Relying party at the OpenID identity provider. */ clientId?: pulumi.Input; /** * The number of milliseconds that a token is valid after it's issued to a user. */ iatTtl?: pulumi.Input; /** * The issuer for the OIDC configuration. */ issuer?: pulumi.Input; } interface GraphQlApiUserPoolConfigArgs { /** * A regular expression for validating the incoming Amazon Cognito user pool app client ID. */ appIdClientRegex?: pulumi.Input; /** * The AWS Region in which the user pool was created. */ awsRegion?: pulumi.Input; /** * The action that you want your GraphQL API to take when a request that uses Amazon Cognito user pool authentication doesn't match the Amazon Cognito user pool configuration. */ defaultAction?: pulumi.Input; /** * The user pool ID. */ userPoolId?: pulumi.Input; } /** * Describes a runtime used by an APSYlong resolver or APSYlong function. Specifies the name and version of the runtime to use. Note that if a runtime is specified, code must also be specified. */ interface ResolverAppSyncRuntimeArgs { /** * The ``name`` of the runtime to use. Currently, the only allowed value is ``APPSYNC_JS``. */ name: pulumi.Input; /** * The ``version`` of the runtime to use. Currently, the only allowed version is ``1.0.0``. */ runtimeVersion: pulumi.Input; } /** * The caching configuration for a resolver that has caching activated. */ interface ResolverCachingConfigArgs { /** * The caching keys for a resolver that has caching activated. * Valid values are entries from the ``$context.arguments``, ``$context.source``, and ``$context.identity`` maps. */ cachingKeys?: pulumi.Input[]>; /** * The TTL in seconds for a resolver that has caching activated. * Valid values are 1–3,600 seconds. */ ttl: pulumi.Input; } /** * The ``LambdaConflictHandlerConfig`` when configuring LAMBDA as the Conflict Handler. */ interface ResolverLambdaConflictHandlerConfigArgs { /** * The Amazon Resource Name (ARN) for the Lambda function to use as the Conflict Handler. */ lambdaConflictHandlerArn?: pulumi.Input; } /** * Use the ``PipelineConfig`` property type to specify ``PipelineConfig`` for an APSYlong resolver. * ``PipelineConfig`` is a property of the [AWS::AppSync::Resolver](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-appsync-resolver.html) resource. */ interface ResolverPipelineConfigArgs { /** * A list of ``Function`` objects. */ functions?: pulumi.Input[]>; } /** * Describes a Sync configuration for a resolver. * Specifies which Conflict Detection strategy and Resolution strategy to use when the resolver is invoked. */ interface ResolverSyncConfigArgs { /** * The Conflict Detection strategy to use. * + *VERSION*: Detect conflicts based on object versions for this resolver. * + *NONE*: Do not detect conflicts when invoking this resolver. */ conflictDetection: pulumi.Input; /** * The Conflict Resolution strategy to perform in the event of a conflict. * + *OPTIMISTIC_CONCURRENCY*: Resolve conflicts by rejecting mutations when versions don't match the latest version at the server. * + *AUTOMERGE*: Resolve conflicts with the Automerge conflict resolution strategy. * + *LAMBDA*: Resolve conflicts with an LAMlong function supplied in the ``LambdaConflictHandlerConfig``. */ conflictHandler?: pulumi.Input; /** * The ``LambdaConflictHandlerConfig`` when configuring ``LAMBDA`` as the Conflict Handler. */ lambdaConflictHandlerConfig?: pulumi.Input; } interface SourceApiAssociationConfigArgs { /** * Configuration of the merged behavior for the association. For example when it could be auto or has to be manual. */ mergeType?: pulumi.Input; } } export declare namespace aps { interface AnomalyDetectorConfigurationArgs { /** * The Random Cut Forest algorithm configuration for anomaly detection. */ randomCutForest: pulumi.Input; } interface AnomalyDetectorIgnoreNearExpectedArgs { amount?: pulumi.Input; ratio?: pulumi.Input; } /** * A key-value pair to provide meta-data and multi-dimensional data analysis for filtering and aggregation. */ interface AnomalyDetectorLabelArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } interface AnomalyDetectorMissingDataActionArgs { markAsAnomaly?: pulumi.Input; skip?: pulumi.Input; } interface AnomalyDetectorRandomCutForestConfigurationArgs { /** * Configuration for ignoring values that are near expected values from above during anomaly detection. */ ignoreNearExpectedFromAbove?: pulumi.Input; /** * Configuration for ignoring values that are near expected values from below during anomaly detection. */ ignoreNearExpectedFromBelow?: pulumi.Input; /** * The Prometheus query used to retrieve the time-series data for anomaly detection. * * > Random Cut Forest queries must be wrapped by a supported PromQL aggregation operator. For more information, see [Aggregation operators](https://docs.aws.amazon.com/https://prometheus.io/docs/prometheus/latest/querying/operators/#aggregation-operators) on the *Prometheus docs* website. * > * > *Supported PromQL aggregation operators* : `avg` , `count` , `group` , `max` , `min` , `quantile` , `stddev` , `stdvar` , and `sum` . */ query: pulumi.Input; /** * The number of data points sampled from the input stream for the Random Cut Forest algorithm. The default number is 256 consecutive data points. */ sampleSize?: pulumi.Input; /** * The number of consecutive data points used to create a shingle for the Random Cut Forest algorithm. The default number is 8 consecutive data points. */ shingleSize?: pulumi.Input; } /** * Represents a cloudwatch logs destination for scraper logging */ interface ScraperCloudWatchLogDestinationArgs { /** * ARN of the CloudWatch log group */ logGroupArn?: pulumi.Input; } interface ScraperComponentArgs { /** * The configuration settings for the scraper component. */ config?: pulumi.Input; /** * The type of the scraper component. */ type: pulumi.Input; } interface ScraperComponentConfigArgs { /** * Configuration options for the scraper component. */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Scraper metrics destination */ interface ScraperDestinationArgs { /** * Configuration for Amazon Managed Prometheus metrics destination */ ampConfiguration?: pulumi.Input; } /** * Configuration for Amazon Managed Prometheus metrics destination */ interface ScraperDestinationAmpConfigurationPropertiesArgs { /** * ARN of an Amazon Managed Prometheus workspace */ workspaceArn: pulumi.Input; } /** * Configuration for scraper logging */ interface ScraperLoggingConfigurationArgs { loggingDestination: pulumi.Input; scraperComponents: pulumi.Input[]>; } /** * Destination for scraper logging */ interface ScraperLoggingDestinationArgs { /** * The CloudWatch Logs configuration for the scraper logging destination. */ cloudWatchLogs?: pulumi.Input; } /** * Role configuration */ interface ScraperRoleConfigurationArgs { /** * IAM Role in source account */ sourceRoleArn?: pulumi.Input; /** * IAM Role in the target account */ targetRoleArn?: pulumi.Input; } /** * Scraper configuration */ interface ScraperScrapeConfigurationArgs { /** * Prometheus compatible scrape configuration in base64 encoded blob format */ configurationBlob?: pulumi.Input; } /** * Scraper metrics source */ interface ScraperSourceArgs { /** * Configuration for EKS metrics source */ eksConfiguration?: pulumi.Input; /** * Configuration for VPC metrics source */ vpcConfiguration?: pulumi.Input; } /** * Configuration for EKS metrics source */ interface ScraperSourceEksConfigurationPropertiesArgs { /** * ARN of an EKS cluster */ clusterArn: pulumi.Input; /** * List of security group IDs */ securityGroupIds?: pulumi.Input[]>; /** * List of subnet IDs */ subnetIds: pulumi.Input[]>; } /** * Configuration for VPC metrics source */ interface ScraperSourceVpcConfigurationPropertiesArgs { /** * List of security group IDs */ securityGroupIds: pulumi.Input[]>; /** * List of subnet IDs */ subnetIds: pulumi.Input[]>; } /** * Represents a cloudwatch logs destination for query logging */ interface WorkspaceCloudWatchLogDestinationArgs { /** * The ARN of the CloudWatch Logs log group */ logGroupArn: pulumi.Input; } /** * Workspace configuration */ interface WorkspaceConfigurationArgs { /** * An array of label set and associated limits */ limitsPerLabelSets?: pulumi.Input[]>; /** * How many days that metrics are retained in the workspace */ retentionPeriodInDays?: pulumi.Input; } /** * Series label */ interface WorkspaceLabelArgs { /** * Name of the label */ name: pulumi.Input; /** * Value of the label */ value: pulumi.Input; } /** * Label set and its associated limits */ interface WorkspaceLimitsPerLabelSetArgs { /** * An array of series labels */ labelSet: pulumi.Input[]>; /** * This structure contains the information about the limits that apply to time series that match this label set. */ limits: pulumi.Input; } /** * Limits that can be applied to a label set */ interface WorkspaceLimitsPerLabelSetEntryArgs { /** * The maximum number of active series that can be ingested for this label set */ maxSeries?: pulumi.Input; } /** * Logging configuration */ interface WorkspaceLoggingConfigurationArgs { /** * CloudWatch log group ARN */ logGroupArn?: pulumi.Input; } /** * Destinations for query logging */ interface WorkspaceLoggingDestinationArgs { /** * Configuration details for logging to CloudWatch Logs. */ cloudWatchLogs: pulumi.Input; /** * Filtering criteria that determine which queries are logged. */ filters: pulumi.Input; } /** * Filters for logging */ interface WorkspaceLoggingFilterArgs { /** * Query logs with QSP above this limit are vended */ qspThreshold: pulumi.Input; } /** * Query logging configuration */ interface WorkspaceQueryLoggingConfigurationArgs { /** * The destinations configuration for query logging */ destinations: pulumi.Input[]>; } } export declare namespace arcregionswitch { interface PlanArcRoutingControlConfigurationArgs { crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; regionAndRoutingControls: pulumi.Input<{ [key: string]: any; }>; timeoutMinutes?: pulumi.Input; } interface PlanAsgArgs { arn?: pulumi.Input; crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; } interface PlanAssociatedAlarmArgs { /** * The alarm type for an associated alarm. An associated CloudWatch alarm can be an application health alarm or a trigger alarm. */ alarmType: pulumi.Input; /** * The cross account role for the configuration. */ crossAccountRole?: pulumi.Input; /** * The external ID (secret key) for the configuration. */ externalId?: pulumi.Input; /** * The resource identifier for alarms that you associate with a plan. */ resourceIdentifier: pulumi.Input; } interface PlanCustomActionLambdaConfigurationArgs { lambdas: pulumi.Input[]>; regionToRun: pulumi.Input; retryIntervalMinutes: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanDocumentDbConfigurationArgs { behavior: any; crossAccountRole?: pulumi.Input; databaseClusterArns: pulumi.Input[]>; externalId?: pulumi.Input; globalClusterIdentifier: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanDocumentDbUngracefulArgs { ungraceful?: pulumi.Input; } interface PlanEc2AsgCapacityIncreaseConfigurationArgs { asgs: pulumi.Input[]>; capacityMonitoringApproach?: any; targetPercent?: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanEc2UngracefulArgs { minimumSuccessPercentage: pulumi.Input; } interface PlanEcsCapacityIncreaseConfigurationArgs { capacityMonitoringApproach?: any; services: pulumi.Input[]>; targetPercent?: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanEcsUngracefulArgs { minimumSuccessPercentage: pulumi.Input; } interface PlanEksClusterArgs { clusterArn: pulumi.Input; crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; } interface PlanEksResourceScalingConfigurationArgs { capacityMonitoringApproach?: any; eksClusters?: pulumi.Input[]>; kubernetesResourceType: pulumi.Input; scalingResources?: pulumi.Input[]>; targetPercent?: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanEksResourceScalingUngracefulArgs { minimumSuccessPercentage: pulumi.Input; } interface PlanExecutionApprovalConfigurationArgs { approvalRole: pulumi.Input; timeoutMinutes?: pulumi.Input; } interface PlanExecutionBlockConfiguration0PropertiesArgs { customActionLambdaConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration10PropertiesArgs { documentDbConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration11PropertiesArgs { rdsPromoteReadReplicaConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration12PropertiesArgs { rdsCreateCrossRegionReadReplicaConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration1PropertiesArgs { ec2AsgCapacityIncreaseConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration2PropertiesArgs { executionApprovalConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration3PropertiesArgs { arcRoutingControlConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration4PropertiesArgs { globalAuroraConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration5PropertiesArgs { parallelConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration6PropertiesArgs { regionSwitchPlanConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration7PropertiesArgs { ecsCapacityIncreaseConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration8PropertiesArgs { eksResourceScalingConfig: pulumi.Input; } interface PlanExecutionBlockConfiguration9PropertiesArgs { route53HealthCheckConfig: pulumi.Input; } interface PlanGlobalAuroraConfigurationArgs { behavior: any; crossAccountRole?: pulumi.Input; databaseClusterArns: pulumi.Input[]>; externalId?: pulumi.Input; globalClusterIdentifier: pulumi.Input; timeoutMinutes?: pulumi.Input; ungraceful?: pulumi.Input; } interface PlanGlobalAuroraUngracefulArgs { ungraceful?: pulumi.Input; } interface PlanKubernetesResourceTypeArgs { apiVersion: pulumi.Input; kind: pulumi.Input; } interface PlanLambdaUngracefulArgs { behavior?: any; } interface PlanLambdasArgs { arn?: pulumi.Input; crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; } interface PlanParallelExecutionBlockConfigurationArgs { steps: pulumi.Input[]>; } interface PlanRdsCreateCrossRegionReplicaConfigurationArgs { crossAccountRole?: pulumi.Input; dbInstanceArnMap: pulumi.Input<{ [key: string]: pulumi.Input; }>; externalId?: pulumi.Input; timeoutMinutes?: pulumi.Input; } interface PlanRdsPromoteReadReplicaConfigurationArgs { crossAccountRole?: pulumi.Input; dbInstanceArnMap: pulumi.Input<{ [key: string]: pulumi.Input; }>; externalId?: pulumi.Input; timeoutMinutes?: pulumi.Input; } interface PlanRegionSwitchPlanConfigurationArgs { arn: pulumi.Input; crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; } interface PlanReportConfigurationArgs { /** * The output configuration for the report. */ reportOutput?: pulumi.Input[]>; } interface PlanReportOutputConfigurationPropertiesArgs { s3Configuration: pulumi.Input; } interface PlanRoute53HealthCheckConfigurationArgs { crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; hostedZoneId: pulumi.Input; recordName: pulumi.Input; recordSets?: pulumi.Input[]>; timeoutMinutes?: pulumi.Input; } interface PlanRoute53ResourceRecordSetArgs { recordSetIdentifier?: pulumi.Input; region?: pulumi.Input; } interface PlanS3ReportOutputConfigurationArgs { bucketOwner?: pulumi.Input; bucketPath?: pulumi.Input; } interface PlanServiceArgs { clusterArn?: pulumi.Input; crossAccountRole?: pulumi.Input; externalId?: pulumi.Input; serviceArn?: pulumi.Input; } interface PlanStepArgs { /** * The description of a step in a workflow. */ description?: pulumi.Input; /** * The configuration for an execution block in a workflow. */ executionBlockConfiguration: pulumi.Input; /** * The type of an execution block in a workflow. */ executionBlockType: pulumi.Input; /** * The name of a step in a workflow. */ name: pulumi.Input; } interface PlanTriggerArgs { /** * The action to perform when the trigger fires. Valid values include ACTIVATE and DEACTIVATE. */ action: pulumi.Input; /** * The conditions that must be met for the trigger to fire. */ conditions: pulumi.Input[]>; /** * The description for a trigger. */ description?: pulumi.Input; /** * The minimum time, in minutes, that must elapse between automatic executions of the plan. */ minDelayMinutesBetweenExecutions: pulumi.Input; /** * The AWS Region for a trigger. */ targetRegion: pulumi.Input; } interface PlanTriggerConditionArgs { /** * The name of the CloudWatch alarm associated with the condition. */ associatedAlarmName: pulumi.Input; /** * The condition that must be met. Valid values include ALARM and OK. */ condition: pulumi.Input; } interface PlanWorkflowArgs { /** * The steps that make up the workflow. */ steps?: pulumi.Input[]>; /** * The description of the workflow. */ workflowDescription?: pulumi.Input; /** * The action that the workflow performs. Valid values include ACTIVATE and DEACTIVATE. */ workflowTargetAction: pulumi.Input; /** * The AWS Region that the workflow targets. */ workflowTargetRegion?: pulumi.Input; } } export declare namespace arczonalshift { interface ZonalAutoshiftConfigurationControlConditionArgs { /** * The Amazon Resource Name (ARN) for an Amazon CloudWatch alarm that you specify as a control condition for a practice run. */ alarmIdentifier: pulumi.Input; /** * The type of alarm specified for a practice run. You can only specify Amazon CloudWatch alarms for practice runs, so the only valid value is `CLOUDWATCH` . */ type: pulumi.Input; } interface ZonalAutoshiftConfigurationPracticeRunConfigurationArgs { /** * An array of one or more dates that you can specify when AWS does not start practice runs for a resource. Dates are in UTC. * * Specify blocked dates in the format `YYYY-MM-DD` , separated by spaces. */ blockedDates?: pulumi.Input[]>; /** * An array of one or more days and times that you can specify when ARC does not start practice runs for a resource. Days and times are in UTC. * * Specify blocked windows in the format `DAY:HH:MM-DAY:HH:MM` , separated by spaces. For example, `MON:18:30-MON:19:30 TUE:18:30-TUE:19:30` . * * > Blocked windows have to start and end on the same day. Windows that span multiple days aren't supported. */ blockedWindows?: pulumi.Input[]>; /** * An optional alarm that you can specify that blocks practice runs when the alarm is in an `ALARM` state. When a blocking alarm goes into an `ALARM` state, it prevents practice runs from being started, and ends practice runs that are in progress. */ blockingAlarms?: pulumi.Input[]>; /** * The alarm that you specify to monitor the health of your application during practice runs. When the outcome alarm goes into an `ALARM` state, the practice run is ended and the outcome is set to `FAILED` . */ outcomeAlarms: pulumi.Input[]>; } } export declare namespace athena { interface CapacityReservationCapacityAssignmentArgs { workgroupNames: pulumi.Input[]>; } /** * Assignment configuration to assign workgroups to a reservation */ interface CapacityReservationCapacityAssignmentConfigurationArgs { /** * The list of assignments that make up the capacity assignment configuration. */ capacityAssignments: pulumi.Input[]>; } /** * Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results */ interface WorkGroupAclConfigurationArgs { /** * The Amazon S3 canned ACL that Athena should specify when storing query results, including data files inserted by Athena as the result of statements like CTAS or INSERT INTO. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . If a query runs in a workgroup and the workgroup overrides client-side settings, then the Amazon S3 canned ACL specified in the workgroup's settings is used for all queries that run in the workgroup. For more information about Amazon S3 canned ACLs, see [Canned ACL](https://docs.aws.amazon.com/AmazonS3/latest/userguide/acl-overview.html#canned-acl) in the *Amazon S3 User Guide* . */ s3AclOption: pulumi.Input; } /** * A classification refers to a set of specific configurations. */ interface WorkGroupClassificationArgs { /** * The name of the configuration classification. */ name?: pulumi.Input; /** * A set of properties specified within a configuration classification. */ properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Configuration settings for delivering logs to Amazon CloudWatch log groups. */ interface WorkGroupCloudWatchLoggingConfigurationArgs { /** * Enables CloudWatch logging. */ enabled?: pulumi.Input; /** * The name of the log group in Amazon CloudWatch Logs where you want to publish your logs. */ logGroup?: pulumi.Input; /** * Prefix for the CloudWatch log stream name. */ logStreamNamePrefix?: pulumi.Input; /** * The types of logs that you want to publish to CloudWatch. */ logTypes?: pulumi.Input<{ [key: string]: pulumi.Input[]>; }>; } interface WorkGroupConfigurationArgs { /** * Specifies a user defined JSON string that is passed to the session engine. */ additionalConfiguration?: pulumi.Input; /** * The upper limit (cutoff) for the amount of bytes a single query in a workgroup is allowed to scan. No default is defined. * * > This property currently supports integer types. Support for long values is planned. */ bytesScannedCutoffPerQuery?: pulumi.Input; /** * Specifies the KMS key that is used to encrypt the user's data stores in Athena. This setting does not apply to Athena SQL workgroups. */ customerContentEncryptionConfiguration?: pulumi.Input; /** * If set to "true", the settings for the workgroup override client-side settings. If set to "false", client-side settings are used. For more information, see [Override client-side settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ enforceWorkGroupConfiguration?: pulumi.Input; engineConfiguration?: pulumi.Input; /** * The engine version that all queries running on the workgroup use. */ engineVersion?: pulumi.Input; /** * Role used to access user resources in an Athena for Apache Spark session. This property applies only to Spark-enabled workgroups in Athena. */ executionRole?: pulumi.Input; /** * The configuration for storing results in Athena owned storage, which includes whether this feature is enabled; whether encryption configuration, if any, is used for encrypting query results. */ managedQueryResultsConfiguration?: pulumi.Input; /** * Contains the configuration settings for managed log persistence, delivering logs to Amazon S3 buckets, Amazon CloudWatch log groups etc. */ monitoringConfiguration?: pulumi.Input; /** * Indicates that the Amazon CloudWatch metrics are enabled for the workgroup. */ publishCloudWatchMetricsEnabled?: pulumi.Input; /** * If set to `true` , allows members assigned to a workgroup to reference Amazon S3 Requester Pays buckets in queries. If set to `false` , workgroup members cannot query data from Requester Pays buckets, and queries that retrieve data from Requester Pays buckets cause an error. The default is `false` . For more information about Requester Pays buckets, see [Requester Pays Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/RequesterPaysBuckets.html) in the *Amazon Simple Storage Service Developer Guide* . */ requesterPaysEnabled?: pulumi.Input; /** * Specifies the location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. For more information, see [Work with query results and recent queries](https://docs.aws.amazon.com/athena/latest/ug/querying.html) . */ resultConfiguration?: pulumi.Input; } /** * The configuration information that will be updated for this workgroup, which includes the location in Amazon S3 where query results are stored, the encryption option, if any, used for query results, whether the Amazon CloudWatch Metrics are enabled for the workgroup, whether the workgroup settings override the client-side settings, and the data usage limit for the amount of bytes scanned per query, if it is specified. */ interface WorkGroupConfigurationUpdatesArgs { additionalConfiguration?: pulumi.Input; bytesScannedCutoffPerQuery?: pulumi.Input; customerContentEncryptionConfiguration?: pulumi.Input; enforceWorkGroupConfiguration?: pulumi.Input; engineConfiguration?: pulumi.Input; engineVersion?: pulumi.Input; executionRole?: pulumi.Input; managedQueryResultsConfiguration?: pulumi.Input; monitoringConfiguration?: pulumi.Input; publishCloudWatchMetricsEnabled?: pulumi.Input; removeBytesScannedCutoffPerQuery?: pulumi.Input; removeCustomerContentEncryptionConfiguration?: pulumi.Input; requesterPaysEnabled?: pulumi.Input; resultConfigurationUpdates?: pulumi.Input; } /** * Indicates the KMS key for encrypting notebook content. */ interface WorkGroupCustomerContentEncryptionConfigurationArgs { /** * The customer managed KMS key that is used to encrypt the user's data stores in Athena. */ kmsKey: pulumi.Input; } /** * If query results are encrypted in Amazon S3, indicates the encryption option used (for example, SSE-KMS or CSE-KMS) and key information. */ interface WorkGroupEncryptionConfigurationArgs { /** * Indicates whether Amazon S3 server-side encryption with Amazon S3-managed keys ( `SSE_S3` ), server-side encryption with KMS-managed keys ( `SSE_KMS` ), or client-side encryption with KMS-managed keys ( `CSE_KMS` ) is used. * * If a query runs in a workgroup and the workgroup overrides client-side settings, then the workgroup's setting for encryption is used. It specifies whether query results must be encrypted, for all queries that run in this workgroup. */ encryptionOption: pulumi.Input; /** * For `SSE_KMS` and `CSE_KMS` , this is the KMS key ARN or ID. */ kmsKey?: pulumi.Input; } /** * The engine configuration for running queries. */ interface WorkGroupEngineConfigurationArgs { /** * Contains additional notebook engine MAP parameter mappings in the form of key-value pairs. To specify an Athena notebook that the Jupyter server will download and serve, specify a value for the StartSessionRequest$NotebookVersion field, and then add a key named NotebookId to AdditionalConfigs that has the value of the Athena notebook ID. */ additionalConfigs?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The configuration classifications that can be specified for the engine. */ classifications?: pulumi.Input[]>; /** * The number of DPUs to use for the coordinator. A coordinator is a special executor that orchestrates processing work and manages other executors in a notebook session. The default is 1. */ coordinatorDpuSize?: pulumi.Input; /** * The default number of DPUs to use for executors. An executor is the smallest unit of compute that a notebook session can request from Athena. The default is 1. */ defaultExecutorDpuSize?: pulumi.Input; /** * The maximum number of DPUs that can run concurrently. */ maxConcurrentDpus?: pulumi.Input; /** * Specifies custom jar files and Spark properties for use cases like cluster encryption, table formats, and general Spark tuning. */ sparkProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The Athena engine version for running queries. */ interface WorkGroupEngineVersionArgs { /** * Read only. The engine version on which the query runs. If the user requests a valid engine version other than Auto, the effective engine version is the same as the engine version that the user requested. If the user requests Auto, the effective engine version is chosen by Athena. When a request to update the engine version is made by a `CreateWorkGroup` or `UpdateWorkGroup` operation, the `EffectiveEngineVersion` field is ignored. */ effectiveEngineVersion?: pulumi.Input; /** * The engine version requested by the user. Possible values are determined by the output of `ListEngineVersions` , including AUTO. The default is AUTO. */ selectedEngineVersion?: pulumi.Input; } /** * Configuration settings for managed log persistence. */ interface WorkGroupManagedLoggingConfigurationArgs { /** * Enables managed log persistence. */ enabled?: pulumi.Input; /** * The KMS key ARN to encrypt the logs stored in managed log persistence. */ kmsKey?: pulumi.Input; } /** * The configuration for the managed query results and encryption option. ResultConfiguration and ManagedQueryResultsConfiguration cannot be set at the same time */ interface WorkGroupManagedQueryResultsConfigurationArgs { /** * If set to true, allows you to store query results in Athena owned storage. If set to false, workgroup member stores query results in location specified under `ResultConfiguration$OutputLocation` . The default is false. A workgroup cannot have the `ResultConfiguration$OutputLocation` parameter when you set this field to true. */ enabled?: pulumi.Input; /** * If you encrypt query and calculation results in Athena owned storage, this field indicates the encryption option (for example, SSE_KMS or CSE_KMS) and key information. */ encryptionConfiguration?: pulumi.Input; } /** * Indicates the encryption configuration for Athena Managed Storage. If not setting this field, Managed Storage will encrypt the query results with Athena's encryption key */ interface WorkGroupManagedStorageEncryptionConfigurationArgs { kmsKey?: pulumi.Input; } /** * Contains the configuration settings for managed log persistence, delivering logs to Amazon S3 buckets, Amazon CloudWatch log groups etc. */ interface WorkGroupMonitoringConfigurationArgs { /** * Configuration settings for delivering logs to Amazon CloudWatch log groups. */ cloudWatchLoggingConfiguration?: pulumi.Input; /** * Configuration settings for managed log persistence. */ managedLoggingConfiguration?: pulumi.Input; /** * Configuration settings for delivering logs to Amazon S3 buckets. */ s3LoggingConfiguration?: pulumi.Input; } /** * The location in Amazon S3 where query results are stored and the encryption option, if any, used for query results. These are known as "client-side settings". If workgroup settings override client-side settings, then the query uses the workgroup settings. */ interface WorkGroupResultConfigurationArgs { /** * Indicates that an Amazon S3 canned ACL should be set to control ownership of stored query results. Currently the only supported canned ACL is `BUCKET_OWNER_FULL_CONTROL` . This is a client-side setting. If workgroup settings override client-side settings, then the query uses the ACL configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` . */ aclConfiguration?: pulumi.Input; /** * If query results are encrypted in Amazon S3, indicates the encryption option used (for example, `SSE_KMS` or `CSE_KMS` ) and key information. This is a client-side setting. If workgroup settings override client-side settings, then the query uses the encryption configuration that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` and [Override client-side settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ encryptionConfiguration?: pulumi.Input; /** * The account ID that you expect to be the owner of the Amazon S3 bucket specified by `ResultConfiguration:OutputLocation` . If set, Athena uses the value for `ExpectedBucketOwner` when it makes Amazon S3 calls to your specified output location. If the `ExpectedBucketOwner` account ID does not match the actual owner of the Amazon S3 bucket, the call fails with a permissions error. * * This is a client-side setting. If workgroup settings override client-side settings, then the query uses the `ExpectedBucketOwner` setting that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See `EnforceWorkGroupConfiguration` . */ expectedBucketOwner?: pulumi.Input; /** * The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/` . To run a query, you must specify the query results location using either a client-side setting for individual queries or a location specified by the workgroup. If workgroup settings override client-side settings, then the query uses the location specified for the workgroup. If no query location is set, Athena issues an error. For more information, see [Work with query results and recent queries](https://docs.aws.amazon.com/athena/latest/ug/querying.html) and `EnforceWorkGroupConfiguration` . */ outputLocation?: pulumi.Input; } /** * The result configuration information about the queries in this workgroup that will be updated. Includes the updated results location and an updated option for encrypting query results. */ interface WorkGroupResultConfigurationUpdatesArgs { /** * The ACL configuration for the query results. */ aclConfiguration?: pulumi.Input; /** * The encryption configuration for the query results. */ encryptionConfiguration?: pulumi.Input; /** * The AWS account ID that you expect to be the owner of the Amazon S3 bucket specified by [](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-athena-workgroup-resultconfiguration.html#cfn-athena-workgroup-resultconfiguration-outputlocation) . If set, Athena uses the value for `ExpectedBucketOwner` when it makes Amazon S3 calls to your specified output location. If the `ExpectedBucketOwner` AWS account ID does not match the actual owner of the Amazon S3 bucket, the call fails with a permissions error. * * If workgroup settings override client-side settings, then the query uses the `ExpectedBucketOwner` setting that is specified for the workgroup, and also uses the location for storing query results specified in the workgroup. See [](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-athena-workgroup-workgroupconfiguration.html#cfn-athena-workgroup-workgroupconfiguration-enforceworkgroupconfiguration) and [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ expectedBucketOwner?: pulumi.Input; /** * The location in Amazon S3 where your query results are stored, such as `s3://path/to/query/bucket/` . For more information, see [Query Results](https://docs.aws.amazon.com/athena/latest/ug/querying.html) If workgroup settings override client-side settings, then the query uses the location for the query results and the encryption configuration that are specified for the workgroup. The "workgroup settings override" is specified in EnforceWorkGroupConfiguration (true/false) in the WorkGroupConfiguration. See `EnforceWorkGroupConfiguration` . */ outputLocation?: pulumi.Input; /** * If set to `true` , indicates that the previously-specified ACL configuration for queries in this workgroup should be ignored and set to null. If set to `false` or not set, and a value is present in the `AclConfiguration` of `ResultConfigurationUpdates` , the `AclConfiguration` in the workgroup's `ResultConfiguration` is updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ removeAclConfiguration?: pulumi.Input; /** * If set to "true", indicates that the previously-specified encryption configuration (also known as the client-side setting) for queries in this workgroup should be ignored and set to null. If set to "false" or not set, and a value is present in the EncryptionConfiguration in ResultConfigurationUpdates (the client-side setting), the EncryptionConfiguration in the workgroup's ResultConfiguration will be updated with the new value. For more information, see [Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ removeEncryptionConfiguration?: pulumi.Input; /** * If set to "true", removes the AWS account ID previously specified for [](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-athena-workgroup-resultconfiguration.html#cfn-athena-workgroup-resultconfiguration-expectedbucketowner) . If set to "false" or not set, and a value is present in the `ExpectedBucketOwner` in `ResultConfigurationUpdates` (the client-side setting), the `ExpectedBucketOwner` in the workgroup's `ResultConfiguration` is updated with the new value. For more information, see [Workgroup Settings Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ removeExpectedBucketOwner?: pulumi.Input; /** * If set to "true", indicates that the previously-specified query results location (also known as a client-side setting) for queries in this workgroup should be ignored and set to null. If set to "false" or not set, and a value is present in the OutputLocation in ResultConfigurationUpdates (the client-side setting), the OutputLocation in the workgroup's ResultConfiguration will be updated with the new value. For more information, see [Override Client-Side Settings](https://docs.aws.amazon.com/athena/latest/ug/workgroups-settings-override.html) . */ removeOutputLocation?: pulumi.Input; } /** * Configuration settings for delivering logs to Amazon S3 buckets. */ interface WorkGroupS3LoggingConfigurationArgs { /** * Enables S3 log delivery. */ enabled?: pulumi.Input; /** * The KMS key ARN to encrypt the logs published to the given Amazon S3 destination. */ kmsKey?: pulumi.Input; /** * The Amazon S3 destination URI for log publishing. */ logLocation?: pulumi.Input; } } export declare namespace auditmanager { /** * The AWS account associated with the assessment. */ interface AssessmentAwsAccountArgs { /** * The email address that's associated with the AWS account . */ emailAddress?: pulumi.Input; /** * The identifier for the AWS account . */ id?: pulumi.Input; /** * The name of the AWS account . */ name?: pulumi.Input; } /** * An AWS service such as Amazon S3, AWS CloudTrail, and so on. */ interface AssessmentAwsServiceArgs { /** * The name of the AWS service . */ serviceName?: pulumi.Input; } /** * The assignment of a control set to a delegate for review. */ interface AssessmentDelegationArgs { /** * The identifier for the assessment that's associated with the delegation. */ assessmentId?: pulumi.Input; /** * The name of the assessment that's associated with the delegation. */ assessmentName?: pulumi.Input; /** * The comment that's related to the delegation. */ comment?: pulumi.Input; /** * The identifier for the control set that's associated with the delegation. */ controlSetId?: pulumi.Input; /** * The user or role that created the delegation. * * *Minimum* : `1` * * *Maximum* : `100` * * *Pattern* : `^[a-zA-Z0-9-_()\\[\\]\\s]+$` */ createdBy?: pulumi.Input; /** * Specifies when the delegation was created. */ creationTime?: pulumi.Input; /** * The unique identifier for the delegation. */ id?: pulumi.Input; /** * Specifies when the delegation was last updated. */ lastUpdated?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role. */ roleArn?: pulumi.Input; /** * The type of customer persona. * * > In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` . * > * > In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` . * > * > In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` . */ roleType?: pulumi.Input; /** * The status of the delegation. */ status?: pulumi.Input; } /** * The destination in which evidence reports are stored for the specified assessment. */ interface AssessmentReportsDestinationArgs { /** * The destination bucket where Audit Manager stores assessment reports. */ destination?: pulumi.Input; /** * The destination type, such as Amazon S3. */ destinationType?: pulumi.Input; } /** * The wrapper that contains AWS Audit Manager role information, such as the role type and IAM ARN. */ interface AssessmentRoleArgs { /** * The Amazon Resource Name (ARN) of the IAM role. */ roleArn?: pulumi.Input; /** * The type of customer persona. * * > In `CreateAssessment` , `roleType` can only be `PROCESS_OWNER` . * > * > In `UpdateSettings` , `roleType` can only be `PROCESS_OWNER` . * > * > In `BatchCreateDelegationByAssessment` , `roleType` can only be `RESOURCE_OWNER` . */ roleType?: pulumi.Input; } /** * The wrapper that contains the AWS accounts and AWS services in scope for the assessment. */ interface AssessmentScopeArgs { /** * The AWS accounts included in scope. */ awsAccounts?: pulumi.Input[]>; /** * The AWS services included in scope. */ awsServices?: pulumi.Input[]>; } } export declare namespace autoscaling { /** * ``AcceleratorCountRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum number of accelerators for an instance type. */ interface AutoScalingGroupAcceleratorCountRequestArgs { /** * The maximum value. */ max?: pulumi.Input; /** * The minimum value. */ min?: pulumi.Input; } /** * ``AcceleratorTotalMemoryMiBRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum total memory size for the accelerators for an instance type, in MiB. */ interface AutoScalingGroupAcceleratorTotalMemoryMiBRequestArgs { /** * The memory maximum in MiB. */ max?: pulumi.Input; /** * The memory minimum in MiB. */ min?: pulumi.Input; } /** * ``AvailabilityZoneDistribution`` is a property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. */ interface AutoScalingGroupAvailabilityZoneDistributionArgs { /** * If launches fail in an Availability Zone, the following strategies are available. The default is ``balanced-best-effort``. * + ``balanced-only`` - If launches fail in an Availability Zone, Auto Scaling will continue to attempt to launch in the unhealthy zone to preserve a balanced distribution. * + ``balanced-best-effort`` - If launches fail in an Availability Zone, Auto Scaling will attempt to launch in another healthy Availability Zone instead. */ capacityDistributionStrategy?: pulumi.Input; } /** * Describes an Availability Zone impairment policy. */ interface AutoScalingGroupAvailabilityZoneImpairmentPolicyArgs { /** * Specifies the health check behavior for the impaired Availability Zone in an active zonal shift. If you select ``Replace unhealthy``, instances that appear unhealthy will be replaced in all Availability Zones. If you select ``Ignore unhealthy``, instances will not be replaced in the Availability Zone with the active zonal shift. For more information, see [Auto Scaling group zonal shift](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-zonal-shift.html) in the *Amazon EC2 Auto Scaling User Guide*. */ impairedZoneHealthCheckBehavior: pulumi.Input; /** * If ``true``, enable zonal shift for your Auto Scaling group. */ zonalShiftEnabled: pulumi.Input; } /** * ``BaselineEbsBandwidthMbpsRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum baseline bandwidth performance for an instance type, in Mbps. */ interface AutoScalingGroupBaselineEbsBandwidthMbpsRequestArgs { /** * The maximum value in Mbps. */ max?: pulumi.Input; /** * The minimum value in Mbps. */ min?: pulumi.Input; } /** * The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Auto Scaling uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. * Currently, this parameter only supports CPU performance as a baseline performance factor. For example, specifying ``c6i`` uses the CPU performance of the ``c6i`` family as the baseline reference. */ interface AutoScalingGroupBaselinePerformanceFactorsRequestArgs { /** * The CPU performance to consider, using an instance family as the baseline reference. */ cpu?: pulumi.Input; } /** * Describes the Capacity Reservation preference and targeting options. If you specify ``open`` or ``none`` for ``CapacityReservationPreference``, do not specify a ``CapacityReservationTarget``. */ interface AutoScalingGroupCapacityReservationSpecificationArgs { /** * The capacity reservation preference. The following options are available: * + ``capacity-reservations-only`` - Auto Scaling will only launch instances into a Capacity Reservation or Capacity Reservation resource group. If capacity isn't available, instances will fail to launch. * + ``capacity-reservations-first`` - Auto Scaling will try to launch instances into a Capacity Reservation or Capacity Reservation resource group first. If capacity isn't available, instances will run in On-Demand capacity. * + ``none`` - Auto Scaling will not launch instances into a Capacity Reservation. Instances will run in On-Demand capacity. * + ``default`` - Auto Scaling uses the Capacity Reservation preference from your launch template or an open Capacity Reservation. */ capacityReservationPreference: pulumi.Input; /** * Describes a target Capacity Reservation or Capacity Reservation resource group. */ capacityReservationTarget?: pulumi.Input; } /** * The target for the Capacity Reservation. Specify Capacity Reservations IDs or Capacity Reservation resource group ARNs. */ interface AutoScalingGroupCapacityReservationTargetArgs { /** * The Capacity Reservation IDs to launch instances into. */ capacityReservationIds?: pulumi.Input[]>; /** * The resource group ARNs of the Capacity Reservation to launch instances into. */ capacityReservationResourceGroupArns?: pulumi.Input[]>; } /** * The CPU performance to consider, using an instance family as the baseline reference. */ interface AutoScalingGroupCpuPerformanceFactorRequestArgs { /** * Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences. * Currently only one instance family can be specified in the list. */ references?: pulumi.Input[]>; } /** * The instance lifecycle policy for the Auto Scaling group. This policy controls instance behavior when an instance transitions through its lifecycle states. Configure retention triggers to specify when instances should move to a ``Retained`` state instead of automatic termination. * For more information, see [Control instance retention with instance lifecycle policies](https://docs.aws.amazon.com/autoscaling/ec2/userguide/instance-lifecycle-policy.html) in the *Amazon EC2 Auto Scaling User Guide*. */ interface AutoScalingGroupInstanceLifecyclePolicyArgs { /** * Specifies the conditions that trigger instance retention behavior. These triggers determine when instances should move to a ``Retained`` state instead of automatic termination. This allows you to maintain control over instance management when lifecycles transition and operations fail. */ retentionTriggers?: pulumi.Input; } /** * ``InstanceMaintenancePolicy`` is a property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. * For more information, see [Instance maintenance policies](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-instance-maintenance-policy.html) in the *Amazon EC2 Auto Scaling User Guide*. */ interface AutoScalingGroupInstanceMaintenancePolicyArgs { /** * Specifies the upper threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the maximum percentage of the group that can be in service and healthy, or pending, to support your workload when replacing instances. Value range is 100 to 200. To clear a previously set value, specify a value of ``-1``. * Both ``MinHealthyPercentage`` and ``MaxHealthyPercentage`` must be specified, and the difference between them cannot be greater than 100. A large range increases the number of instances that can be replaced at the same time. */ maxHealthyPercentage?: pulumi.Input; /** * Specifies the lower threshold as a percentage of the desired capacity of the Auto Scaling group. It represents the minimum percentage of the group to keep in service, healthy, and ready to use to support your workload when replacing instances. Value range is 0 to 100. To clear a previously set value, specify a value of ``-1``. */ minHealthyPercentage?: pulumi.Input; } /** * The attributes for the instance types for a mixed instances policy. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types. * When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values. * To limit the list of instance types from which Amazon EC2 Auto Scaling can identify matching instance types, you can use one of the following parameters, but not both in the same request: * + ``AllowedInstanceTypes`` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes. * + ``ExcludedInstanceTypes`` - The instance types to exclude from the list, even if they match your specified attributes. * * You must specify ``VCpuCount`` and ``MemoryMiB``. All other attributes are optional. Any unspecified optional attribute is set to its default. * For an example template, see [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html). * For more information, see [Creating an Auto Scaling group using attribute-based instance type selection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-asg-instance-type-requirements.html) in the *Amazon EC2 Auto Scaling User Guide*. For help determining which instance types match your attributes before you apply them to your Auto Scaling group, see [Preview instance types with specified attributes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-get-instance-types-from-instance-requirements) in the *Amazon EC2 User Guide for Linux Instances*. * ``InstanceRequirements`` is a property of the ``LaunchTemplateOverrides`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) property type. */ interface AutoScalingGroupInstanceRequirementsArgs { /** * The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) for an instance type. * To exclude accelerator-enabled instance types, set ``Max`` to ``0``. * Default: No minimum or maximum limits */ acceleratorCount?: pulumi.Input; /** * Indicates whether instance types must have accelerators by specific manufacturers. * + For instance types with NVIDIA devices, specify ``nvidia``. * + For instance types with AMD devices, specify ``amd``. * + For instance types with AWS devices, specify ``amazon-web-services``. * + For instance types with Xilinx devices, specify ``xilinx``. * * Default: Any manufacturer */ acceleratorManufacturers?: pulumi.Input[]>; /** * Lists the accelerators that must be on an instance type. * + For instance types with NVIDIA A100 GPUs, specify ``a100``. * + For instance types with NVIDIA V100 GPUs, specify ``v100``. * + For instance types with NVIDIA K80 GPUs, specify ``k80``. * + For instance types with NVIDIA T4 GPUs, specify ``t4``. * + For instance types with NVIDIA M60 GPUs, specify ``m60``. * + For instance types with AMD Radeon Pro V520 GPUs, specify ``radeon-pro-v520``. * + For instance types with Xilinx VU9P FPGAs, specify ``vu9p``. * * Default: Any accelerator */ acceleratorNames?: pulumi.Input[]>; /** * The minimum and maximum total memory size for the accelerators on an instance type, in MiB. * Default: No minimum or maximum limits */ acceleratorTotalMemoryMiB?: pulumi.Input; /** * Lists the accelerator types that must be on an instance type. * + For instance types with GPU accelerators, specify ``gpu``. * + For instance types with FPGA accelerators, specify ``fpga``. * + For instance types with inference accelerators, specify ``inference``. * * Default: Any accelerator type */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. * You can use strings with one or more wild cards, represented by an asterisk (``*``), to allow an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``. * For example, if you specify ``c5*``, Amazon EC2 Auto Scaling will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 Auto Scaling will allow all the M5a instance types, but not the M5n instance types. * If you specify ``AllowedInstanceTypes``, you can't specify ``ExcludedInstanceTypes``. * Default: All instance types */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether bare metal instance types are included, excluded, or required. * Default: ``excluded`` */ bareMetal?: pulumi.Input; /** * The minimum and maximum baseline bandwidth performance for an instance type, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide*. * Default: No minimum or maximum limits */ baselineEbsBandwidthMbps?: pulumi.Input; /** * The baseline performance factors for the instance requirements. */ baselinePerformanceFactors?: pulumi.Input; /** * Indicates whether burstable performance instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) in the *Amazon EC2 User Guide*. * Default: ``excluded`` */ burstablePerformance?: pulumi.Input; /** * Lists which specific CPU manufacturers to include. * + For instance types with Intel CPUs, specify ``intel``. * + For instance types with AMD CPUs, specify ``amd``. * + For instance types with AWS CPUs, specify ``amazon-web-services``. * + For instance types with Apple CPUs, specify ``apple``. * * Don't confuse the CPU hardware manufacturer with the CPU hardware architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * Default: Any manufacturer */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. You can use strings with one or more wild cards, represented by an asterisk (``*``), to exclude an instance family, type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``. * For example, if you specify ``c5*``, you are excluding the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 Auto Scaling will exclude all the M5a instance types, but not the M5n instance types. * If you specify ``ExcludedInstanceTypes``, you can't specify ``AllowedInstanceTypes``. * Default: No excluded instance types */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. * + For current generation instance types, specify ``current``. The current generation includes EC2 instance types currently recommended for use. This typically includes the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*. * + For previous generation instance types, specify ``previous``. * * Default: Any current or previous generation */ instanceGenerations?: pulumi.Input[]>; /** * Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, see [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide*. * Default: ``included`` */ localStorage?: pulumi.Input; /** * Indicates the type of local storage that is required. * + For instance types with hard disk drive (HDD) storage, specify ``hdd``. * + For instance types with solid state drive (SSD) storage, specify ``ssd``. * * Default: Any local storage type */ localStorageTypes?: pulumi.Input[]>; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. * If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price. * Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``. */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU for an instance type, in GiB. * Default: No minimum or maximum limits */ memoryGiBPerVCpu?: pulumi.Input; /** * The minimum and maximum instance memory size for an instance type, in MiB. */ memoryMiB: pulumi.Input; /** * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). * Default: No minimum or maximum limits */ networkBandwidthGbps?: pulumi.Input; /** * The minimum and maximum number of network interfaces for an instance type. * Default: No minimum or maximum limits */ networkInterfaceCount?: pulumi.Input; /** * [Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. * To turn off price protection, specify a high value, such as ``999999``. * If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per instance price. * Default: ``20`` */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicates whether instance types must provide On-Demand Instance hibernation support. * Default: ``false`` */ requireHibernateSupport?: pulumi.Input; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon EC2 Auto Scaling selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 Auto Scaling interprets as a percentage. * If you set ``DesiredCapacityType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per-vCPU or per-memory price instead of the per instance price. * Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 Auto Scaling will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * The minimum and maximum total local storage size for an instance type, in GB. * Default: No minimum or maximum limits */ totalLocalStorageGb?: pulumi.Input; /** * The minimum and maximum number of vCPUs for an instance type. */ vCpuCount: pulumi.Input; } /** * Use this structure to specify the distribution of On-Demand Instances and Spot Instances and the allocation strategies used to fulfill On-Demand and Spot capacities for a mixed instances policy. * For more information, see [Auto Scaling groups with multiple instance types and purchase options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups.html) in the *Amazon EC2 Auto Scaling User Guide*. * ``InstancesDistribution`` is a property of the [AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-mixedinstancespolicy.html) property type. */ interface AutoScalingGroupInstancesDistributionArgs { /** * The allocation strategy to apply to your On-Demand Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify. * The following lists the valid values: * + lowest-price Uses price to determine which instance types are the highest priority, launching the lowest priced instance types within an Availability Zone first. This is the default value for Auto Scaling groups that specify InstanceRequirements. + prioritized You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling launches your highest priority instance types first. If all your On-Demand capacity cannot be fulfilled using your highest priority instance type, then Amazon EC2 Auto Scaling launches the remaining capacity using the second priority instance type, and so on. This is the default value for Auto Scaling groups that don't specify InstanceRequirements and cannot be used for groups that do. */ onDemandAllocationStrategy?: pulumi.Input; /** * The minimum amount of the Auto Scaling group's capacity that must be fulfilled by On-Demand Instances. This base portion is launched first as your group scales. * This number has the same unit of measurement as the group's desired capacity. If you change the default unit of measurement (number of instances) by specifying weighted capacity values in your launch template overrides list, or by changing the default desired capacity type setting of the group, you must specify this number using the same unit of measurement. * Default: 0 * An update to this setting means a gradual replacement of instances to adjust the current On-Demand Instance levels. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones. */ onDemandBaseCapacity?: pulumi.Input; /** * Controls the percentages of On-Demand Instances and Spot Instances for your additional capacity beyond ``OnDemandBaseCapacity``. Expressed as a number (for example, 20 specifies 20% On-Demand Instances, 80% Spot Instances). If set to 100, only On-Demand Instances are used. * Default: 100 * An update to this setting means a gradual replacement of instances to adjust the current On-Demand and Spot Instance levels for your additional capacity higher than the base capacity. When replacing instances, Amazon EC2 Auto Scaling launches new instances before terminating the previous ones. */ onDemandPercentageAboveBaseCapacity?: pulumi.Input; /** * The allocation strategy to apply to your Spot Instances when they are launched. Possible instance types are determined by the launch template overrides that you specify. * The following lists the valid values: * + capacity-optimized Requests Spot Instances using pools that are optimally chosen based on the available Spot capacity. This strategy has the lowest risk of interruption. To give certain instance types a higher chance of launching first, use capacity-optimized-prioritized. + capacity-optimized-prioritized You set the order of instance types for the launch template overrides from highest to lowest priority (from first to last in the list). Amazon EC2 Auto Scaling honors the instance type priorities on a best effort basis but optimizes for capacity first. Note that if the On-Demand allocation strategy is set to prioritized, the same priority is applied when fulfilling On-Demand capacity. This is not a valid value for Auto Scaling groups that specify InstanceRequirements. + lowest-price Requests Spot Instances using the lowest priced pools within an Availability Zone, across the number of Spot pools that you specify for the SpotInstancePools property. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. This is the default value, but it might lead to high interruption rates because this strategy only considers instance price and not available capacity. + price-capacity-optimized (recommended) The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price. */ spotAllocationStrategy?: pulumi.Input; /** * The number of Spot Instance pools across which to allocate your Spot Instances. The Spot pools are determined from the different instance types in the overrides. Valid only when the ``SpotAllocationStrategy`` is ``lowest-price``. Value must be in the range of 1–20. * Default: 2 */ spotInstancePools?: pulumi.Input; /** * The maximum price per unit hour that you are willing to pay for a Spot Instance. If your maximum price is lower than the Spot price for the instance types that you selected, your Spot Instances are not launched. We do not recommend specifying a maximum price because it can lead to increased interruptions. When Spot Instances launch, you pay the current Spot price. To remove a maximum price that you previously set, include the property but specify an empty string ("") for the value. * If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify one. * Valid Range: Minimum value of 0.001 */ spotMaxPrice?: pulumi.Input; } /** * Use this structure to specify the launch templates and instance types (overrides) for a mixed instances policy. * ``LaunchTemplate`` is a property of the [AWS::AutoScaling::AutoScalingGroup MixedInstancesPolicy](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-mixedinstancespolicy.html) property type. */ interface AutoScalingGroupLaunchTemplateArgs { /** * The launch template. */ launchTemplateSpecification: pulumi.Input; /** * Any properties that you specify override the same properties in the launch template. */ overrides?: pulumi.Input[]>; } /** * Use this structure to let Amazon EC2 Auto Scaling do the following when the Auto Scaling group has a mixed instances policy: * + Override the instance type that is specified in the launch template. * + Use multiple instance types. * * Specify the instance types that you want, or define your instance requirements instead and let Amazon EC2 Auto Scaling provision the available instance types that meet your requirements. This can provide Amazon EC2 Auto Scaling with a larger selection of instance types to choose from when fulfilling Spot and On-Demand capacities. You can view which instance types are matched before you apply the instance requirements to your Auto Scaling group. * After you define your instance requirements, you don't have to keep updating these settings to get new EC2 instance types automatically. Amazon EC2 Auto Scaling uses the instance requirements of the Auto Scaling group to determine whether a new EC2 instance type can be used. * ``LaunchTemplateOverrides`` is a property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) property type. */ interface AutoScalingGroupLaunchTemplateOverridesArgs { /** * The ID of the Amazon Machine Image (AMI) to use for instances launched with this override. When using Instance Refresh with ``ReplaceRootVolume`` strategy, this specifies the AMI for root volume replacement operations. * For ``ReplaceRootVolume`` operations: * + All overrides in the ``MixedInstancesPolicy`` must specify an ImageId * + The AMI must contain only a single root volume * + Root volume replacement doesn't support multi-volume AMIs */ imageId?: pulumi.Input; /** * The instance requirements. Amazon EC2 Auto Scaling uses your specified requirements to identify instance types. Then, it uses your On-Demand and Spot allocation strategies to launch instances from these instance types. * You can specify up to four separate sets of instance requirements per Auto Scaling group. This is useful for provisioning instances from different Amazon Machine Images (AMIs) in the same Auto Scaling group. To do this, create the AMIs and create a new launch template for each AMI. Then, create a compatible set of instance requirements for each launch template. * If you specify ``InstanceRequirements``, you can't specify ``InstanceType``. */ instanceRequirements?: pulumi.Input; /** * The instance type, such as ``m3.xlarge``. You must specify an instance type that is supported in your requested Region and Availability Zones. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*. * You can specify up to 40 instance types per Auto Scaling group. */ instanceType?: pulumi.Input; /** * Provides a launch template for the specified instance type or set of instance requirements. For example, some instance types might require a launch template with a different AMI. If not provided, Amazon EC2 Auto Scaling uses the launch template that's specified in the ``LaunchTemplate`` definition. For more information, see [Specifying a different launch template for an instance type](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-launch-template-overrides.html) in the *Amazon EC2 Auto Scaling User Guide*. * You can specify up to 20 launch templates per Auto Scaling group. The launch templates specified in the overrides and in the ``LaunchTemplate`` definition count towards this limit. */ launchTemplateSpecification?: pulumi.Input; /** * If you provide a list of instance types to use, you can specify the number of capacity units provided by each instance type in terms of virtual CPUs, memory, storage, throughput, or other relative performance characteristic. When a Spot or On-Demand Instance is launched, the capacity units count toward the desired capacity. Amazon EC2 Auto Scaling launches instances until the desired capacity is totally fulfilled, even if this results in an overage. For example, if there are two units remaining to fulfill capacity, and Amazon EC2 Auto Scaling can only launch an instance with a ``WeightedCapacity`` of five units, the instance is launched, and the desired capacity is exceeded by three units. For more information, see [Configure instance weighting for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups-instance-weighting.html) in the *Amazon EC2 Auto Scaling User Guide*. Value must be in the range of 1-999. * If you specify a value for ``WeightedCapacity`` for one instance type, you must specify a value for ``WeightedCapacity`` for all of them. * Every Auto Scaling group has three size parameters (``DesiredCapacity``, ``MaxSize``, and ``MinSize``). Usually, you set these sizes based on a specific number of instances. However, if you configure a mixed instances policy that defines weights for the instance types, you must specify these sizes with the same units that you use for weighting instances. */ weightedCapacity?: pulumi.Input; } /** * Specifies a launch template to use when provisioning EC2 instances for an Auto Scaling group. * You must specify the following: * + The ID or the name of the launch template, but not both. * + The version of the launch template. * * ``LaunchTemplateSpecification`` is property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. It is also a property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplate.html) and [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property types. * For information about creating a launch template, see [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html) and [Create a launch template for an Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/create-launch-template.html) in the *Amazon EC2 Auto Scaling User Guide*. * For examples of launch templates, see [Create launch templates](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-launch-templates.html). */ interface AutoScalingGroupLaunchTemplateSpecificationArgs { /** * The ID of the launch template. * You must specify the ``LaunchTemplateID`` or the ``LaunchTemplateName``, but not both. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. * You must specify the ``LaunchTemplateName`` or the ``LaunchTemplateID``, but not both. */ launchTemplateName?: pulumi.Input; /** * The version number of the launch template. * Specifying ``$Latest`` or ``$Default`` for the template version number is not supported. However, you can specify ``LatestVersionNumber`` or ``DefaultVersionNumber`` using the ``Fn::GetAtt`` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/intrinsic-function-reference-getatt.html). * For an example of using the ``Fn::GetAtt`` function, see the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples) section of the ``AWS::AutoScaling::AutoScalingGroup`` resource. */ version: pulumi.Input; } /** * ``LifecycleHookSpecification`` specifies a lifecycle hook for the ``LifecycleHookSpecificationList`` property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. A lifecycle hook specifies actions to perform when Amazon EC2 Auto Scaling launches or terminates instances. * For more information, see [Amazon EC2 Auto Scaling lifecycle hooks](https://docs.aws.amazon.com/autoscaling/ec2/userguide/lifecycle-hooks.html) in the *Amazon EC2 Auto Scaling User Guide*. You can find a sample template snippet in the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-as-lifecyclehook.html#aws-resource-as-lifecyclehook--examples) section of the ``AWS::AutoScaling::LifecycleHook`` resource. */ interface AutoScalingGroupLifecycleHookSpecificationArgs { /** * The action the Auto Scaling group takes when the lifecycle hook timeout elapses or if an unexpected failure occurs. The default value is ``ABANDON``. * Valid values: ``CONTINUE`` | ``ABANDON`` */ defaultResult?: pulumi.Input; /** * The maximum time, in seconds, that can elapse before the lifecycle hook times out. The range is from ``30`` to ``7200`` seconds. The default value is ``3600`` seconds (1 hour). */ heartbeatTimeout?: pulumi.Input; /** * The name of the lifecycle hook. */ lifecycleHookName: pulumi.Input; /** * The lifecycle transition. For Auto Scaling groups, there are two major lifecycle transitions. * + To create a lifecycle hook for scale-out events, specify ``autoscaling:EC2_INSTANCE_LAUNCHING``. * + To create a lifecycle hook for scale-in events, specify ``autoscaling:EC2_INSTANCE_TERMINATING``. */ lifecycleTransition: pulumi.Input; /** * Additional information that you want to include any time Amazon EC2 Auto Scaling sends a message to the notification target. */ notificationMetadata?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the notification target that Amazon EC2 Auto Scaling sends notifications to when an instance is in a wait state for the lifecycle hook. You can specify an Amazon SNS topic or an Amazon SQS queue. */ notificationTargetArn?: pulumi.Input; /** * The ARN of the IAM role that allows the Auto Scaling group to publish to the specified notification target. For information about creating this role, see [Prepare to add a lifecycle hook to your Auto Scaling group](https://docs.aws.amazon.com/autoscaling/ec2/userguide/prepare-for-lifecycle-notifications.html) in the *Amazon EC2 Auto Scaling User Guide*. * Valid only if the notification target is an Amazon SNS topic or an Amazon SQS queue. */ roleArn?: pulumi.Input; } /** * ``MemoryGiBPerVCpuRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum amount of memory per vCPU for an instance type, in GiB. */ interface AutoScalingGroupMemoryGiBPerVCpuRequestArgs { /** * The memory maximum in GiB. */ max?: pulumi.Input; /** * The memory minimum in GiB. */ min?: pulumi.Input; } /** * ``MemoryMiBRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum instance memory size for an instance type, in MiB. */ interface AutoScalingGroupMemoryMiBRequestArgs { /** * The memory maximum in MiB. */ max?: pulumi.Input; /** * The memory minimum in MiB. */ min?: pulumi.Input; } /** * ``MetricsCollection`` is a property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource that describes the group metrics that an Amazon EC2 Auto Scaling group sends to Amazon CloudWatch. These metrics describe the group rather than any of its instances. * For more information, see [Monitor CloudWatch metrics for your Auto Scaling groups and instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-monitoring.html) in the *Amazon EC2 Auto Scaling User Guide*. You can find a sample template snippet in the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples) section of the ``AWS::AutoScaling::AutoScalingGroup`` resource. */ interface AutoScalingGroupMetricsCollectionArgs { /** * The frequency at which Amazon EC2 Auto Scaling sends aggregated data to CloudWatch. The only valid value is ``1Minute``. */ granularity: pulumi.Input; /** * Identifies the metrics to enable. * You can specify one or more of the following metrics: * + ``GroupMinSize`` * + ``GroupMaxSize`` * + ``GroupDesiredCapacity`` * + ``GroupInServiceInstances`` * + ``GroupPendingInstances`` * + ``GroupStandbyInstances`` * + ``GroupTerminatingInstances`` * + ``GroupTotalInstances`` * + ``GroupInServiceCapacity`` * + ``GroupPendingCapacity`` * + ``GroupStandbyCapacity`` * + ``GroupTerminatingCapacity`` * + ``GroupTotalCapacity`` * + ``WarmPoolDesiredCapacity`` * + ``WarmPoolWarmedCapacity`` * + ``WarmPoolPendingCapacity`` * + ``WarmPoolTerminatingCapacity`` * + ``WarmPoolTotalCapacity`` * + ``GroupAndWarmPoolDesiredCapacity`` * + ``GroupAndWarmPoolTotalCapacity`` * * If you specify ``Granularity`` and don't specify any metrics, all metrics are enabled. * For more information, see [Amazon CloudWatch metrics for Amazon EC2 Auto Scaling](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-metrics.html) in the *Amazon EC2 Auto Scaling User Guide*. */ metrics?: pulumi.Input[]>; } /** * Use this structure to launch multiple instance types and On-Demand Instances and Spot Instances within a single Auto Scaling group. * A mixed instances policy contains information that Amazon EC2 Auto Scaling can use to launch instances and help optimize your costs. For more information, see [Auto Scaling groups with multiple instance types and purchase options](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ec2-auto-scaling-mixed-instances-groups.html) in the *Amazon EC2 Auto Scaling User Guide*. * You can create a mixed instances policy for new and existing Auto Scaling groups. You must use a launch template to configure the policy. You cannot use a launch configuration. * There are key differences between Spot Instances and On-Demand Instances: * + The price for Spot Instances varies based on demand * + Amazon EC2 can terminate an individual Spot Instance as the availability of, or price for, Spot Instances changes * * When a Spot Instance is terminated, Amazon EC2 Auto Scaling group attempts to launch a replacement instance to maintain the desired capacity for the group. * ``MixedInstancesPolicy`` is a property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. */ interface AutoScalingGroupMixedInstancesPolicyArgs { /** * The instances distribution. */ instancesDistribution?: pulumi.Input; /** * One or more launch templates and the instance types (overrides) that are used to launch EC2 instances to fulfill On-Demand and Spot capacities. */ launchTemplate: pulumi.Input; } /** * ``NetworkBandwidthGbpsRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum network bandwidth for an instance type, in Gbps. * Setting the minimum bandwidth does not guarantee that your instance will achieve the minimum bandwidth. Amazon EC2 will identify instance types that support the specified minimum bandwidth, but the actual bandwidth of your instance might go below the specified minimum at times. For more information, see [Available instance bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html#available-instance-bandwidth) in the *Amazon EC2 User Guide for Linux Instances*. */ interface AutoScalingGroupNetworkBandwidthGbpsRequestArgs { /** * The maximum amount of network bandwidth, in gigabits per second (Gbps). */ max?: pulumi.Input; /** * The minimum amount of network bandwidth, in gigabits per second (Gbps). */ min?: pulumi.Input; } /** * ``NetworkInterfaceCountRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum number of network interfaces for an instance type. */ interface AutoScalingGroupNetworkInterfaceCountRequestArgs { /** * The maximum number of network interfaces. */ max?: pulumi.Input; /** * The minimum number of network interfaces. */ min?: pulumi.Input; } /** * A structure that specifies an Amazon SNS notification configuration for the ``NotificationConfigurations`` property of the [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. * For an example template snippet, see [Configure Amazon EC2 Auto Scaling resources](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-ec2-auto-scaling.html). * For more information, see [Get Amazon SNS notifications when your Auto Scaling group scales](https://docs.aws.amazon.com/autoscaling/ec2/userguide/ASGettingNotifications.html) in the *Amazon EC2 Auto Scaling User Guide*. */ interface AutoScalingGroupNotificationConfigurationArgs { /** * A list of event types that send a notification. Event types can include any of the following types. * *Allowed values*: * + ``autoscaling:EC2_INSTANCE_LAUNCH`` * + ``autoscaling:EC2_INSTANCE_LAUNCH_ERROR`` * + ``autoscaling:EC2_INSTANCE_TERMINATE`` * + ``autoscaling:EC2_INSTANCE_TERMINATE_ERROR`` * + ``autoscaling:TEST_NOTIFICATION`` */ notificationTypes?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the Amazon SNS topic. */ topicArn: pulumi.Input[]>; } /** * Specify an instance family to use as the baseline reference for CPU performance. All instance types that All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences. * Currently only one instance family can be specified in the list. */ interface AutoScalingGroupPerformanceFactorReferenceRequestArgs { /** * The instance family to use as a baseline reference. * Make sure that you specify the correct value for the instance family. The instance family is everything before the period (.) in the instance type name. For example, in the instance ``c6i.large``, the instance family is ``c6i``, not ``c6``. For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types*. * The following instance types are *not supported* for performance protection. * + ``c1`` * + ``g3| g3s`` * + ``hpc7g`` * + ``m1| m2`` * + ``mac1 | mac2 | mac2-m1ultra | mac2-m2 | mac2-m2pro`` * + ``p3dn | p4d | p5`` * + ``t1`` * + ``u-12tb1 | u-18tb1 | u-24tb1 | u-3tb1 | u-6tb1 | u-9tb1 | u7i-12tb | u7in-16tb | u7in-24tb | u7in-32tb`` * * If you performance protection by specifying a supported instance family, the returned instance types will exclude the preceding unsupported instance families. * If you specify an unsupported instance family as a value for baseline performance, the API returns an empty response. */ instanceFamily?: pulumi.Input; } /** * Defines the specific triggers that cause instances to be retained in a Retained state rather than terminated. Each trigger corresponds to a different failure scenario during the instance lifecycle. This allows fine-grained control over when to preserve instances for manual intervention. */ interface AutoScalingGroupRetentionTriggersArgs { /** * Specifies the action when a termination lifecycle hook is abandoned due to failure, timeout, or explicit abandonment (calling CompleteLifecycleAction). * Set to ``retain`` to move instances to a retained state. Set to ``terminate`` for default termination behavior. * Retained instances don't count toward desired capacity and remain until you call ``TerminateInstanceInAutoScalingGroup``. */ terminateHookAbandon?: pulumi.Input; } /** * A structure that specifies a tag for the ``Tags`` property of [AWS::AutoScaling::AutoScalingGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html) resource. * For more information, see [Tag Auto Scaling groups and instances](https://docs.aws.amazon.com/autoscaling/ec2/userguide/autoscaling-tagging.html) in the *Amazon EC2 Auto Scaling User Guide*. You can find a sample template snippet in the [Examples](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-autoscaling-autoscalinggroup.html#aws-resource-autoscaling-autoscalinggroup--examples) section of the ``AWS::AutoScaling::AutoScalingGroup`` resource. * CloudFormation adds the following tags to all Auto Scaling groups and associated instances: * + aws:cloudformation:stack-name * + aws:cloudformation:stack-id * + aws:cloudformation:logical-id */ interface AutoScalingGroupTagPropertyArgs { /** * The tag key. */ key: pulumi.Input; /** * Set to ``true`` if you want CloudFormation to copy the tag to EC2 instances that are launched as part of the Auto Scaling group. Set to ``false`` if you want the tag attached only to the Auto Scaling group and not copied to any instances launched as part of the Auto Scaling group. */ propagateAtLaunch: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } /** * ``TotalLocalStorageGBRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum total local storage size for an instance type, in GB. */ interface AutoScalingGroupTotalLocalStorageGbRequestArgs { /** * The storage maximum in GB. */ max?: pulumi.Input; /** * The storage minimum in GB. */ min?: pulumi.Input; } /** * Identifying information for a traffic source. */ interface AutoScalingGroupTrafficSourceIdentifierArgs { /** * Identifies the traffic source. * For Application Load Balancers, Gateway Load Balancers, Network Load Balancers, and VPC Lattice, this will be the Amazon Resource Name (ARN) for a target group in this account and Region. For Classic Load Balancers, this will be the name of the Classic Load Balancer in this account and Region. * For example: * + Application Load Balancer ARN: ``arn:aws:elasticloadbalancing:us-west-2:123456789012:targetgroup/my-targets/1234567890123456`` * + Classic Load Balancer name: ``my-classic-load-balancer`` * + VPC Lattice ARN: ``arn:aws:vpc-lattice:us-west-2:123456789012:targetgroup/tg-1234567890123456`` * * To get the ARN of a target group for a Application Load Balancer, Gateway Load Balancer, or Network Load Balancer, or the name of a Classic Load Balancer, use the Elastic Load Balancing [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) and [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operations. * To get the ARN of a target group for VPC Lattice, use the VPC Lattice [GetTargetGroup](https://docs.aws.amazon.com/vpc-lattice/latest/APIReference/API_GetTargetGroup.html) API operation. */ identifier: pulumi.Input; /** * Provides additional context for the value of ``Identifier``. * The following lists the valid values: * + ``elb`` if ``Identifier`` is the name of a Classic Load Balancer. * + ``elbv2`` if ``Identifier`` is the ARN of an Application Load Balancer, Gateway Load Balancer, or Network Load Balancer target group. * + ``vpc-lattice`` if ``Identifier`` is the ARN of a VPC Lattice target group. * * Required if the identifier is the name of a Classic Load Balancer. */ type: pulumi.Input; } /** * ``VCpuCountRequest`` is a property of the ``InstanceRequirements`` property of the [AWS::AutoScaling::AutoScalingGroup LaunchTemplateOverrides](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-autoscaling-autoscalinggroup-launchtemplateoverrides.html) property type that describes the minimum and maximum number of vCPUs for an instance type. */ interface AutoScalingGroupVCpuCountRequestArgs { /** * The maximum number of vCPUs. */ max?: pulumi.Input; /** * The minimum number of vCPUs. */ min?: pulumi.Input; } /** * BlockDevice is a subproperty of BlockDeviceMapping that describes an Amazon EBS volume. */ interface LaunchConfigurationBlockDeviceArgs { /** * Indicates whether the volume is deleted on instance termination. */ deleteOnTermination?: pulumi.Input; /** * Specifies whether the volume should be encrypted. */ encrypted?: pulumi.Input; /** * The number of input/output (I/O) operations per second (IOPS) to provision for the volume. */ iops?: pulumi.Input; /** * The snapshot ID of the volume to use. */ snapshotId?: pulumi.Input; /** * The throughput (MiBps) to provision for a gp3 volume. */ throughput?: pulumi.Input; /** * The volume size, in GiBs. */ volumeSize?: pulumi.Input; /** * The volume type. */ volumeType?: pulumi.Input; } /** * BlockDeviceMapping is a property of AWS::AutoScaling::LaunchConfiguration that describes a block device mapping for an Auto Scaling group. */ interface LaunchConfigurationBlockDeviceMappingArgs { /** * The device name exposed to the EC2 instance (for example, /dev/sdh or xvdh). */ deviceName: pulumi.Input; /** * Parameters used to automatically set up EBS volumes when an instance is launched. */ ebs?: pulumi.Input; /** * Setting this value to true suppresses the specified device included in the block device mapping of the AMI. */ noDevice?: pulumi.Input; /** * The name of the virtual device. */ virtualName?: pulumi.Input; } /** * MetadataOptions is a property of AWS::AutoScaling::LaunchConfiguration that describes metadata options for the instances. */ interface LaunchConfigurationMetadataOptionsArgs { /** * This parameter enables or disables the HTTP metadata endpoint on your instances. */ httpEndpoint?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. */ httpPutResponseHopLimit?: pulumi.Input; /** * The state of token usage for your instance metadata requests. */ httpTokens?: pulumi.Input; } interface ScalingPolicyCustomizedMetricSpecificationArgs { /** * The dimensions of the metric. * * Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy. */ dimensions?: pulumi.Input[]>; /** * The name of the metric. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) . */ metricName?: pulumi.Input; /** * The metrics to include in the target tracking scaling policy, as a metric data query. This can include both raw metric and metric math expressions. */ metrics?: pulumi.Input[]>; /** * The namespace of the metric. */ namespace?: pulumi.Input; /** * The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) . */ period?: pulumi.Input; /** * The statistic of the metric. */ statistic?: pulumi.Input; /** * The unit of the metric. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* . */ unit?: pulumi.Input; } interface ScalingPolicyMetricArgs { /** * The dimensions for the metric. For the list of available dimensions, see the AWS documentation available from the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* . * * Conditional: If you published your metric with dimensions, you must specify the same dimensions in your scaling policy. */ dimensions?: pulumi.Input[]>; /** * The name of the metric. */ metricName: pulumi.Input; /** * The namespace of the metric. For more information, see the table in [AWS services that publish CloudWatch metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/aws-services-cloudwatch-metrics.html) in the *Amazon CloudWatch User Guide* . */ namespace: pulumi.Input; } interface ScalingPolicyMetricDataQueryArgs { /** * The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. * * Conditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both. */ expression?: pulumi.Input; /** * A short name that identifies the object's results in the response. This name must be unique among all `MetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter. */ id: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents. */ label?: pulumi.Input; /** * Information about the metric data to return. * * Conditional: Within each `MetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both. */ metricStat?: pulumi.Input; /** * Indicates whether to return the timestamps and raw data values of this metric. * * If you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification. * * If you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ). */ returnData?: pulumi.Input; } interface ScalingPolicyMetricDimensionArgs { /** * The name of the dimension. */ name: pulumi.Input; /** * The value of the dimension. */ value: pulumi.Input; } interface ScalingPolicyMetricStatArgs { /** * The CloudWatch metric to return, including the metric name, namespace, and dimensions. To get the exact metric name, namespace, and dimensions, inspect the [Metric](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_Metric.html) object that is returned by a call to [ListMetrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_ListMetrics.html) . */ metric: pulumi.Input; /** * The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* . * * The most commonly used metrics for predictive scaling are `Average` and `Sum` . */ stat: pulumi.Input; /** * The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* . */ unit?: pulumi.Input; } interface ScalingPolicyPredefinedMetricSpecificationArgs { /** * The metric type. The following predefined metrics are available: * * - `ASGAverageCPUUtilization` - Average CPU utilization of the Auto Scaling group. * - `ASGAverageNetworkIn` - Average number of bytes received on all network interfaces by the Auto Scaling group. * - `ASGAverageNetworkOut` - Average number of bytes sent out on all network interfaces by the Auto Scaling group. * - `ALBRequestCountPerTarget` - Average Application Load Balancer request count per target for your Auto Scaling group. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group. * * You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is: * * `app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` . * * Where: * * - app// is the final portion of the load balancer ARN * - targetgroup// is the final portion of the target group ARN. * * To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation. */ resourceLabel?: pulumi.Input; } interface ScalingPolicyPredictiveScalingConfigurationArgs { /** * Defines the behavior that should be applied if the forecast capacity approaches or exceeds the maximum capacity of the Auto Scaling group. Defaults to `HonorMaxCapacity` if not specified. * * The following are possible values: * * - `HonorMaxCapacity` - Amazon EC2 Auto Scaling can't increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity. * - `IncreaseMaxCapacity` - Amazon EC2 Auto Scaling can increase the maximum capacity of the group when the forecast capacity is close to or exceeds the maximum capacity. The upper limit is determined by the forecasted capacity and the value for `MaxCapacityBuffer` . * * > Use caution when allowing the maximum capacity to be automatically increased. This can lead to more instances being launched than intended if the increased maximum capacity is not monitored and managed. The increased maximum capacity then becomes the new normal maximum capacity for the Auto Scaling group until you manually update it. The maximum capacity does not automatically decrease back to the original maximum. */ maxCapacityBreachBehavior?: pulumi.Input; /** * The size of the capacity buffer to use when the forecast capacity is close to or exceeds the maximum capacity. The value is specified as a percentage relative to the forecast capacity. For example, if the buffer is 10, this means a 10 percent buffer, such that if the forecast capacity is 50, and the maximum capacity is 40, then the effective maximum capacity is 55. * * If set to 0, Amazon EC2 Auto Scaling may scale capacity higher than the maximum capacity to equal but not exceed forecast capacity. * * Required if the `MaxCapacityBreachBehavior` property is set to `IncreaseMaxCapacity` , and cannot be used otherwise. */ maxCapacityBuffer?: pulumi.Input; /** * This structure includes the metrics and target utilization to use for predictive scaling. * * This is an array, but we currently only support a single metric specification. That is, you can specify a target value and a single metric pair, or a target value and one scaling metric and one load metric. */ metricSpecifications: pulumi.Input[]>; /** * The predictive scaling mode. Defaults to `ForecastOnly` if not specified. */ mode?: pulumi.Input; /** * The amount of time, in seconds, by which the instance launch time can be advanced. For example, the forecast says to add capacity at 10:00 AM, and you choose to pre-launch instances by 5 minutes. In that case, the instances will be launched at 9:55 AM. The intention is to give resources time to be provisioned. It can take a few minutes to launch an EC2 instance. The actual amount of time required depends on several factors, such as the size of the instance and whether there are startup scripts to complete. * * The value must be less than the forecast interval duration of 3600 seconds (60 minutes). Defaults to 300 seconds if not specified. */ schedulingBufferTime?: pulumi.Input; } interface ScalingPolicyPredictiveScalingCustomizedCapacityMetricArgs { /** * One or more metric data queries to provide the data points for a capacity metric. Use multiple metric data queries only if you are performing a math expression on returned data. */ metricDataQueries: pulumi.Input[]>; } interface ScalingPolicyPredictiveScalingCustomizedLoadMetricArgs { /** * One or more metric data queries to provide the data points for a load metric. Use multiple metric data queries only if you are performing a math expression on returned data. */ metricDataQueries: pulumi.Input[]>; } interface ScalingPolicyPredictiveScalingCustomizedScalingMetricArgs { /** * One or more metric data queries to provide the data points for a scaling metric. Use multiple metric data queries only if you are performing a math expression on returned data. */ metricDataQueries: pulumi.Input[]>; } interface ScalingPolicyPredictiveScalingMetricSpecificationArgs { /** * The customized capacity metric specification. */ customizedCapacityMetricSpecification?: pulumi.Input; /** * The customized load metric specification. */ customizedLoadMetricSpecification?: pulumi.Input; /** * The customized scaling metric specification. */ customizedScalingMetricSpecification?: pulumi.Input; /** * The predefined load metric specification. */ predefinedLoadMetricSpecification?: pulumi.Input; /** * The predefined metric pair specification from which Amazon EC2 Auto Scaling determines the appropriate scaling metric and load metric to use. */ predefinedMetricPairSpecification?: pulumi.Input; /** * The predefined scaling metric specification. */ predefinedScalingMetricSpecification?: pulumi.Input; /** * Specifies the target utilization. * * > Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval. */ targetValue: pulumi.Input; } interface ScalingPolicyPredictiveScalingPredefinedLoadMetricArgs { /** * The metric type. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific Application Load Balancer target group from which to determine the request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group. * * You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is: * * `app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` . * * Where: * * - app// is the final portion of the load balancer ARN * - targetgroup// is the final portion of the target group ARN. * * To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation. */ resourceLabel?: pulumi.Input; } interface ScalingPolicyPredictiveScalingPredefinedMetricPairArgs { /** * Indicates which metrics to use. There are two different types of metrics for each metric type: one is a load metric and one is a scaling metric. For example, if the metric type is `ASGCPUUtilization` , the Auto Scaling group's total CPU metric is used as the load metric, and the average CPU metric is used for the scaling metric. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific Application Load Balancer target group from which to determine the total and average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group. * * You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is: * * `app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` . * * Where: * * - app// is the final portion of the load balancer ARN * - targetgroup// is the final portion of the target group ARN. * * To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation. */ resourceLabel?: pulumi.Input; } interface ScalingPolicyPredictiveScalingPredefinedScalingMetricArgs { /** * The metric type. */ predefinedMetricType: pulumi.Input; /** * A label that uniquely identifies a specific Application Load Balancer target group from which to determine the average request count served by your Auto Scaling group. You can't specify a resource label unless the target group is attached to the Auto Scaling group. * * You create the resource label by appending the final portion of the load balancer ARN and the final portion of the target group ARN into a single value, separated by a forward slash (/). The format of the resource label is: * * `app/my-alb/778d41231b141a0f/targetgroup/my-alb-target-group/943f017f100becff` . * * Where: * * - app// is the final portion of the load balancer ARN * - targetgroup// is the final portion of the target group ARN. * * To find the ARN for an Application Load Balancer, use the [DescribeLoadBalancers](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeLoadBalancers.html) API operation. To find the ARN for the target group, use the [DescribeTargetGroups](https://docs.aws.amazon.com/elasticloadbalancing/latest/APIReference/API_DescribeTargetGroups.html) API operation. */ resourceLabel?: pulumi.Input; } interface ScalingPolicyStepAdjustmentArgs { /** * The lower bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the lower bound is inclusive (the metric must be greater than or equal to the threshold plus the lower bound). Otherwise, it is exclusive (the metric must be greater than the threshold plus the lower bound). A null value indicates negative infinity. */ metricIntervalLowerBound?: pulumi.Input; /** * The upper bound for the difference between the alarm threshold and the CloudWatch metric. If the metric value is above the breach threshold, the upper bound is exclusive (the metric must be less than the threshold plus the upper bound). Otherwise, it is inclusive (the metric must be less than or equal to the threshold plus the upper bound). A null value indicates positive infinity. * * The upper bound must be greater than the lower bound. */ metricIntervalUpperBound?: pulumi.Input; /** * The amount by which to scale, based on the specified adjustment type. A positive value adds to the current capacity while a negative number removes from the current capacity. For exact capacity, you must specify a non-negative value. */ scalingAdjustment: pulumi.Input; } interface ScalingPolicyTargetTrackingConfigurationArgs { /** * A customized metric. You must specify either a predefined metric or a customized metric. */ customizedMetricSpecification?: pulumi.Input; /** * Indicates whether scaling in by the target tracking scaling policy is disabled. If scaling in is disabled, the target tracking scaling policy doesn't remove instances from the Auto Scaling group. Otherwise, the target tracking scaling policy can remove instances from the Auto Scaling group. The default is `false` . */ disableScaleIn?: pulumi.Input; /** * A predefined metric. You must specify either a predefined metric or a customized metric. */ predefinedMetricSpecification?: pulumi.Input; /** * The target value for the metric. * * > Some metrics are based on a count instead of a percentage, such as the request count for an Application Load Balancer or the number of messages in an SQS queue. If the scaling policy specifies one of these metrics, specify the target utilization as the optimal average request or message count per instance during any one-minute interval. */ targetValue: pulumi.Input; } interface ScalingPolicyTargetTrackingMetricDataQueryArgs { /** * The math expression to perform on the returned data, if this object is performing a math expression. This expression can use the `Id` of the other metrics to refer to those metrics, and can also use the `Id` of other expressions to use the result of those expressions. * * Conditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both. */ expression?: pulumi.Input; /** * A short name that identifies the object's results in the response. This name must be unique among all `TargetTrackingMetricDataQuery` objects specified for a single scaling policy. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscores. The first character must be a lowercase letter. */ id: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is a math expression, so that you know what the value represents. */ label?: pulumi.Input; /** * Information about the metric data to return. * * Conditional: Within each `TargetTrackingMetricDataQuery` object, you must specify either `Expression` or `MetricStat` , but not both. */ metricStat?: pulumi.Input; /** * The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) . */ period?: pulumi.Input; /** * Indicates whether to return the timestamps and raw data values of this metric. * * If you use any math expressions, specify `true` for this value for only the final math expression that the metric specification is based on. You must specify `false` for `ReturnData` for all the other metrics and expressions used in the metric specification. * * If you are only retrieving metrics and not performing any math expressions, do not specify anything for `ReturnData` . This sets it to its default ( `true` ). */ returnData?: pulumi.Input; } interface ScalingPolicyTargetTrackingMetricStatArgs { /** * The metric to use. */ metric: pulumi.Input; /** * The period of the metric in seconds. The default value is 60. Accepted values are 10, 30, and 60. For high resolution metric, set the value to less than 60. For more information, see [Create a target tracking policy using high-resolution metrics for faster response](https://docs.aws.amazon.com/autoscaling/ec2/userguide/policy-creating-high-resolution-metrics.html) . */ period?: pulumi.Input; /** * The statistic to return. It can include any CloudWatch statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *Amazon CloudWatch User Guide* . * * The most commonly used metric for scaling is `Average` . */ stat: pulumi.Input; /** * The unit to use for the returned data points. For a complete list of the units that CloudWatch supports, see the [MetricDatum](https://docs.aws.amazon.com/AmazonCloudWatch/latest/APIReference/API_MetricDatum.html) data type in the *Amazon CloudWatch API Reference* . */ unit?: pulumi.Input; } interface WarmPoolInstanceReusePolicyArgs { /** * Specifies whether instances in the Auto Scaling group can be returned to the warm pool on scale in. */ reuseOnScaleIn?: pulumi.Input; } } export declare namespace b2bi { interface CapabilityConfigurationPropertiesArgs { edi: pulumi.Input; } interface CapabilityEdiConfigurationArgs { capabilityDirection?: pulumi.Input; inputLocation: pulumi.Input; outputLocation: pulumi.Input; transformerId: pulumi.Input; type: pulumi.Input; } interface CapabilityEdiTypePropertiesArgs { x12Details: pulumi.Input; } interface CapabilityS3LocationArgs { bucketName?: pulumi.Input; key?: pulumi.Input; } interface CapabilityX12DetailsArgs { transactionSet?: pulumi.Input; version?: pulumi.Input; } interface PartnershipCapabilityOptionsArgs { /** * A structure that contains the inbound EDI options for the capability. */ inboundEdi?: pulumi.Input; /** * A structure that contains the outbound EDI options. */ outboundEdi?: pulumi.Input; } interface PartnershipInboundEdiOptionsArgs { /** * A structure that contains X12-specific options for processing inbound X12 EDI files. */ x12?: pulumi.Input; } interface PartnershipOutboundEdiOptionsPropertiesArgs { x12: pulumi.Input; } interface PartnershipWrapOptionsArgs { lineLength?: pulumi.Input; lineTerminator?: pulumi.Input; wrapBy?: pulumi.Input; } interface PartnershipX12AcknowledgmentOptionsArgs { /** * Specifies whether functional acknowledgments (997/999) should be generated for incoming X12 transactions. Valid values are `DO_NOT_GENERATE` , `GENERATE_ALL_SEGMENTS` and `GENERATE_WITHOUT_TRANSACTION_SET_RESPONSE_LOOP` . * * If you choose `GENERATE_WITHOUT_TRANSACTION_SET_RESPONSE_LOOP` , AWS B2B Data Interchange skips the AK2_Loop when generating an acknowledgment document. */ functionalAcknowledgment: pulumi.Input; /** * Specifies whether technical acknowledgments (TA1) should be generated for incoming X12 interchanges. Valid values are `DO_NOT_GENERATE` and `GENERATE_ALL_SEGMENTS` and. */ technicalAcknowledgment: pulumi.Input; } interface PartnershipX12ControlNumbersArgs { startingFunctionalGroupControlNumber?: pulumi.Input; startingInterchangeControlNumber?: pulumi.Input; startingTransactionSetControlNumber?: pulumi.Input; } interface PartnershipX12DelimitersArgs { componentSeparator?: pulumi.Input; dataElementSeparator?: pulumi.Input; segmentTerminator?: pulumi.Input; } interface PartnershipX12EnvelopeArgs { common?: pulumi.Input; wrapOptions?: pulumi.Input; } interface PartnershipX12FunctionalGroupHeadersArgs { applicationReceiverCode?: pulumi.Input; applicationSenderCode?: pulumi.Input; responsibleAgencyCode?: pulumi.Input; } interface PartnershipX12InboundEdiOptionsArgs { /** * Specifies acknowledgment options for inbound X12 EDI files. These options control how functional and technical acknowledgments are handled. */ acknowledgmentOptions?: pulumi.Input; } interface PartnershipX12InterchangeControlHeadersArgs { acknowledgmentRequestedCode?: pulumi.Input; receiverId?: pulumi.Input; receiverIdQualifier?: pulumi.Input; repetitionSeparator?: pulumi.Input; senderId?: pulumi.Input; senderIdQualifier?: pulumi.Input; usageIndicatorCode?: pulumi.Input; } interface PartnershipX12OutboundEdiHeadersArgs { controlNumbers?: pulumi.Input; delimiters?: pulumi.Input; functionalGroupHeaders?: pulumi.Input; gs05TimeFormat?: pulumi.Input; interchangeControlHeaders?: pulumi.Input; validateEdi?: pulumi.Input; } interface TransformerAdvancedOptionsArgs { /** * A structure that contains X12-specific advanced options, such as split options for processing X12 EDI files. */ x12?: pulumi.Input; } interface TransformerEdiTypePropertiesArgs { x12Details: pulumi.Input; } interface TransformerFormatOptionsPropertiesArgs { x12: pulumi.Input; } interface TransformerInputConversionArgs { /** * Specifies advanced options for the input conversion process. These options provide additional control over how EDI files are processed during transformation. */ advancedOptions?: pulumi.Input; /** * A structure that contains the formatting options for an inbound transformer. */ formatOptions?: pulumi.Input; /** * The format for the transformer input: currently on `X12` is supported. */ fromFormat: pulumi.Input; } interface TransformerMappingArgs { /** * A string that represents the mapping template, in the transformation language specified in `templateLanguage` . */ template?: pulumi.Input; /** * The transformation language for the template, either XSLT or JSONATA. */ templateLanguage: pulumi.Input; } interface TransformerOutputConversionArgs { advancedOptions?: pulumi.Input; /** * A structure that contains the X12 transaction set and version for the transformer output. */ formatOptions?: pulumi.Input; /** * The format for the output from an outbound transformer: only X12 is currently supported. */ toFormat: pulumi.Input; } interface TransformerSampleDocumentKeysArgs { /** * An array of keys for your input sample documents. */ input?: pulumi.Input; /** * An array of keys for your output sample documents. */ output?: pulumi.Input; } interface TransformerSampleDocumentsArgs { /** * Contains the Amazon S3 bucket that is used to hold your sample documents. */ bucketName: pulumi.Input; /** * Contains an array of the Amazon S3 keys used to identify the location for your sample documents. */ keys: pulumi.Input[]>; } interface TransformerX12AdvancedOptionsArgs { /** * Specifies options for splitting X12 EDI files. These options control how large X12 files are divided into smaller, more manageable units. */ splitOptions?: pulumi.Input; /** * Specifies validation options for X12 EDI processing. These options control how validation rules are applied during EDI document processing, including custom validation rules for element length constraints, code list validations, and element requirement checks. */ validationOptions?: pulumi.Input; } interface TransformerX12CodeListValidationRuleArgs { codesToAdd?: pulumi.Input[]>; codesToRemove?: pulumi.Input[]>; elementId: pulumi.Input; } interface TransformerX12DetailsArgs { transactionSet?: pulumi.Input; version?: pulumi.Input; } interface TransformerX12ElementLengthValidationRuleArgs { elementId: pulumi.Input; maxLength: pulumi.Input; minLength: pulumi.Input; } interface TransformerX12ElementRequirementValidationRuleArgs { elementPosition: pulumi.Input; requirement: pulumi.Input; } interface TransformerX12SplitOptionsArgs { /** * Specifies the method used to split X12 EDI files. Valid values include `TRANSACTION` (split by individual transaction sets), or `NONE` (no splitting). */ splitBy?: pulumi.Input; } interface TransformerX12ValidationOptionsArgs { /** * Specifies a list of validation rules to apply during EDI document processing. These rules can include code list modifications, element length constraints, and element requirement changes. */ validationRules?: pulumi.Input[]>; } interface TransformerX12ValidationRule0PropertiesArgs { codeListValidationRule: pulumi.Input; } interface TransformerX12ValidationRule1PropertiesArgs { elementLengthValidationRule: pulumi.Input; } interface TransformerX12ValidationRule2PropertiesArgs { elementRequirementValidationRule: pulumi.Input; } } export declare namespace backup { interface BackupPlanAdvancedBackupSettingResourceTypeArgs { /** * The backup option for the resource. Each option is a key-value pair. This option is only available for Windows VSS backup jobs. * * Valid values: * * Set to `"WindowsVSS":"enabled"` to enable the `WindowsVSS` backup option and create a Windows VSS backup. * * Set to `"WindowsVSS":"disabled"` to create a regular backup. The `WindowsVSS` option is not enabled by default. * * If you specify an invalid option, you get an `InvalidParameterValueException` exception. * * For more information about Windows VSS backups, see [Creating a VSS-Enabled Windows Backup](https://docs.aws.amazon.com/aws-backup/latest/devguide/windows-backups.html) . */ backupOptions: any; /** * The name of a resource type. The only supported resource type is EC2. */ resourceType: pulumi.Input; } interface BackupPlanBackupRuleResourceTypeArgs { /** * A value in minutes after a backup job is successfully started before it must be completed or it is canceled by AWS Backup . */ completionWindowMinutes?: pulumi.Input; /** * An array of CopyAction objects, which contains the details of the copy operation. */ copyActions?: pulumi.Input[]>; /** * Enables continuous backup and point-in-time restores (PITR). */ enableContinuousBackup?: pulumi.Input; /** * There can up to one IndexAction in each BackupRule, as each backup can have 0 or 1 backup index associated with it. * * Within the array is ResourceTypes. Only 1 resource type will be accepted for each BackupRule. Valid values: * * - `EBS` for Amazon Elastic Block Store * - `S3` for Amazon Simple Storage Service (Amazon S3) */ indexActions?: pulumi.Input[]>; /** * The lifecycle defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define. */ lifecycle?: pulumi.Input; /** * The tags to assign to the resources. */ recoveryPointTags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A display name for a backup rule. */ ruleName: pulumi.Input; scanActions?: pulumi.Input[]>; /** * A CRON expression specifying when AWS Backup initiates a backup job. */ scheduleExpression?: pulumi.Input; /** * This is the timezone in which the schedule expression is set. By default, ScheduleExpressions are in UTC. You can modify this to a specified timezone. */ scheduleExpressionTimezone?: pulumi.Input; /** * An optional value that specifies a period of time in minutes after a backup is scheduled before a job is canceled if it doesn't start successfully. * * If this value is included, it must be at least 60 minutes to avoid errors. */ startWindowMinutes?: pulumi.Input; /** * The name of a logical container where backups are stored. Backup vaults are identified by names that are unique to the account used to create them and the AWS Region where they are created. They consist of letters, numbers, and hyphens. */ targetBackupVault: pulumi.Input; /** * The ARN of a logically air-gapped vault. ARN must be in the same account and Region. If provided, supported fully managed resources back up directly to logically air-gapped vault, while other supported resources create a temporary (billable) snapshot in backup vault, then copy it to logically air-gapped vault. Unsupported resources only back up to the specified backup vault. */ targetLogicallyAirGappedBackupVaultArn?: pulumi.Input; } interface BackupPlanCopyActionResourceTypeArgs { /** * An Amazon Resource Name (ARN) that uniquely identifies the destination backup vault for the copied backup. For example, `arn:aws:backup:us-east-1:123456789012:vault:aBackupVault.` */ destinationBackupVaultArn: pulumi.Input; /** * Defines when a protected resource is transitioned to cold storage and when it expires. AWS Backup transitions and expires backups automatically according to the lifecycle that you define. If you do not specify a lifecycle, AWS Backup applies the lifecycle policy of the source backup to the destination backup. * * Backups transitioned to cold storage must be stored in cold storage for a minimum of 90 days. */ lifecycle?: pulumi.Input; } interface BackupPlanIndexActionsResourceTypeArgs { /** * 0 or 1 index action will be accepted for each BackupRule. * * Valid values: * * - `EBS` for Amazon Elastic Block Store * - `S3` for Amazon Simple Storage Service (Amazon S3) */ resourceTypes?: pulumi.Input[]>; } interface BackupPlanLifecycleResourceTypeArgs { /** * The number of days after creation that a recovery point is deleted. This value must be at least 90 days after the number of days specified in `MoveToColdStorageAfterDays` . */ deleteAfterDays?: pulumi.Input; /** * The number of days after creation that a recovery point is moved to cold storage. */ moveToColdStorageAfterDays?: pulumi.Input; /** * If the value is true, your backup plan transitions supported resources to archive (cold) storage tier in accordance with your lifecycle settings. */ optInToArchiveForSupportedResources?: pulumi.Input; } interface BackupPlanResourceTypeArgs { /** * A list of backup options for each resource type. */ advancedBackupSettings?: pulumi.Input[]>; /** * The display name of a backup plan. */ backupPlanName: pulumi.Input; /** * An array of `BackupRule` objects, each of which specifies a scheduled task that is used to back up a selection of resources. */ backupPlanRule: pulumi.Input[]>; scanSettings?: pulumi.Input[]>; } interface BackupPlanScanActionResourceTypeArgs { malwareScanner?: pulumi.Input; scanMode?: pulumi.Input; } interface BackupPlanScanSettingResourceTypeArgs { malwareScanner?: pulumi.Input; resourceTypes?: pulumi.Input[]>; scannerRoleArn?: pulumi.Input; } interface BackupSelectionConditionParameterArgs { /** * The key in a key-value pair. For example, in the tag `Department: Accounting` , `Department` is the key. */ conditionKey?: pulumi.Input; /** * The value in a key-value pair. For example, in the tag `Department: Accounting` , `Accounting` is the value. */ conditionValue?: pulumi.Input; } interface BackupSelectionConditionResourceTypeArgs { /** * The key in a key-value pair. For example, in `"Department": "accounting"` , `"Department"` is the key. */ conditionKey: pulumi.Input; /** * An operation, such as `STRINGEQUALS` , that is applied to a key-value pair used to filter resources in a selection. */ conditionType: pulumi.Input; /** * The value in a key-value pair. For example, in `"Department": "accounting"` , `"accounting"` is the value. */ conditionValue: pulumi.Input; } interface BackupSelectionResourceTypeArgs { /** * A list of conditions that you define to assign resources to your backup plans using tags. For example, `"StringEquals": { "ConditionKey": "aws:ResourceTag/CreatedByCryo", "ConditionValue": "true" },` . Condition operators are case sensitive. * * `Conditions` differs from `ListOfTags` as follows: * * - When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic). * - `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` . */ conditions?: pulumi.Input; /** * The ARN of the IAM role that AWS Backup uses to authenticate when backing up the target resource; for example, `arn:aws:iam::123456789012:role/S3Access` . */ iamRoleArn: pulumi.Input; /** * A list of conditions that you define to assign resources to your backup plans using tags. For example, `"StringEquals": { "ConditionKey": "aws:ResourceTag/CreatedByCryo", "ConditionValue": "true" },` . Condition operators are case sensitive. * * `ListOfTags` differs from `Conditions` as follows: * * - When you specify more than one condition, you assign all resources that match AT LEAST ONE condition (using OR logic). * - `ListOfTags` only supports `StringEquals` . `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . */ listOfTags?: pulumi.Input[]>; /** * A list of Amazon Resource Names (ARNs) to exclude from a backup plan. The maximum number of ARNs is 500 without wildcards, or 30 ARNs with wildcards. * * If you need to exclude many resources from a backup plan, consider a different resource selection strategy, such as assigning only one or a few resource types or refining your resource selection using tags. */ notResources?: pulumi.Input[]>; /** * An array of strings that contain Amazon Resource Names (ARNs) of resources to assign to a backup plan. */ resources?: pulumi.Input[]>; /** * The display name of a resource selection document. */ selectionName: pulumi.Input; } /** * A list of conditions that you define to assign resources to your backup plans using tags. For example, `"StringEquals": { "ConditionKey": "aws:ResourceTag/CreatedByCryo", "ConditionValue": "true" },` . Condition operators are case sensitive. * * `Conditions` differs from `ListOfTags` as follows: * * - When you specify more than one condition, you only assign the resources that match ALL conditions (using AND logic). * - `Conditions` supports `StringEquals` , `StringLike` , `StringNotEquals` , and `StringNotLike` . `ListOfTags` only supports `StringEquals` . */ interface BackupSelectionResourceTypeConditionsPropertiesArgs { stringEquals?: pulumi.Input[]>; stringLike?: pulumi.Input[]>; stringNotEquals?: pulumi.Input[]>; stringNotLike?: pulumi.Input[]>; } interface BackupVaultLockConfigurationTypeArgs { /** * The AWS Backup Vault Lock configuration that specifies the number of days before the lock date. For example, setting `ChangeableForDays` to 30 on Jan. 1, 2022 at 8pm UTC will set the lock date to Jan. 31, 2022 at 8pm UTC. * * AWS Backup enforces a 72-hour cooling-off period before Vault Lock takes effect and becomes immutable. Therefore, you must set `ChangeableForDays` to 3 or greater. * * Before the lock date, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` . On and after the lock date, the Vault Lock becomes immutable and cannot be changed or deleted. * * If this parameter is not specified, you can delete Vault Lock from the vault using `DeleteBackupVaultLockConfiguration` or change the Vault Lock configuration using `PutBackupVaultLockConfiguration` at any time. */ changeableForDays?: pulumi.Input; /** * The AWS Backup Vault Lock configuration that specifies the maximum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to destroy certain data after retaining it for four years (1460 days). * * If this parameter is not included, Vault Lock does not enforce a maximum retention period on the recovery points in the vault. If this parameter is included without a value, Vault Lock will not enforce a maximum retention period. * * If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or shorter than the maximum retention period. If the job's retention period is longer than that maximum retention period, then the vault fails the backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected. */ maxRetentionDays?: pulumi.Input; /** * The AWS Backup Vault Lock configuration that specifies the minimum retention period that the vault retains its recovery points. This setting can be useful if, for example, your organization's policies require you to retain certain data for at least seven years (2555 days). * * If this parameter is not specified, Vault Lock will not enforce a minimum retention period. * * If this parameter is specified, any backup or copy job to the vault must have a lifecycle policy with a retention period equal to or longer than the minimum retention period. If the job's retention period is shorter than that minimum retention period, then the vault fails that backup or copy job, and you should either modify your lifecycle settings or use a different vault. Recovery points already saved in the vault prior to Vault Lock are not affected. */ minRetentionDays: pulumi.Input; } interface BackupVaultNotificationObjectTypeArgs { /** * An array of events that indicate the status of jobs to back up resources to the backup vault. For valid events, see [BackupVaultEvents](https://docs.aws.amazon.com/aws-backup/latest/devguide/API_PutBackupVaultNotifications.html#API_PutBackupVaultNotifications_RequestSyntax) in the *AWS Backup API Guide* . */ backupVaultEvents: pulumi.Input[]>; /** * An ARN that uniquely identifies an Amazon Simple Notification Service (Amazon SNS) topic; for example, `arn:aws:sns:us-west-2:111122223333:MyTopic` . */ snsTopicArn: pulumi.Input; } interface FrameworkControlArgs { /** * A list of ParameterName and ParameterValue pairs. */ controlInputParameters?: pulumi.Input[]>; /** * The name of a control. This name is between 1 and 256 characters. */ controlName: pulumi.Input; /** * The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. */ controlScope?: pulumi.Input; } /** * The scope of a control. The control scope defines what the control will evaluate. Three examples of control scopes are: a specific backup plan, all backup plans with a specific tag, or all backup plans. */ interface FrameworkControlControlScopePropertiesArgs { /** * The ID of the only AWS resource that you want your control scope to contain. */ complianceResourceIds?: pulumi.Input[]>; /** * Describes whether the control scope includes one or more types of resources, such as `EFS` or `RDS`. */ complianceResourceTypes?: pulumi.Input[]>; /** * Describes whether the control scope includes resources with one or more tags. Each tag is a key-value pair. */ tags?: pulumi.Input[]>; } interface FrameworkControlInputParameterArgs { /** * The name of a parameter, for example, `BackupPlanFrequency` . */ parameterName: pulumi.Input; /** * The value of parameter, for example, `hourly` . */ parameterValue: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface FrameworkTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key?: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value?: pulumi.Input; } interface LogicallyAirGappedBackupVaultNotificationObjectTypeArgs { /** * An array of events that indicate the status of jobs to back up resources to the backup vault. */ backupVaultEvents: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) that specifies the topic for a backup vault’s events; for example, `arn:aws:sns:us-west-2:111122223333:MyVaultTopic` . */ snsTopicArn: pulumi.Input; } /** * A structure that contains information about where and how to deliver your reports, specifically your Amazon S3 bucket name, S3 key prefix, and the formats of your reports. */ interface ReportDeliveryChannelPropertiesArgs { /** * A list of the format of your reports: CSV, JSON, or both. If not specified, the default format is CSV. */ formats?: pulumi.Input[]>; /** * The unique name of the S3 bucket that receives your reports. */ s3BucketName: pulumi.Input; /** * The prefix for where AWS Backup Audit Manager delivers your reports to Amazon S3. The prefix is this part of the following path: s3://your-bucket-name/prefix/Backup/us-west-2/year/month/day/report-name. If not specified, there is no prefix. */ s3KeyPrefix?: pulumi.Input; } /** * Identifies the report template for the report. Reports are built using a report template. */ interface ReportSettingPropertiesArgs { /** * The list of AWS accounts that a report covers. */ accounts?: pulumi.Input[]>; /** * The Amazon Resource Names (ARNs) of the frameworks a report covers. */ frameworkArns?: pulumi.Input[]>; /** * The list of AWS organization units that a report covers. */ organizationUnits?: pulumi.Input[]>; /** * The list of AWS regions that a report covers. */ regions?: pulumi.Input[]>; /** * Identifies the report template for the report. Reports are built using a report template. The report templates are: `BACKUP_JOB_REPORT | COPY_JOB_REPORT | RESTORE_JOB_REPORT` */ reportTemplate: pulumi.Input; } interface RestoreTestingPlanRestoreTestingRecoveryPointSelectionArgs { /** * Acceptable values include "LATEST_WITHIN_WINDOW" or "RANDOM_WITHIN_WINDOW" */ algorithm: pulumi.Input; /** * Accepted values include specific ARNs or list of selectors. Defaults to empty list if not listed. */ excludeVaults?: pulumi.Input[]>; /** * Accepted values include wildcard ["*"] or by specific ARNs or ARN wilcard replacement ["arn:aws:backup:us-west-2:123456789012:backup-vault:asdf", ...] ["arn:aws:backup:*:*:backup-vault:asdf-*", ...] */ includeVaults: pulumi.Input[]>; /** * These are the types of recovery points. * * Include `SNAPSHOT` to restore only snapshot recovery points; include `CONTINUOUS` to restore continuous recovery points (point in time restore / PITR); use both to restore either a snapshot or a continuous recovery point. The recovery point will be determined by the value for `Algorithm` . */ recoveryPointTypes: pulumi.Input[]>; /** * Accepted values are integers from 1 to 365. */ selectionWindowDays?: pulumi.Input; } interface RestoreTestingSelectionKeyValueArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } interface RestoreTestingSelectionProtectedResourceConditionsArgs { /** * Filters the values of your tagged resources for only those resources that you tagged with the same value. Also called "exact matching." */ stringEquals?: pulumi.Input[]>; /** * Filters the values of your tagged resources for only those resources that you tagged that do not have the same value. Also called "negated matching." */ stringNotEquals?: pulumi.Input[]>; } interface TieringConfigurationResourceSelectionArgs { resourceType: pulumi.Input; resources: pulumi.Input[]>; tieringDownSettingsInDays: pulumi.Input; } } export declare namespace backupgateway { } export declare namespace batch { interface ComputeEnvironmentComputeResourcesArgs { /** * The allocation strategy to use for the compute resource if not enough instances of the best fitting instance type can be allocated. This might be because of availability of the instance type in the Region or [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) . For more information, see [Allocation strategies](https://docs.aws.amazon.com/batch/latest/userguide/allocation-strategies.html) in the *AWS Batch User Guide* . * * When updating a compute environment, changing the allocation strategy requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . `BEST_FIT` is not supported when updating a compute environment. * * > This parameter isn't applicable to jobs that are running on Fargate resources, and shouldn't be specified. * * - **BEST_FIT (default)** - AWS Batch selects an instance type that best fits the needs of the jobs with a preference for the lowest-cost instance type. If additional instances of the selected instance type aren't available, AWS Batch waits for the additional instances to be available. If there aren't enough instances available, or if the user is reaching [Amazon EC2 service limits](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-resource-limits.html) then additional jobs aren't run until the currently running jobs have completed. This allocation strategy keeps costs lower but can limit scaling. If you are using Spot Fleets with `BEST_FIT` then the Spot Fleet IAM role must be specified. * - **BEST_FIT_PROGRESSIVE** - AWS Batch will select additional instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types with a lower cost per unit vCPU. If additional instances of the previously selected instance types aren't available, AWS Batch will select new instance types. * - **SPOT_CAPACITY_OPTIMIZED** - AWS Batch will select one or more instance types that are large enough to meet the requirements of the jobs in the queue, with a preference for instance types that are less likely to be interrupted. This allocation strategy is only available for Spot Instance compute resources. * - **SPOT_PRICE_CAPACITY_OPTIMIZED** - The price and capacity optimized allocation strategy looks at both price and capacity to select the Spot Instance pools that are the least likely to be interrupted and have the lowest possible price. This allocation strategy is only available for Spot Instance compute resources. * * > We recommend that you use `SPOT_PRICE_CAPACITY_OPTIMIZED` rather than `SPOT_CAPACITY_OPTIMIZED` in most instances. * * With `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` , and `SPOT_PRICE_CAPACITY_OPTIMIZED` allocation strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to go above `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance. */ allocationStrategy?: pulumi.Input; /** * The maximum percentage that a Spot Instance price can be when compared with the On-Demand price for that instance type before instances are launched. For example, if your maximum percentage is 20%, the Spot price must be less than 20% of the current On-Demand price for that Amazon EC2 instance. You always pay the lowest (market) price and never more than your maximum percentage. For most use cases, we recommend leaving this field empty. * * When updating a compute environment, changing the bid percentage requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ bidPercentage?: pulumi.Input; /** * The desired number of vCPUS in the compute environment. AWS Batch modifies this value between the minimum and maximum values based on job queue demand. * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > AWS Batch doesn't support changing the desired number of vCPUs of an existing compute environment. Don't specify this parameter for compute environments using Amazon EKS clusters. > When you update the `desiredvCpus` setting, the value must be between the `minvCpus` and `maxvCpus` values. * > * > Additionally, the updated `desiredvCpus` value must be greater than or equal to the current `desiredvCpus` value. For more information, see [Troubleshooting AWS Batch](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#error-desired-vcpus-update) in the *AWS Batch User Guide* . */ desiredvCpus?: pulumi.Input; /** * Provides information used to select Amazon Machine Images (AMIs) for Amazon EC2 instances in the compute environment. If `Ec2Configuration` isn't specified, the default is `ECS_AL2` . * * When updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . To remove the Amazon EC2 configuration and any custom AMI ID specified in `imageIdOverride` , set this value to an empty string. * * One or two values can be provided. * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ ec2Configuration?: pulumi.Input[]>; /** * The Amazon EC2 key pair that's used for instances launched in the compute environment. You can use this key pair to log in to your instances with SSH. To remove the Amazon EC2 key pair, set this value to an empty string. * * When updating a compute environment, changing the Amazon EC2 key pair requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ ec2KeyPair?: pulumi.Input; /** * The Amazon Machine Image (AMI) ID used for instances launched in the compute environment. This parameter is overridden by the `imageIdOverride` member of the `Ec2Configuration` structure. To remove the custom AMI ID and use the default AMI ID, set this value to an empty string. * * When updating a compute environment, changing the AMI ID requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* . */ imageId?: pulumi.Input; /** * The Amazon ECS instance profile applied to Amazon EC2 instances in a compute environment. Required for Amazon EC2 instances. You can specify the short name or full Amazon Resource Name (ARN) of an instance profile. For example, `*ecsInstanceRole*` or `arn:aws:iam:: ** :instance-profile/ *ecsInstanceRole*` . For more information, see [Amazon ECS instance role](https://docs.aws.amazon.com/batch/latest/userguide/instance_IAM_role.html) in the *AWS Batch User Guide* . * * When updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ instanceRole?: pulumi.Input; /** * The instances types that can be launched. You can specify instance families to launch any instance type within those families (for example, `c5` or `p3` ), or you can specify specific sizes within a family (such as `c5.8xlarge` ). * * AWS Batch can select the instance type for you if you choose one of the following: * * - `optimal` to select instance types (from the `c4` , `m4` , `r4` , `c5` , `m5` , and `r5` instance families) that match the demand of your job queues. * - `default_x86_64` to choose x86 based instance types (from the `m6i` , `c6i` , `r6i` , and `c7i` instance families) that matches the resource demands of the job queue. * - `default_arm64` to choose x86 based instance types (from the `m6g` , `c6g` , `r6g` , and `c7g` instance families) that matches the resource demands of the job queue. * * > Starting on 11/01/2025 the behavior of `optimal` is going to be changed to match `default_x86_64` . During the change your instance families could be updated to a newer generation. You do not need to perform any actions for the upgrade to happen. For more information about change, see [Optimal instance type configuration to receive automatic instance family updates](https://docs.aws.amazon.com/batch/latest/userguide/optimal-default-instance-troubleshooting.html) . > Instance family availability varies by AWS Region . For example, some AWS Region s may not have any fourth generation instance families but have fifth and sixth generation instance families. * > * > When using `default_x86_64` or `default_arm64` instance bundles, AWS Batch selects instance families based on a balance of cost-effectiveness and performance. While newer generation instances often provide better price-performance, AWS Batch may choose an earlier generation instance family if it provides the optimal combination of availability, cost, and performance for your workload. For example, in an AWS Region where both c6i and c7i instances are available, AWS Batch might select c6i instances if they offer better cost-effectiveness for your specific job requirements. For more information on AWS Batch instance types and AWS Region availability, see [Instance type compute table](https://docs.aws.amazon.com/batch/latest/userguide/instance-type-compute-table.html) in the *AWS Batch User Guide* . * > * > AWS Batch periodically updates your instances in default bundles to newer, more cost-effective options. Updates happen automatically without requiring any action from you. Your workloads continue running during updates with no interruption > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > When you create a compute environment, the instance types that you select for the compute environment must share the same architecture. For example, you can't mix x86 and ARM instances in the same compute environment. */ instanceTypes?: pulumi.Input[]>; /** * The launch template to use for your compute resources. Any other compute resource parameters that you specify in a [CreateComputeEnvironment](https://docs.aws.amazon.com/batch/latest/APIReference/API_CreateComputeEnvironment.html) API operation override the same parameters in the launch template. You must specify either the launch template ID or launch template name in the request, but not both. For more information, see [Launch Template Support](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html) in the ** . Removing the launch template from a compute environment will not remove the AMI specified in the launch template. In order to update the AMI specified in a launch template, the `updateToLatestImageVersion` parameter must be set to `true` . * * When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the ** . * * > This parameter isn't applicable to jobs running on Fargate resources, and shouldn't be specified. */ launchTemplate?: pulumi.Input; /** * The maximum number of Amazon EC2 vCPUs that an environment can reach. * * > With `BEST_FIT_PROGRESSIVE` , `SPOT_CAPACITY_OPTIMIZED` and `SPOT_PRICE_CAPACITY_OPTIMIZED` (recommended) strategies using On-Demand or Spot Instances, and the `BEST_FIT` strategy using Spot Instances, AWS Batch might need to exceed `maxvCpus` to meet your capacity requirements. In this event, AWS Batch never exceeds `maxvCpus` by more than a single instance. */ maxvCpus: pulumi.Input; /** * The minimum number of vCPUs that an environment should maintain (even if the compute environment is `DISABLED` ). * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ minvCpus?: pulumi.Input; /** * The Amazon EC2 placement group to associate with your compute resources. If you intend to submit multi-node parallel jobs to your compute environment, you should consider creating a cluster placement group and associate it with your compute resources. This keeps your multi-node parallel job on a logical grouping of instances within a single Availability Zone with high network flow potential. For more information, see [Placement groups](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/placement-groups.html) in the *Amazon EC2 User Guide for Linux Instances* . * * When updating a compute environment, changing the placement group requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. */ placementGroup?: pulumi.Input; scalingPolicy?: pulumi.Input; /** * The Amazon EC2 security groups that are associated with instances launched in the compute environment. This parameter is required for Fargate compute resources, where it can contain up to 5 security groups. For Fargate compute resources, providing an empty list is handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the security groups from the compute resource. * * When updating a compute environment, changing the Amazon EC2 security groups requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . */ securityGroupIds?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the Amazon EC2 Spot Fleet IAM role applied to a `SPOT` compute environment. This role is required if the allocation strategy set to `BEST_FIT` or if the allocation strategy isn't specified. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't specify it. > To tag your Spot Instances on creation, the Spot Fleet IAM role specified here must use the newer *AmazonEC2SpotFleetTaggingRole* managed policy. The previously recommended *AmazonEC2SpotFleetRole* managed policy doesn't have the required permissions to tag Spot Instances. For more information, see [Spot instances not tagged on creation](https://docs.aws.amazon.com/batch/latest/userguide/troubleshooting.html#spot-instance-no-tag) in the *AWS Batch User Guide* . */ spotIamFleetRole?: pulumi.Input; /** * The VPC subnets where the compute resources are launched. Fargate compute resources can contain up to 16 subnets. For Fargate compute resources, providing an empty list will be handled as if this parameter wasn't specified and no change is made. For Amazon EC2 compute resources, providing an empty list removes the VPC subnets from the compute resource. For more information, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* . * * When updating a compute environment, changing the VPC subnets requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * > AWS Batch on Amazon EC2 and AWS Batch on Amazon EKS support Local Zones. For more information, see [Local Zones](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-regions-availability-zones.html#concepts-local-zones) in the *Amazon EC2 User Guide for Linux Instances* , [Amazon EKS and AWS Local Zones](https://docs.aws.amazon.com/eks/latest/userguide/local-zones.html) in the *Amazon EKS User Guide* and [Amazon ECS clusters in Local Zones, Wavelength Zones, and AWS Outposts](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-regions-zones.html#clusters-local-zones) in the *Amazon ECS Developer Guide* . * > * > AWS Batch on Fargate doesn't currently support Local Zones. */ subnets: pulumi.Input[]>; /** * A key-value pair to associate with a resource. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The type of compute environment: `EC2` , `SPOT` , `FARGATE` , or `FARGATE_SPOT` . For more information, see [Compute environments](https://docs.aws.amazon.com/batch/latest/userguide/compute_environments.html) in the *AWS Batch User Guide* . * * If you choose `SPOT` , you must also specify an Amazon EC2 Spot Fleet role with the `spotIamFleetRole` parameter. For more information, see [Amazon EC2 spot fleet role](https://docs.aws.amazon.com/batch/latest/userguide/spot_fleet_IAM_role.html) in the *AWS Batch User Guide* . * * When updating compute environment, changing the type of a compute environment requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * When updating the type of a compute environment, changing between `EC2` and `SPOT` or between `FARGATE` and `FARGATE_SPOT` will initiate an infrastructure update, but if you switch between `EC2` and `FARGATE` , CloudFormation will create a new compute environment. */ type: pulumi.Input; /** * Specifies whether the AMI ID is updated to the latest one that's supported by AWS Batch when the compute environment has an infrastructure update. The default value is `false` . * * > An AMI ID can either be specified in the `imageId` or `imageIdOverride` parameters or be determined by the launch template that's specified in the `launchTemplate` parameter. If an AMI ID is specified any of these ways, this parameter is ignored. For more information about to update AMI IDs during an infrastructure update, see [Updating the AMI ID](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html#updating-compute-environments-ami) in the *AWS Batch User Guide* . * * When updating a compute environment, changing this setting requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . */ updateToLatestImageVersion?: pulumi.Input; } interface ComputeEnvironmentComputeScalingPolicyArgs { minScaleDownDelayMinutes?: pulumi.Input; } interface ComputeEnvironmentEc2ConfigurationObjectArgs { /** * The AMI ID used for instances launched in the compute environment that match the image type. This setting overrides the `imageId` set in the `computeResource` object. * * > The AMI that you choose for a compute environment must match the architecture of the instance types that you intend to use for that compute environment. For example, if your compute environment uses A1 instance types, the compute resource AMI that you choose must support ARM instances. Amazon ECS vends both x86 and ARM versions of the Amazon ECS-optimized Amazon Linux 2 AMI. For more information, see [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#ecs-optimized-ami-linux-variants.html) in the *Amazon Elastic Container Service Developer Guide* . */ imageIdOverride?: pulumi.Input; /** * The Kubernetes version for the compute environment. If you don't specify a value, the latest version that AWS Batch supports is used. */ imageKubernetesVersion?: pulumi.Input; /** * The image type to match with the instance type to select an AMI. The supported values are different for `ECS` and `EKS` resources. * * - **ECS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon ECS-optimized Amazon Linux 2 AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) ( `ECS_AL2` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon ECS optimized AMI for that image type that's supported by AWS Batch is used. * * > AWS will end support for Amazon ECS optimized AL2-optimized and AL2-accelerated AMIs. Starting in January 2026, AWS Batch will change the default AMI for new Amazon ECS compute environments from Amazon Linux 2 to Amazon Linux 2023. We recommend migrating AWS Batch Amazon ECS compute environments to Amazon Linux 2023 to maintain optimal performance and security. For more information on upgrading from AL2 to AL2023, see [How to migrate from ECS AL2 to ECS AL2023](https://docs.aws.amazon.com/batch/latest/userguide/ecs-migration-2023.html) in the *AWS Batch User Guide* . * * - **ECS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#al2ami) : Default for all non-GPU instance families. * - **ECS_AL2_NVIDIA** - [Amazon Linux 2 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : Default for all GPU instance families (for example `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types. * - **ECS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) : AWS Batch supports Amazon Linux 2023. * * > Amazon Linux 2023 does not support `A1` instances. * - **ECS_AL2023_NVIDIA** - [Amazon Linux 2023 (GPU)](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html#gpuami) : For all GPU instance families and can be used for all non AWS Graviton-based instance types. * * > ECS_AL2023_NVIDIA doesn't support `p3` and `g3` instance types. * - **EKS** - If the `imageIdOverride` parameter isn't specified, then a recent [Amazon EKS-optimized Amazon Linux 2023 AMI](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) ( `EKS_AL2023` ) is used. If a new image type is specified in an update, but neither an `imageId` nor a `imageIdOverride` parameter is specified, then the latest Amazon EKS optimized AMI for that image type that AWS Batch supports is used. * * > Amazon Linux 2023 AMIs are the default on AWS Batch for Amazon EKS. * > * > AWS will end support for Amazon EKS AL2-optimized and AL2-accelerated AMIs, starting 11/26/25. You can continue using AWS Batch -provided Amazon EKS optimized Amazon Linux 2 AMIs on your Amazon EKS compute environments beyond the 11/26/25 end-of-support date, these compute environments will no longer receive any new software updates, security patches, or bug fixes from AWS . For more information on upgrading from AL2 to AL2023, see [How to upgrade from EKS AL2 to EKS AL2023](https://docs.aws.amazon.com/batch/latest/userguide/eks-migration-2023.html) in the *AWS Batch User Guide* . * * - **EKS_AL2** - [Amazon Linux 2](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Used for non-GPU instance families. * - **EKS_AL2_NVIDIA** - [Amazon Linux 2 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Used for GPU instance families (for example, `P4` and `G4` ) and can be used for all non AWS Graviton-based instance types. * - **EKS_AL2023** - [Amazon Linux 2023](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for non-GPU instance families. * * > Amazon Linux 2023 does not support `A1` instances. * - **EKS_AL2023_NVIDIA** - [Amazon Linux 2023 (accelerated)](https://docs.aws.amazon.com/eks/latest/userguide/eks-optimized-ami.html) : Default for GPU instance families and can be used for all non AWS Graviton-based instance types. */ imageType: pulumi.Input; } interface ComputeEnvironmentEksConfigurationArgs { /** * The Amazon Resource Name (ARN) of the Amazon EKS cluster. An example is `arn: *aws* :eks: *us-east-1* : *123456789012* :cluster/ *ClusterForBatch*` . */ eksClusterArn: pulumi.Input; /** * The namespace of the Amazon EKS cluster. AWS Batch manages pods in this namespace. The value can't left empty or null. It must be fewer than 64 characters long, can't be set to `default` , can't start with " `kube-` ," and must match this regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` . For more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the Kubernetes documentation. */ kubernetesNamespace: pulumi.Input; } interface ComputeEnvironmentLaunchTemplateSpecificationArgs { /** * The ID of the launch template. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. */ launchTemplateName?: pulumi.Input; /** * A launch template to use in place of the default launch template. You must specify either the launch template ID or launch template name in the request, but not both. * * You can specify up to ten (10) launch template overrides that are associated to unique instance types or families for each compute environment. * * > To unset all override templates for a compute environment, you can pass an empty array to the [UpdateComputeEnvironment.overrides](https://docs.aws.amazon.com/batch/latest/APIReference/API_UpdateComputeEnvironment.html) parameter, or not include the `overrides` parameter when submitting the `UpdateComputeEnvironment` API operation. */ overrides?: pulumi.Input[]>; /** * The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` . */ userdataType?: pulumi.Input; /** * The version number of the launch template, `$Default` , or `$Latest` . * * If the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used. * * > If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * Default: `$Default` * * Latest: `$Latest` */ version?: pulumi.Input; } interface ComputeEnvironmentLaunchTemplateSpecificationOverrideArgs { /** * The ID of the launch template. * * *Note:* If you specify the `launchTemplateId` you can't specify the `launchTemplateName` as well. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. * * *Note:* If you specify the `launchTemplateName` you can't specify the `launchTemplateId` as well. */ launchTemplateName?: pulumi.Input; /** * The instance type or family that this override launch template should be applied to. * * This parameter is required when defining a launch template override. * * Information included in this parameter must meet the following requirements: * * - Must be a valid Amazon EC2 instance type or family. * - The following AWS Batch `InstanceTypes` are not allowed: `optimal` , `default_x86_64` , and `default_arm64` . * - `targetInstanceTypes` can target only instance types and families that are included within the [`ComputeResource.instanceTypes`](https://docs.aws.amazon.com/batch/latest/APIReference/API_ComputeResource.html#Batch-Type-ComputeResource-instanceTypes) set. `targetInstanceTypes` doesn't need to include all of the instances from the `instanceType` set, but at least a subset. For example, if `ComputeResource.instanceTypes` includes `[m5, g5]` , `targetInstanceTypes` can include `[m5.2xlarge]` and `[m5.large]` but not `[c5.large]` . * - `targetInstanceTypes` included within the same launch template override or across launch template overrides can't overlap for the same compute environment. For example, you can't define one launch template override to target an instance family and another define an instance type within this same family. */ targetInstanceTypes?: pulumi.Input[]>; /** * The EKS node initialization process to use. You only need to specify this value if you are using a custom AMI. The default value is `EKS_BOOTSTRAP_SH` . If *imageType* is a custom AMI based on EKS_AL2023 or EKS_AL2023_NVIDIA then you must choose `EKS_NODEADM` . */ userdataType?: pulumi.Input; /** * The version number of the launch template, `$Default` , or `$Latest` . * * If the value is `$Default` , the default version of the launch template is used. If the value is `$Latest` , the latest version of the launch template is used. * * > If the AMI ID that's used in a compute environment is from the launch template, the AMI isn't changed when the compute environment is updated. It's only changed if the `updateToLatestImageVersion` parameter for the compute environment is set to `true` . During an infrastructure update, if either `$Default` or `$Latest` is specified, AWS Batch re-evaluates the launch template version, and it might use a different version of the launch template. This is the case even if the launch template isn't specified in the update. When updating a compute environment, changing the launch template requires an infrastructure update of the compute environment. For more information, see [Updating compute environments](https://docs.aws.amazon.com/batch/latest/userguide/updating-compute-environments.html) in the *AWS Batch User Guide* . * * Default: `$Default` * * Latest: `$Latest` */ version?: pulumi.Input; } interface ComputeEnvironmentUpdatePolicyArgs { /** * Specifies the job timeout (in minutes) when the compute environment infrastructure is updated. The default value is 30. */ jobExecutionTimeoutMinutes?: pulumi.Input; /** * Specifies whether jobs are automatically terminated when the compute environment infrastructure is updated. The default value is `false` . */ terminateJobsOnUpdate?: pulumi.Input; } interface JobDefinitionConsumableResourcePropertiesArgs { /** * The list of consumable resources required by a job. */ consumableResourceList: pulumi.Input[]>; } interface JobDefinitionConsumableResourceRequirementArgs { /** * The ARN of the consumable resource the job definition should consume. */ consumableResource: pulumi.Input; /** * The quantity of the consumable resource that is needed. */ quantity: pulumi.Input; } interface JobDefinitionContainerPropertiesArgs { /** * The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) . */ command?: pulumi.Input[]>; /** * Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with " `AWS_BATCH` ". This naming convention is reserved for variables that AWS Batch sets. */ environment?: pulumi.Input[]>; /** * The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate . */ ephemeralStorage?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* . */ executionRoleArn?: pulumi.Input; /** * The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter. */ fargatePlatformConfiguration?: pulumi.Input; /** * Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. * * - Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` . * - Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ). * - Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ). * - Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ). * - Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ). */ image: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* . */ jobRoleArn?: pulumi.Input; /** * Linux-specific modifications that are applied to the container, such as details for device mappings. */ linuxParameters?: pulumi.Input; /** * The log configuration specification for the container. * * This parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation. * * > AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). * * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep "Server API version"` * * > The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . */ logConfiguration?: pulumi.Input; /** * This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once. */ memory?: pulumi.Input; /** * The mount points for data volumes in your container. This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--volume` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . */ mountPoints?: pulumi.Input[]>; /** * The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter. */ networkConfiguration?: pulumi.Input; /** * When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false. * * > This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false. */ privileged?: pulumi.Input; /** * When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` . */ readonlyRootFilesystem?: pulumi.Input; /** * The private repository authentication credentials to use. */ repositoryCredentials?: pulumi.Input; /** * The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` . */ resourceRequirements?: pulumi.Input[]>; /** * An object that represents the compute environment architecture for AWS Batch jobs on Fargate. */ runtimePlatform?: pulumi.Input; /** * The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* . */ secrets?: pulumi.Input[]>; /** * A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided. */ ulimits?: pulumi.Input[]>; /** * The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . */ user?: pulumi.Input; /** * This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job. * * Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node. */ vcpus?: pulumi.Input; /** * A list of data volumes used in a job. */ volumes?: pulumi.Input[]>; } /** * The platform configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter. */ interface JobDefinitionContainerPropertiesFargatePlatformConfigurationPropertiesArgs { platformVersion?: pulumi.Input; } interface JobDefinitionDeviceArgs { /** * The path inside the container that's used to expose the host device. By default, the `hostPath` value is used. */ containerPath?: pulumi.Input; /** * The path for the device on the host container instance. */ hostPath?: pulumi.Input; /** * The explicit permissions to provide to the container for the device. By default, the container has permissions for `read` , `write` , and `mknod` for the device. */ permissions?: pulumi.Input[]>; } interface JobDefinitionEcsPropertiesArgs { /** * An object that contains the properties for the Amazon ECS task definition of a job. * * > This object is currently limited to one task element. However, the task element can run up to 10 containers. */ taskProperties: pulumi.Input[]>; } interface JobDefinitionEcsTaskPropertiesArgs { /** * This object is a list of containers. */ containers?: pulumi.Input[]>; /** * Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate . */ ephemeralStorage?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* . */ executionRoleArn?: pulumi.Input; /** * The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . * * If `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. * * If `task` is specified, all containers within the specified `task` share the same IPC resources. * * If `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance. * * If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference. */ ipcMode?: pulumi.Input; /** * The network configuration for jobs that are running on Fargate resources. Jobs that are running on Amazon EC2 resources must not specify this parameter. */ networkConfiguration?: pulumi.Input; /** * The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task. * * If `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance. * * If `task` is specified, all containers within the specified task share the same process namespace. * * If no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference. */ pidMode?: pulumi.Input; /** * The Fargate platform version where the jobs are running. A platform version is specified only for jobs that are running on Fargate resources. If one isn't specified, the `LATEST` platform version is used by default. This uses a recent, approved version of the Fargate platform for compute resources. For more information, see [AWS Fargate platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* . */ platformVersion?: pulumi.Input; /** * An object that represents the compute environment architecture for AWS Batch jobs on Fargate. */ runtimePlatform?: pulumi.Input; /** * The Amazon Resource Name (ARN) that's associated with the Amazon ECS task. * * > This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) . */ taskRoleArn?: pulumi.Input; /** * A list of volumes that are associated with the job. */ volumes?: pulumi.Input[]>; } interface JobDefinitionEfsAuthorizationConfigArgs { /** * The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the `EFSVolumeConfiguration` must either be omitted or set to `/` which enforces the path set on the EFS access point. If an access point is used, transit encryption must be enabled in the `EFSVolumeConfiguration` . For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide* . */ accessPointId?: pulumi.Input; /** * Whether or not to use the AWS Batch job IAM role defined in a job definition when mounting the Amazon EFS file system. If enabled, transit encryption must be enabled in the `EFSVolumeConfiguration` . If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/batch/latest/userguide/efs-volumes.html#efs-volume-accesspoints) in the *AWS Batch User Guide* . EFS IAM authorization requires that `TransitEncryption` be `ENABLED` and that a `JobRoleArn` is specified. */ iam?: pulumi.Input; } interface JobDefinitionEfsVolumeConfigurationArgs { /** * The authorization configuration details for the Amazon EFS file system. */ authorizationConfig?: pulumi.Input; /** * The Amazon EFS file system ID to use. */ fileSystemId: pulumi.Input; /** * The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume is used instead. Specifying `/` has the same effect as omitting this parameter. The maximum length is 4,096 characters. * * > If an EFS access point is specified in the `authorizationConfig` , the root directory parameter must either be omitted or set to `/` , which enforces the path set on the Amazon EFS access point. */ rootDirectory?: pulumi.Input; /** * Determines whether to enable encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be enabled if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of `DISABLED` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide* . */ transitEncryption?: pulumi.Input; /** * The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you don't specify a transit encryption port, it uses the port selection strategy that the Amazon EFS mount helper uses. The value must be between 0 and 65,535. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide* . */ transitEncryptionPort?: pulumi.Input; } interface JobDefinitionEksContainerArgs { /** * An array of arguments to the entrypoint. If this isn't specified, the `CMD` of the container image is used. This corresponds to the `args` member in the [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) portion of the [Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/) in Kubernetes. Environment variable references are expanded using the container's environment. * * If the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to " `$(NAME1)` " and the `NAME1` environment variable doesn't exist, the command string will remain " `$(NAME1)` ." `$$` is replaced with `$` , and the resulting string isn't expanded. For example, `$$(VAR_NAME)` is passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) and [Define a command and arguments for a pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) in the *Kubernetes documentation* . */ args?: pulumi.Input[]>; /** * The entrypoint for the container. This isn't run within a shell. If this isn't specified, the `ENTRYPOINT` of the container image is used. Environment variable references are expanded using the container's environment. * * If the referenced environment variable doesn't exist, the reference in the command isn't changed. For example, if the reference is to " `$(NAME1)` " and the `NAME1` environment variable doesn't exist, the command string will remain " `$(NAME1)` ." `$$` is replaced with `$` and the resulting string isn't expanded. For example, `$$(VAR_NAME)` will be passed as `$(VAR_NAME)` whether or not the `VAR_NAME` environment variable exists. The entrypoint can't be updated. For more information, see [ENTRYPOINT](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#entrypoint) in the *Dockerfile reference* and [Define a command and arguments for a container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/inject-data-application/define-command-argument-container/) and [Entrypoint](https://docs.aws.amazon.com/https://kubernetes.io/docs/reference/kubernetes-api/workload-resources/pod-v1/#entrypoint) in the *Kubernetes documentation* . */ command?: pulumi.Input[]>; /** * The environment variables to pass to a container. * * > Environment variables cannot start with " `AWS_BATCH` ". This naming convention is reserved for variables that AWS Batch sets. */ env?: pulumi.Input[]>; /** * The Docker image used to start the container. */ image: pulumi.Input; /** * The image pull policy for the container. Supported values are `Always` , `IfNotPresent` , and `Never` . This parameter defaults to `IfNotPresent` . However, if the `:latest` tag is specified, it defaults to `Always` . For more information, see [Updating images](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/containers/images/#updating-images) in the *Kubernetes documentation* . */ imagePullPolicy?: pulumi.Input; /** * The name of the container. If the name isn't specified, the default name " `Default` " is used. Each container in a pod must have a unique name. */ name?: pulumi.Input; /** * The type and amount of resources to assign to a container. The supported resources include `memory` , `cpu` , and `nvidia.com/gpu` . For more information, see [Resource management for pods and containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/configuration/manage-resources-containers/) in the *Kubernetes documentation* . */ resources?: pulumi.Input; /** * The security context for a job. For more information, see [Configure a security context for a pod or container](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/security-context/) in the *Kubernetes documentation* . */ securityContext?: pulumi.Input; /** * The volume mounts for the container. AWS Batch supports `emptyDir` , `hostPath` , and `secret` volume types. For more information about volumes and volume mounts in Kubernetes, see [Volumes](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/) in the *Kubernetes documentation* . */ volumeMounts?: pulumi.Input[]>; } interface JobDefinitionEksContainerEnvironmentVariableArgs { /** * The name of the environment variable. */ name: pulumi.Input; /** * The value of the environment variable. */ value?: pulumi.Input; } interface JobDefinitionEksContainerResourceRequirementsArgs { /** * The type and quantity of the resources to reserve for the container. The values vary based on the `name` that's specified. Resources can be requested using either the `limits` or the `requests` objects. * * - **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a "Mi" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` . * * > To maximize your resource utilization, provide your jobs with as much memory as possible for the specific instance type that you are using. To learn how, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . * - **cpu** - The number of CPUs that's reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both places, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` . * - **nvidia.com/gpu** - The number of GPUs that's reserved for the container. Values must be a whole integer. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both places, then the value that's specified in `limits` must be equal to the value that's specified in `requests` . */ limits?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The type and quantity of the resources to request for the container. The values vary based on the `name` that's specified. Resources can be requested by using either the `limits` or the `requests` objects. * * - **memory** - The memory hard limit (in MiB) for the container, using whole integers, with a "Mi" suffix. If your container attempts to exceed the memory specified, the container is terminated. You must specify at least 4 MiB of memory for a job. `memory` can be specified in `limits` , `requests` , or both. If `memory` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` . * * > If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . * - **cpu** - The number of CPUs that are reserved for the container. Values must be an even multiple of `0.25` . `cpu` can be specified in `limits` , `requests` , or both. If `cpu` is specified in both, then the value that's specified in `limits` must be at least as large as the value that's specified in `requests` . * - **nvidia.com/gpu** - The number of GPUs that are reserved for the container. Values must be a whole integer. `nvidia.com/gpu` can be specified in `limits` , `requests` , or both. If `nvidia.com/gpu` is specified in both, then the value that's specified in `limits` must be equal to the value that's specified in `requests` . */ requests?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface JobDefinitionEksContainerSecurityContextArgs { /** * Whether or not a container or a Kubernetes pod is allowed to gain more privileges than its parent process. The default value is `false` . */ allowPrivilegeEscalation?: pulumi.Input; /** * When this parameter is `true` , the container is given elevated permissions on the host container instance. The level of permissions are similar to the `root` user permissions. The default value is `false` . This parameter maps to `privileged` policy in the [Privileged pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#privileged) in the *Kubernetes documentation* . */ privileged?: pulumi.Input; /** * When this parameter is `true` , the container is given read-only access to its root file system. The default value is `false` . This parameter maps to `ReadOnlyRootFilesystem` policy in the [Volumes and file systems pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#volumes-and-file-systems) in the *Kubernetes documentation* . */ readOnlyRootFilesystem?: pulumi.Input; /** * When this parameter is specified, the container is run as the specified group ID ( `gid` ). If this parameter isn't specified, the default is the group that's specified in the image metadata. This parameter maps to `RunAsGroup` and `MustRunAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* . */ runAsGroup?: pulumi.Input; /** * When this parameter is specified, the container is run as a user with a `uid` other than 0. If this parameter isn't specified, so such rule is enforced. This parameter maps to `RunAsUser` and `MustRunAsNonRoot` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* . */ runAsNonRoot?: pulumi.Input; /** * When this parameter is specified, the container is run as the specified user ID ( `uid` ). If this parameter isn't specified, the default is the user that's specified in the image metadata. This parameter maps to `RunAsUser` and `MustRanAs` policy in the [Users and groups pod security policies](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#users-and-groups) in the *Kubernetes documentation* . */ runAsUser?: pulumi.Input; } interface JobDefinitionEksContainerVolumeMountArgs { /** * The path on the container where the volume is mounted. */ mountPath?: pulumi.Input; /** * The name the volume mount. This must match the name of one of the volumes in the pod. */ name?: pulumi.Input; /** * If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` . */ readOnly?: pulumi.Input; /** * A sub-path inside the referenced volume instead of its root. */ subPath?: pulumi.Input; } interface JobDefinitionEksEmptyDirArgs { /** * The medium to store the volume. The default value is an empty string, which uses the storage of the node. * * - **""** - *(Default)* Use the disk storage of the node. * - **"Memory"** - Use the `tmpfs` volume that's backed by the RAM of the node. Contents of the volume are lost when the node reboots, and any storage on the volume counts against the container's memory limit. */ medium?: pulumi.Input; /** * The maximum size of the volume. By default, there's no maximum size defined. */ sizeLimit?: pulumi.Input; } interface JobDefinitionEksHostPathArgs { /** * The path of the file or directory on the host to mount into containers on the pod. */ path?: pulumi.Input; } interface JobDefinitionEksMetadataArgs { /** * Key-value pairs used to attach arbitrary, non-identifying metadata to Kubernetes objects. Valid annotation keys have two segments: an optional prefix and a name, separated by a slash (/). * * - The prefix is optional and must be 253 characters or less. If specified, the prefix must be a DNS subdomain− a series of DNS labels separated by dots (.), and it must end with a slash (/). * - The name segment is required and must be 63 characters or less. It can include alphanumeric characters ([a-z0-9A-Z]), dashes (-), underscores (_), and dots (.), but must begin and end with an alphanumeric character. * * > Annotation values must be 255 characters or less. * * Annotations can be added or modified at any time. Each resource can have multiple annotations. */ annotations?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Key-value pairs used to identify, sort, and organize cube resources. Can contain up to 63 uppercase letters, lowercase letters, numbers, hyphens (-), and underscores (_). Labels can be added or modified at any time. Each resource can have multiple labels, but each key must be unique for a given object. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The namespace of the Amazon EKS cluster. In Kubernetes, namespaces provide a mechanism for isolating groups of resources within a single cluster. Names of resources need to be unique within a namespace, but not across namespaces. AWS Batch places Batch Job pods in this namespace. If this field is provided, the value can't be empty or null. It must meet the following requirements: * * - 1-63 characters long * - Can't be set to default * - Can't start with `kube` * - Must match the following regular expression: `^[a-z0-9]([-a-z0-9]*[a-z0-9])?$` * * For more information, see [Namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/namespaces/) in the *Kubernetes documentation* . This namespace can be different from the `kubernetesNamespace` set in the compute environment's `EksConfiguration` , but must have identical role-based access control (RBAC) roles as the compute environment's `kubernetesNamespace` . For multi-node parallel jobs, the same value must be provided across all the node ranges. */ namespace?: pulumi.Input; } interface JobDefinitionEksPersistentVolumeClaimArgs { /** * The name of the `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* . */ claimName: pulumi.Input; /** * An optional boolean value indicating if the mount is read only. Default is false. For more information, see [Read Only Mounts](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#read-only-mounts) in the *Kubernetes documentation* . */ readOnly?: pulumi.Input; } interface JobDefinitionEksPodPropertiesArgs { /** * The properties of the container that's used on the Amazon EKS pod. * * > This object is limited to 10 elements. */ containers?: pulumi.Input[]>; /** * The DNS policy for the pod. The default value is `ClusterFirst` . If the `hostNetwork` parameter is not specified, the default is `ClusterFirstWithHostNet` . `ClusterFirst` indicates that any DNS query that does not match the configured cluster domain suffix is forwarded to the upstream nameserver inherited from the node. For more information, see [Pod's DNS policy](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/services-networking/dns-pod-service/#pod-s-dns-policy) in the *Kubernetes documentation* . * * Valid values: `Default` | `ClusterFirst` | `ClusterFirstWithHostNet` */ dnsPolicy?: pulumi.Input; /** * Indicates if the pod uses the hosts' network IP address. The default value is `true` . Setting this to `false` enables the Kubernetes pod networking model. Most AWS Batch workloads are egress-only and don't require the overhead of IP allocation for each pod for incoming connections. For more information, see [Host namespaces](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/security/pod-security-policy/#host-namespaces) and [Pod networking](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/#pod-networking) in the *Kubernetes documentation* . */ hostNetwork?: pulumi.Input; /** * References a Kubernetes secret resource. It holds a list of secrets. These secrets help to gain access to pull an images from a private registry. * * `ImagePullSecret$name` is required when this object is used. */ imagePullSecrets?: pulumi.Input[]>; /** * These containers run before application containers, always runs to completion, and must complete successfully before the next container starts. These containers are registered with the Amazon EKS Connector agent and persists the registration information in the Kubernetes backend data store. For more information, see [Init Containers](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/workloads/pods/init-containers/) in the *Kubernetes documentation* . * * > This object is limited to 10 elements. */ initContainers?: pulumi.Input[]>; /** * Metadata about the Kubernetes pod. For more information, see [Understanding Kubernetes Objects](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/kubernetes-objects/) in the *Kubernetes documentation* . */ metadata?: pulumi.Input; /** * The name of the service account that's used to run the pod. For more information, see [Kubernetes service accounts](https://docs.aws.amazon.com/eks/latest/userguide/service-accounts.html) and [Configure a Kubernetes service account to assume an IAM role](https://docs.aws.amazon.com/eks/latest/userguide/associate-service-account-role.html) in the *Amazon EKS User Guide* and [Configure service accounts for pods](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/configure-service-account/) in the *Kubernetes documentation* . */ serviceAccountName?: pulumi.Input; /** * Indicates if the processes in a container are shared, or visible, to other containers in the same pod. For more information, see [Share Process Namespace between Containers in a Pod](https://docs.aws.amazon.com/https://kubernetes.io/docs/tasks/configure-pod-container/share-process-namespace/) . */ shareProcessNamespace?: pulumi.Input; /** * Specifies the volumes for a job definition that uses Amazon EKS resources. */ volumes?: pulumi.Input[]>; } interface JobDefinitionEksPropertiesArgs { /** * The properties for the Kubernetes pod resources of a job. */ podProperties?: pulumi.Input; } interface JobDefinitionEksSecretArgs { /** * Specifies whether the secret or the secret's keys must be defined. */ optional?: pulumi.Input; /** * The name of the secret. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* . */ secretName: pulumi.Input; } interface JobDefinitionEksVolumeArgs { /** * Specifies the configuration of a Kubernetes `emptyDir` volume. For more information, see [emptyDir](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#emptydir) in the *Kubernetes documentation* . */ emptyDir?: pulumi.Input; /** * Specifies the configuration of a Kubernetes `hostPath` volume. For more information, see [hostPath](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#hostpath) in the *Kubernetes documentation* . */ hostPath?: pulumi.Input; /** * The name of the volume. The name must be allowed as a DNS subdomain name. For more information, see [DNS subdomain names](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/overview/working-with-objects/names/#dns-subdomain-names) in the *Kubernetes documentation* . */ name: pulumi.Input; /** * Specifies the configuration of a Kubernetes `persistentVolumeClaim` bounded to a `persistentVolume` . For more information, see [Persistent Volume Claims](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/persistent-volumes/#persistentvolumeclaims) in the *Kubernetes documentation* . */ persistentVolumeClaim?: pulumi.Input; /** * Specifies the configuration of a Kubernetes `secret` volume. For more information, see [secret](https://docs.aws.amazon.com/https://kubernetes.io/docs/concepts/storage/volumes/#secret) in the *Kubernetes documentation* . */ secret?: pulumi.Input; } interface JobDefinitionEnvironmentArgs { /** * The name of the environment variable. */ name?: pulumi.Input; /** * The value of the environment variable. */ value?: pulumi.Input; } interface JobDefinitionEphemeralStorageArgs { /** * The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB. */ sizeInGiB: pulumi.Input; } interface JobDefinitionEvaluateOnExitArgs { /** * Specifies the action to take if all of the specified conditions ( `onStatusReason` , `onReason` , and `onExitCode` ) are met. The values aren't case sensitive. */ action: pulumi.Input; /** * Contains a glob pattern to match against the decimal representation of the `ExitCode` returned for a job. The pattern can be up to 512 characters long. It can contain only numbers, and can end with an asterisk (*) so that only the start of the string needs to be an exact match. * * The string can contain up to 512 characters. */ onExitCode?: pulumi.Input; /** * Contains a glob pattern to match against the `Reason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white space (including spaces and tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match. */ onReason?: pulumi.Input; /** * Contains a glob pattern to match against the `StatusReason` returned for a job. The pattern can contain up to 512 characters. It can contain letters, numbers, periods (.), colons (:), and white spaces (including spaces or tabs). It can optionally end with an asterisk (*) so that only the start of the string needs to be an exact match. */ onStatusReason?: pulumi.Input; } interface JobDefinitionHostArgs { /** * The path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If this parameter contains a file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the source path location doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. * * > This parameter isn't applicable to jobs that run on Fargate resources. Don't provide this for these jobs. */ sourcePath?: pulumi.Input; } interface JobDefinitionImagePullSecretArgs { /** * Provides a unique identifier for the `ImagePullSecret` . This object is required when `EksPodProperties$imagePullSecrets` is used. */ name?: pulumi.Input; } interface JobDefinitionJobTimeoutArgs { /** * The job timeout time (in seconds) that's measured from the job attempt's `startedAt` timestamp. After this time passes, AWS Batch terminates your jobs if they aren't finished. The minimum value for the timeout is 60 seconds. * * For array jobs, the timeout applies to the child jobs, not to the parent array job. * * For multi-node parallel (MNP) jobs, the timeout applies to the whole job, not to the individual nodes. */ attemptDurationSeconds?: pulumi.Input; } interface JobDefinitionLinuxParametersArgs { /** * Any of the host devices to expose to the container. This parameter maps to `Devices` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--device` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs. */ devices?: pulumi.Input[]>; /** * If true, run an `init` process inside the container that forwards signals and reaps processes. This parameter maps to the `--init` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep "Server API version"` */ initProcessEnabled?: pulumi.Input; /** * The total amount of swap memory (in MiB) a container can use. This parameter is translated to the `--memory-swap` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) where the value is the sum of the container memory plus the `maxSwap` value. For more information, see [`--memory-swap` details](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/resource_constraints/#--memory-swap-details) in the Docker documentation. * * If a `maxSwap` value of `0` is specified, the container doesn't use swap. Accepted values are `0` or any positive integer. If the `maxSwap` parameter is omitted, the container doesn't use the swap configuration for the container instance on which it runs. A `maxSwap` value must be set for the `swappiness` parameter to be used. * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs. */ maxSwap?: pulumi.Input; /** * The value for the size (in MiB) of the `/dev/shm` volume. This parameter maps to the `--shm-size` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs. */ sharedMemorySize?: pulumi.Input; /** * You can use this parameter to tune a container's memory swappiness behavior. A `swappiness` value of `0` causes swapping to not occur unless absolutely necessary. A `swappiness` value of `100` causes pages to be swapped aggressively. Valid values are whole numbers between `0` and `100` . If the `swappiness` parameter isn't specified, a default value of `60` is used. If a value isn't specified for `maxSwap` , then this parameter is ignored. If `maxSwap` is set to 0, the container doesn't use swap. This parameter maps to the `--memory-swappiness` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * Consider the following when you use a per-container swap configuration. * * - Swap space must be enabled and allocated on the container instance for the containers to use. * * > By default, the Amazon ECS optimized AMIs don't have swap enabled. You must enable swap on the instance to use this feature. For more information, see [Instance store swap volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-store-swap-volumes.html) in the *Amazon EC2 User Guide for Linux Instances* or [How do I allocate memory to work as swap space in an Amazon EC2 instance by using a swap file?](https://docs.aws.amazon.com/premiumsupport/knowledge-center/ec2-memory-swap-file/) * - The swap space parameters are only supported for job definitions using EC2 resources. * - If the `maxSwap` and `swappiness` parameters are omitted from a job definition, each container has a default `swappiness` value of 60. Moreover, the total swap usage is limited to two times the memory reservation of the container. * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide it for these jobs. */ swappiness?: pulumi.Input; /** * The container path, mount options, and size (in MiB) of the `tmpfs` mount. This parameter maps to the `--tmpfs` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > This parameter isn't applicable to jobs that are running on Fargate resources. Don't provide this parameter for this resource type. */ tmpfs?: pulumi.Input[]>; } interface JobDefinitionLogConfigurationArgs { /** * The log driver to use for the container. The valid values that are listed for this parameter are log drivers that the Amazon ECS container agent can communicate with by default. * * The supported log drivers are `awsfirelens` , `awslogs` , `fluentd` , `gelf` , `json-file` , `journald` , `logentries` , `syslog` , and `splunk` . * * > Jobs that are running on Fargate resources are restricted to the `awslogs` and `splunk` log drivers. * * - **awsfirelens** - Specifies the firelens logging driver. For more information on configuring Firelens, see [Send Amazon ECS logs to an AWS service or AWS Partner](https://docs.aws.amazon.com//AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide* . * - **awslogs** - Specifies the Amazon CloudWatch Logs logging driver. For more information, see [Using the awslogs log driver](https://docs.aws.amazon.com/batch/latest/userguide/using_awslogs.html) in the *AWS Batch User Guide* and [Amazon CloudWatch Logs logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/awslogs/) in the Docker documentation. * - **fluentd** - Specifies the Fluentd logging driver. For more information including usage and options, see [Fluentd logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/fluentd/) in the *Docker documentation* . * - **gelf** - Specifies the Graylog Extended Format (GELF) logging driver. For more information including usage and options, see [Graylog Extended Format logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/gelf/) in the *Docker documentation* . * - **journald** - Specifies the journald logging driver. For more information including usage and options, see [Journald logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/journald/) in the *Docker documentation* . * - **json-file** - Specifies the JSON file logging driver. For more information including usage and options, see [JSON File logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/json-file/) in the *Docker documentation* . * - **splunk** - Specifies the Splunk logging driver. For more information including usage and options, see [Splunk logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/splunk/) in the *Docker documentation* . * - **syslog** - Specifies the syslog logging driver. For more information including usage and options, see [Syslog logging driver](https://docs.aws.amazon.com/https://docs.docker.com/config/containers/logging/syslog/) in the *Docker documentation* . * * > If you have a custom driver that's not listed earlier that you want to work with the Amazon ECS container agent, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you want to have included. However, Amazon Web Services doesn't currently support running modified copies of this software. * * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep "Server API version"` */ logDriver: pulumi.Input; /** * The configuration options to send to the log driver. This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep "Server API version"` */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* . */ secretOptions?: pulumi.Input[]>; } interface JobDefinitionMountPointArgs { /** * The path on the container where the host volume is mounted. */ containerPath?: pulumi.Input; /** * If this value is `true` , the container has read-only access to the volume. Otherwise, the container can write to the volume. The default value is `false` . */ readOnly?: pulumi.Input; /** * The name of the volume to mount. */ sourceVolume?: pulumi.Input; } interface JobDefinitionMultiNodeContainerPropertiesArgs { /** * The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [https://docs.docker.com/engine/reference/builder/#cmd](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) . */ command?: pulumi.Input[]>; /** * Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * The environment variables to pass to a container. This parameter maps to `Env` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with " `AWS_BATCH` ". This naming convention is reserved for variables that AWS Batch sets. */ environment?: pulumi.Input[]>; /** * The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on AWS Fargate . */ ephemeralStorage?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* . */ executionRoleArn?: pulumi.Input; /** * Required. The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with `*repository-url* / *image* : *tag*` . It can be 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), underscores (_), colons (:), periods (.), forward slashes (/), and number signs (#). This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `IMAGE` parameter of [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > Docker image architecture must match the processor architecture of the compute resources that they're scheduled on. For example, ARM-based Docker images can only run on ARM-based compute resources. * * - Images in Amazon ECR Public repositories use the full `registry/repository[:tag]` or `registry/repository[@digest]` naming conventions. For example, `public.ecr.aws/ *registry_alias* / *my-web-app* : *latest*` . * - Images in Amazon ECR repositories use the full registry and repository URI (for example, `123456789012.dkr.ecr..amazonaws.com/` ). * - Images in official repositories on Docker Hub use a single name (for example, `ubuntu` or `mongo` ). * - Images in other repositories on Docker Hub are qualified with an organization name (for example, `amazon/amazon-ecs-agent` ). * - Images in other online repositories are qualified further by a domain name (for example, `quay.io/assemblyline/ubuntu` ). */ image: pulumi.Input; /** * The instance type to use for a multi-node parallel job. All node groups in a multi-node parallel job must use the same instance type. * * > This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided. */ instanceType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that the container can assume for AWS permissions. For more information, see [IAM roles for tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* . */ jobRoleArn?: pulumi.Input; /** * Linux-specific modifications that are applied to the container, such as details for device mappings. */ linuxParameters?: pulumi.Input; /** * The log configuration specification for the container. * * This parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . By default, containers use the same logging driver that the Docker daemon uses. However the container might use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation. * * > AWS Batch currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-batch-jobdefinition-containerproperties-logconfiguration.html) data type). * * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: `sudo docker version | grep "Server API version"` * * > The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . */ logConfiguration?: pulumi.Input; /** * This parameter is deprecated, use `resourceRequirements` to specify the memory requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs that run on Amazon EC2 resources, it specifies the memory hard limit (in MiB) for a container. If your container attempts to exceed the specified number, it's terminated. You must specify at least 4 MiB of memory for a job using this parameter. The memory hard limit can be specified in several places. It must be specified for each node at least once. */ memory?: pulumi.Input; /** * The mount points for data volumes in your container. * * This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * Windows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. */ mountPoints?: pulumi.Input[]>; /** * When this parameter is true, the container is given elevated permissions on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The default value is false. * * > This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided, or specified as false. */ privileged?: pulumi.Input; /** * When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--read-only` option to `docker run` . */ readonlyRootFilesystem?: pulumi.Input; /** * The private repository authentication credentials to use. */ repositoryCredentials?: pulumi.Input; /** * The type and amount of resources to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` . */ resourceRequirements?: pulumi.Input[]>; /** * An object that represents the compute environment architecture for AWS Batch jobs on Fargate. */ runtimePlatform?: pulumi.Input; /** * The secrets for the container. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/batch/latest/userguide/specifying-sensitive-data.html) in the *AWS Batch User Guide* . */ secrets?: pulumi.Input[]>; /** * A list of `ulimits` to set in the container. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided. */ ulimits?: pulumi.Input[]>; /** * The user name to use inside the container. This parameter maps to `User` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--user` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . */ user?: pulumi.Input; /** * This parameter is deprecated, use `resourceRequirements` to specify the vCPU requirements for the job definition. It's not supported for jobs running on Fargate resources. For jobs running on Amazon EC2 resources, it specifies the number of vCPUs reserved for the job. * * Each vCPU is equivalent to 1,024 CPU shares. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . The number of vCPUs must be specified but can be specified in several places. You must specify it at least once for each node. */ vcpus?: pulumi.Input; /** * A list of data volumes used in a job. */ volumes?: pulumi.Input[]>; } interface JobDefinitionMultiNodeEcsPropertiesArgs { /** * An object that contains the properties for the Amazon ECS task definition of a job. * * > This object is currently limited to one task element. However, the task element can run up to 10 containers. */ taskProperties: pulumi.Input[]>; } interface JobDefinitionMultiNodeEcsTaskPropertiesArgs { /** * This object is a list of containers. */ containers?: pulumi.Input[]>; /** * Determines whether execute command functionality is turned on for this task. If `true` , execute command functionality is turned on all the containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the execution role that AWS Batch can assume. For jobs that run on Fargate resources, you must provide an execution role. For more information, see [AWS Batch execution IAM role](https://docs.aws.amazon.com/batch/latest/userguide/execution-IAM-role.html) in the *AWS Batch User Guide* . */ executionRoleArn?: pulumi.Input; /** * The IPC resource namespace to use for the containers in the task. The valid values are `host` , `task` , or `none` . * * If `host` is specified, all containers within the tasks that specified the `host` IPC mode on the same container instance share the same IPC resources with the host Amazon EC2 instance. * * If `task` is specified, all containers within the specified `task` share the same IPC resources. * * If `none` is specified, the IPC resources within the containers of a task are private, and are not shared with other containers in a task or on the container instance. * * If no value is specified, then the IPC resource namespace sharing depends on the Docker daemon setting on the container instance. For more information, see [IPC settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#ipc-settings---ipc) in the Docker run reference. */ ipcMode?: pulumi.Input; /** * The process namespace to use for the containers in the task. The valid values are `host` or `task` . For example, monitoring sidecars might need `pidMode` to access information about other containers running in the same task. * * If `host` is specified, all containers within the tasks that specified the `host` PID mode on the same container instance share the process namespace with the host Amazon EC2 instance. * * If `task` is specified, all containers within the specified task share the same process namespace. * * If no value is specified, the default is a private namespace for each container. For more information, see [PID settings](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#pid-settings---pid) in the Docker run reference. */ pidMode?: pulumi.Input; /** * The Amazon Resource Name (ARN) that's associated with the Amazon ECS task. * * > This is object is comparable to [ContainerProperties:jobRoleArn](https://docs.aws.amazon.com/batch/latest/APIReference/API_ContainerProperties.html) . */ taskRoleArn?: pulumi.Input; /** * A list of volumes that are associated with the job. */ volumes?: pulumi.Input[]>; } interface JobDefinitionNetworkConfigurationArgs { /** * Indicates whether the job has a public IP address. For a job that's running on Fargate resources in a private subnet to send outbound traffic to the internet (for example, to pull container images), the private subnet requires a NAT gateway be attached to route requests to the internet. For more information, see [Amazon ECS task networking](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-networking.html) in the *Amazon Elastic Container Service Developer Guide* . The default value is " `DISABLED` ". */ assignPublicIp?: pulumi.Input; } interface JobDefinitionNodePropertiesArgs { /** * Specifies the node index for the main node of a multi-node parallel job. This node index value must be fewer than the number of nodes. */ mainNode: pulumi.Input; /** * A list of node ranges and their properties that are associated with a multi-node parallel job. */ nodeRangeProperties: pulumi.Input[]>; /** * The number of nodes that are associated with a multi-node parallel job. */ numNodes: pulumi.Input; } interface JobDefinitionNodeRangePropertyArgs { /** * Contains a list of consumable resources required by a job. */ consumableResourceProperties?: pulumi.Input; /** * The container details for the node range. */ container?: pulumi.Input; /** * This is an object that represents the properties of the node range for a multi-node parallel job. */ ecsProperties?: pulumi.Input; /** * This is an object that represents the properties of the node range for a multi-node parallel job. */ eksProperties?: pulumi.Input; /** * The instance types of the underlying host infrastructure of a multi-node parallel job. * * > This parameter isn't applicable to jobs that are running on Fargate resources. * > * > In addition, this list object is currently limited to one element. */ instanceTypes?: pulumi.Input[]>; /** * The range of nodes, using node index values. A range of `0:3` indicates nodes with index values of `0` through `3` . If the starting range value is omitted ( `:n` ), then `0` is used to start the range. If the ending range value is omitted ( `n:` ), then the highest possible node index is used to end the range. Your accumulative node ranges must account for all nodes ( `0:n` ). You can nest node ranges (for example, `0:10` and `4:5` ). In this case, the `4:5` range properties override the `0:10` properties. */ targetNodes: pulumi.Input; } interface JobDefinitionRepositoryCredentialsArgs { /** * The Amazon Resource Name (ARN) of the secret containing the private repository credentials. */ credentialsParameter: pulumi.Input; } interface JobDefinitionResourceRequirementArgs { /** * The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` . */ type?: pulumi.Input; /** * The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified. * * - **type="GPU"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on. * * > GPUs aren't available for jobs that are running on Fargate resources. * - **type="MEMORY"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on Amazon EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . * * For jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value. * * - **value = 512** - `VCPU` = 0.25 * - **value = 1024** - `VCPU` = 0.25 or 0.5 * - **value = 2048** - `VCPU` = 0.25, 0.5, or 1 * - **value = 3072** - `VCPU` = 0.5, or 1 * - **value = 4096** - `VCPU` = 0.5, 1, or 2 * - **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2 * - **value = 8192** - `VCPU` = 1, 2, or 4 * - **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4 * - **value = 16384** - `VCPU` = 2, 4, or 8 * - **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4 * - **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8 * - **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8 * - **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16 * - **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16 * - **type="VCPU"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For Amazon EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. * * The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* . * * For jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16 * * - **value = 0.25** - `MEMORY` = 512, 1024, or 2048 * - **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096 * - **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192 * - **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384 * - **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720 * - **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440 * - **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880 */ value?: pulumi.Input; } interface JobDefinitionResourceRetentionPolicyArgs { /** * Specifies whether the previous revision of the job definition is retained in an active status after UPDATE events for the resource. The default value is `false` . When the property is set to `false` , the previous revision of the job definition is de-registered after a new revision is created. When the property is set to `true` , the previous revision of the job definition is not de-registered. */ skipDeregisterOnUpdate?: pulumi.Input; } interface JobDefinitionRetryStrategyArgs { /** * The number of times to move a job to the `RUNNABLE` status. You can specify between 1 and 10 attempts. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value. */ attempts?: pulumi.Input; /** * Array of up to 5 objects that specify the conditions where jobs are retried or failed. If this parameter is specified, then the `attempts` parameter must also be specified. If none of the listed conditions match, then the job is retried. */ evaluateOnExit?: pulumi.Input[]>; } interface JobDefinitionRuntimePlatformArgs { /** * The vCPU architecture. The default value is `X86_64` . Valid values are `X86_64` and `ARM64` . * * > This parameter must be set to `X86_64` for Windows containers. > Fargate Spot is not supported on Windows-based containers on Fargate. A job queue will be blocked if a Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue. */ cpuArchitecture?: pulumi.Input; /** * The operating system for the compute environment. Valid values are: `LINUX` (default), `WINDOWS_SERVER_2019_CORE` , `WINDOWS_SERVER_2019_FULL` , `WINDOWS_SERVER_2022_CORE` , and `WINDOWS_SERVER_2022_FULL` . * * > The following parameters can’t be set for Windows containers: `linuxParameters` , `privileged` , `user` , `ulimits` , `readonlyRootFilesystem` , and `efsVolumeConfiguration` . > The AWS Batch Scheduler checks the compute environments that are attached to the job queue before registering a task definition with Fargate. In this scenario, the job queue is where the job is submitted. If the job requires a Windows container and the first compute environment is `LINUX` , the compute environment is skipped and the next compute environment is checked until a Windows-based compute environment is found. > Fargate Spot is not supported on Windows-based containers on Fargate. A job queue will be blocked if a Windows job is submitted to a job queue with only Fargate Spot compute environments. However, you can attach both `FARGATE` and `FARGATE_SPOT` compute environments to the same job queue. */ operatingSystemFamily?: pulumi.Input; } interface JobDefinitionSecretArgs { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full Amazon Resource Name (ARN) of the AWS Secrets Manager secret or the full ARN of the parameter in the AWS Systems Manager Parameter Store. * * > If the AWS Systems Manager Parameter Store parameter exists in the same Region as the job you're launching, then you can use either the full Amazon Resource Name (ARN) or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. */ valueFrom: pulumi.Input; } interface JobDefinitionTaskContainerDependencyArgs { /** * The dependency condition of the container. The following are the available conditions and their behavior: * * - `START` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start. * - `COMPLETE` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container. * - `SUCCESS` - This condition is the same as `COMPLETE` , but it also requires that the container exits with a zero status. This condition can't be set on an essential container. */ condition: pulumi.Input; /** * A unique identifier for the container. */ containerName: pulumi.Input; } interface JobDefinitionTaskContainerPropertiesArgs { /** * The command that's passed to the container. This parameter maps to `Cmd` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `COMMAND` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . For more information, see [Dockerfile reference: CMD](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/builder/#cmd) . */ command?: pulumi.Input[]>; /** * A list of containers that this container depends on. */ dependsOn?: pulumi.Input[]>; /** * The environment variables to pass to a container. This parameter maps to Env in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--env` parameter to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > We don't recommend using plaintext environment variables for sensitive information, such as credential data. > Environment variables cannot start with `AWS_BATCH` . This naming convention is reserved for variables that AWS Batch sets. */ environment?: pulumi.Input[]>; /** * If the essential parameter of a container is marked as `true` , and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the `essential` parameter of a container is marked as false, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential. * * All jobs must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide* . */ essential?: pulumi.Input; /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* . */ firelensConfiguration?: pulumi.Input; /** * The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . Up to 255 letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs are allowed. This parameter maps to `Image` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `IMAGE` parameter of the [*docker run*](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . */ image: pulumi.Input; /** * Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information, see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html) . */ linuxParameters?: pulumi.Input; /** * The log configuration specification for the container. * * This parameter maps to `LogConfig` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--log-driver` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * By default, containers use the same logging driver that the Docker daemon uses. However the container can use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information about the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the *Docker documentation* . * * > Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the `LogConfiguration` data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. * * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'` * * > The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the `ECS_AVAILABLE_LOGGING_DRIVERS` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide* . */ logConfiguration?: pulumi.Input; /** * The mount points for data volumes in your container. * * This parameter maps to `Volumes` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the [--volume](https://docs.aws.amazon.com/) option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * Windows containers can mount whole directories on the same drive as `$env:ProgramData` . Windows containers can't mount directories on a different drive, and mount point can't be across drives. */ mountPoints?: pulumi.Input[]>; /** * The name of a container. The name can be used as a unique identifier to target your `dependsOn` and `Overrides` objects. */ name?: pulumi.Input; /** * When this parameter is `true` , the container is given elevated privileges on the host container instance (similar to the `root` user). This parameter maps to `Privileged` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--privileged` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * > This parameter is not supported for Windows containers or tasks run on Fargate. */ privileged?: pulumi.Input; /** * When this parameter is true, the container is given read-only access to its root file system. This parameter maps to `ReadonlyRootfs` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--read-only` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * > This parameter is not supported for Windows containers. */ readonlyRootFilesystem?: pulumi.Input; /** * The private repository authentication credentials to use. */ repositoryCredentials?: pulumi.Input; /** * The type and amount of a resource to assign to a container. The only supported resource is a GPU. */ resourceRequirements?: pulumi.Input[]>; /** * The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the Amazon Elastic Container Service Developer Guide. */ secrets?: pulumi.Input[]>; /** * A list of `ulimits` to set in the container. If a `ulimit` value is specified in a task definition, it overrides the default values set by Docker. This parameter maps to `Ulimits` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the `--ulimit` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration) . * * Amazon ECS tasks hosted on Fargate use the default resource limit values set by the operating system with the exception of the nofile resource limit parameter which Fargate overrides. The `nofile` resource limit sets a restriction on the number of open files that a container can use. The default `nofile` soft limit is `1024` and the default hard limit is `65535` . * * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: sudo docker version `--format '{{.Server.APIVersion}}'` * * > This parameter is not supported for Windows containers. */ ulimits?: pulumi.Input[]>; /** * The user to use inside the container. This parameter maps to User in the Create a container section of the Docker Remote API and the --user option to docker run. * * > When running tasks using the `host` network mode, don't run containers using the `root user (UID 0)` . We recommend using a non-root user for better security. * * You can specify the `user` using the following formats. If specifying a UID or GID, you must specify it as a positive integer. * * - `user` * - `user:group` * - `uid` * - `uid:gid` * - `user:gi` * - `uid:group` * * > This parameter is not supported for Windows containers. */ user?: pulumi.Input; } /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) routing in the *Amazon Elastic Container Service Developer Guide* . */ interface JobDefinitionTaskContainerPropertiesFirelensConfigurationPropertiesArgs { options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; type: pulumi.Input; } interface JobDefinitionTmpfsArgs { /** * The absolute file path in the container where the `tmpfs` volume is mounted. */ containerPath: pulumi.Input; /** * The list of `tmpfs` volume mount options. * * Valid values: " `defaults` " | " `ro` " | " `rw` " | " `suid` " | " `nosuid` " | " `dev` " | " `nodev` " | " `exec` " | " `noexec` " | " `sync` " | " `async` " | " `dirsync` " | " `remount` " | " `mand` " | " `nomand` " | " `atime` " | " `noatime` " | " `diratime` " | " `nodiratime` " | " `bind` " | " `rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime` " | " `norelatime` " | " `strictatime` " | " `nostrictatime` " | " `mode` " | " `uid` " | " `gid` " | " `nr_inodes` " | " `nr_blocks` " | " `mpol` " */ mountOptions?: pulumi.Input[]>; /** * The size (in MiB) of the `tmpfs` volume. */ size: pulumi.Input; } interface JobDefinitionUlimitArgs { /** * The hard limit for the `ulimit` type. */ hardLimit: pulumi.Input; /** * The `type` of the `ulimit` . Valid values are: `core` | `cpu` | `data` | `fsize` | `locks` | `memlock` | `msgqueue` | `nice` | `nofile` | `nproc` | `rss` | `rtprio` | `rttime` | `sigpending` | `stack` . */ name: pulumi.Input; /** * The soft limit for the `ulimit` type. */ softLimit: pulumi.Input; } interface JobDefinitionVolumeArgs { /** * This parameter is specified when you're using an Amazon Elastic File System file system for job storage. Jobs that are running on Fargate resources must specify a `platformVersion` of at least `1.4.0` . */ efsVolumeConfiguration?: pulumi.Input; /** * The contents of the `host` parameter determine whether your data volume persists on the host container instance and where it's stored. If the host parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running. * * > This parameter isn't applicable to jobs that are running on Fargate resources and shouldn't be provided. */ host?: pulumi.Input; /** * The name of the volume. It can be up to 255 characters long. It can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). This name is referenced in the `sourceVolume` parameter of container definition `mountPoints` . */ name?: pulumi.Input; } interface JobQueueComputeEnvironmentOrderArgs { /** * The Amazon Resource Name (ARN) of the compute environment. */ computeEnvironment: pulumi.Input; /** * The order of the compute environment. Compute environments are tried in ascending order. For example, if two compute environments are associated with a job queue, the compute environment with a lower `order` integer value is tried for job placement first. */ order: pulumi.Input; } interface JobQueueJobStateTimeLimitActionArgs { /** * The action to take when a job is at the head of the job queue in the specified state for the specified period of time. The only supported value is `CANCEL` , which will cancel the job. */ action: pulumi.Input; /** * The approximate amount of time, in seconds, that must pass with the job in the specified state before the action is taken. The minimum value is 600 (10 minutes) and the maximum value is 86,400 (24 hours). */ maxTimeSeconds: pulumi.Input; /** * The reason to log for the action being taken. */ reason: pulumi.Input; /** * The state of the job needed to trigger the action. The only supported value is `RUNNABLE` . */ state: pulumi.Input; } interface JobQueueServiceEnvironmentOrderArgs { /** * The order of the service environment. Job queues with a higher priority are evaluated first when associated with the same service environment. */ order: pulumi.Input; /** * The name or ARN of the service environment. */ serviceEnvironment: pulumi.Input; } interface QuotaShareCapacityLimitArgs { /** * The unit of compute capacity for the capacityLimit. For example, `ml.m5.large`. */ capacityUnit: pulumi.Input; /** * The maximum capacity available for the quota share. This value represents the maximum quantity of a resource that can be allocated to jobs in the quota share without borrowing. */ maxCapacity: pulumi.Input; } interface QuotaSharePreemptionConfigurationArgs { /** * Specifies whether jobs within a quota share can be preempted by another, higher priority job in the same quota share. */ inSharePreemption: pulumi.Input; } interface QuotaShareResourceSharingConfigurationArgs { /** * The maximum percentage of additional capacity that the quota share can borrow from other shares. `BorrowLimit` can only be applied to quota shares with a strategy of `LEND_AND_BORROW`. This value is expressed as a percentage of the quota share's configured CapacityLimits. The `BorrowLimit` is applied uniformly across all capacity units. For example, if the `BorrowLimit` is 200, the quota share can borrow up to 200% of its configured `maxCapacity` for each capacity unit. The default `BorrowLimit` is -1, which indicates unlimited borrowing. */ borrowLimit?: pulumi.Input; /** * The resource sharing strategy for the quota share. The `RESERVE` strategy allows a quota share to reserve idle capacity for itself. `LEND` configures the share to lend its idle capacity to another share in need of capacity. The `LEND_AND_BORROW` strategy configures the share to borrow idle capacity from an underutilized share, as well as lend to another share. */ strategy: pulumi.Input; } /** * Fair Share Policy for the Job Queue. */ interface SchedulingPolicyFairsharePolicyArgs { /** * A value used to reserve some of the available maximum vCPU for share identifiers that aren't already used. * * The reserved ratio is `( *computeReservation* /100)^ *ActiveFairShares*` where `*ActiveFairShares*` is the number of active share identifiers. * * For example, a `computeReservation` value of 50 indicates that AWS Batch reserves 50% of the maximum available vCPU if there's only one share identifier. It reserves 25% if there are two share identifiers. It reserves 12.5% if there are three share identifiers. A `computeReservation` value of 25 indicates that AWS Batch should reserve 25% of the maximum available vCPU if there's only one share identifier, 6.25% if there are two fair share identifiers, and 1.56% if there are three share identifiers. * * The minimum value is 0 and the maximum value is 99. */ computeReservation?: pulumi.Input; /** * The amount of time (in seconds) to use to calculate a fair-share percentage for each share identifier in use. A value of zero (0) indicates the default minimum time window (600 seconds). The maximum supported value is 604800 (1 week). * * The decay allows for more recently run jobs to have more weight than jobs that ran earlier. Consider adjusting this number if you have jobs that (on average) run longer than ten minutes, or a large difference in job count or job run times between share identifiers, and the allocation of resources doesn't meet your needs. */ shareDecaySeconds?: pulumi.Input; /** * List of Share Attributes */ shareDistribution?: pulumi.Input[]>; } /** * Quota Share Policy for the Job Queue. */ interface SchedulingPolicyQuotaSharePolicyArgs { idleResourceAssignmentStrategy?: pulumi.Input; } interface SchedulingPolicyShareAttributesArgs { /** * A share identifier or share identifier prefix. If the string ends with an asterisk (*), this entry specifies the weight factor to use for share identifiers that start with that prefix. The list of share identifiers in a fair-share policy can't overlap. For example, you can't have one that specifies a `shareIdentifier` of `UserA*` and another that specifies a `shareIdentifier` of `UserA1` . * * There can be no more than 500 share identifiers active in a job queue. * * The string is limited to 255 alphanumeric characters, and can be followed by an asterisk (*). */ shareIdentifier?: pulumi.Input; /** * The weight factor for the share identifier. The default value is 1.0. A lower value has a higher priority for compute resources. For example, jobs that use a share identifier with a weight factor of 0.125 (1/8) get 8 times the compute resources of jobs that use a share identifier with a weight factor of 1. * * The smallest supported value is 0.0001, and the largest supported value is 999.9999. */ weightFactor?: pulumi.Input; } interface ServiceEnvironmentCapacityLimitArgs { capacityUnit?: pulumi.Input; maxCapacity?: pulumi.Input; } } export declare namespace bcmdataexports { interface ExportArgs { /** * The data query for this specific data export. */ dataQuery: pulumi.Input; /** * The description for this specific data export. */ description?: pulumi.Input; /** * The destination configuration for this specific data export. */ destinationConfigurations: pulumi.Input; /** * The Amazon Resource Name (ARN) for this export. */ exportArn?: pulumi.Input; /** * The name of this specific data export. */ name: pulumi.Input; /** * The cadence for AWS to update the export in your S3 bucket. */ refreshCadence: pulumi.Input; } interface ExportDataQueryArgs { /** * The query statement. */ queryStatement: pulumi.Input; /** * The table configuration. */ tableConfigurations?: pulumi.Input<{ [key: string]: any; }>; } interface ExportDestinationConfigurationsArgs { /** * An object that describes the destination of the data exports file. */ s3Destination: pulumi.Input; } interface ExportRefreshCadenceArgs { /** * The frequency that data exports are updated. The export refreshes each time the source data updates, up to three times daily. */ frequency: pulumi.Input; } interface ExportS3DestinationArgs { /** * The name of the Amazon S3 bucket used as the destination of a data export file. */ s3Bucket: pulumi.Input; s3BucketOwner?: pulumi.Input; /** * The output configuration for the data export. */ s3OutputConfigurations: pulumi.Input; /** * The S3 path prefix you want prepended to the name of your data export. */ s3Prefix: pulumi.Input; /** * The S3 bucket Region. */ s3Region: pulumi.Input; } interface ExportS3OutputConfigurationsArgs { /** * The compression type for the data export. */ compression: pulumi.Input; /** * The file format for the data export. */ format: pulumi.Input; /** * The output type for the data export. */ outputType: pulumi.Input; /** * The rule to follow when generating a version of the data export file. You have the choice to overwrite the previous version or to be delivered in addition to the previous versions. Overwriting exports can save on Amazon S3 storage costs. Creating new export versions allows you to track the changes in cost and usage data over time. */ overwrite: pulumi.Input; } } export declare namespace bcmpricingcalculator { } export declare namespace bedrock { /** * Contains the information of an Agent Action Group */ interface AgentActionGroupArgs { /** * The Amazon Resource Name (ARN) of the Lambda function containing the business logic that is carried out upon invoking the action or the custom control method for handling the information elicited from the user. */ actionGroupExecutor?: pulumi.Input; /** * Name of the action group */ actionGroupName: pulumi.Input; /** * Specifies whether the action group is available for the agent to invoke or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. */ actionGroupState?: pulumi.Input; /** * Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. For more information, see [Action group OpenAPI schemas](https://docs.aws.amazon.com//bedrock/latest/userguide/agents-api-schema.html) . */ apiSchema?: pulumi.Input; /** * Description of action group */ description?: pulumi.Input; /** * Contains details about the function schema for the action group or the JSON or YAML-formatted payload defining the schema. */ functionSchema?: pulumi.Input; /** * If this field is set as `AMAZON.UserInput` , the agent can request the user for additional information when trying to complete a task. The `description` , `apiSchema` , and `actionGroupExecutor` fields must be blank for this action group. * * During orchestration, if the agent determines that it needs to invoke an API in an action group, but doesn't have enough information to complete the API request, it will invoke this action group instead and return an [Observation](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_Observation.html) reprompting the user for more information. */ parentActionGroupSignature?: pulumi.Input; /** * Specifies whether to allow deleting action group while it is in use. */ skipResourceInUseCheckOnDelete?: pulumi.Input; } /** * Type of Executors for an Action Group */ interface AgentActionGroupExecutor0PropertiesArgs { /** * ARN of a Lambda. */ lambda: pulumi.Input; } /** * Type of Executors for an Action Group */ interface AgentActionGroupExecutor1PropertiesArgs { customControl: pulumi.Input; } /** * Additional Model Request Fields for Prompt Configuration */ interface AgentAdditionalModelRequestFieldsArgs { } /** * Details about the routing configuration for an Agent alias. */ interface AgentAliasRoutingConfigurationListItemArgs { /** * Agent Version. */ agentVersion: pulumi.Input; } /** * Contains information about the API Schema for the Action Group */ interface AgentApiSchema0PropertiesArgs { s3: pulumi.Input; } /** * Contains information about the API Schema for the Action Group */ interface AgentApiSchema1PropertiesArgs { /** * String OpenAPI Payload */ payload: pulumi.Input; } /** * Agent Collaborator */ interface AgentCollaboratorArgs { /** * Agent descriptor for agent collaborator */ agentDescriptor: pulumi.Input; /** * Agent collaborator instruction */ collaborationInstruction: pulumi.Input; /** * Agent collaborator name */ collaboratorName: pulumi.Input; /** * The collaborator's relay conversation history. */ relayConversationHistory?: pulumi.Input; } /** * Agent descriptor for agent collaborator */ interface AgentCollaboratorAgentDescriptorPropertiesArgs { /** * Alias ARN for agent descriptor */ aliasArn?: pulumi.Input; } /** * Structure for custom orchestration */ interface AgentCustomOrchestrationArgs { /** * The structure of the executor invoking the actions in custom orchestration. */ executor?: pulumi.Input; } /** * Function definition */ interface AgentFunctionArgs { /** * Description of function */ description?: pulumi.Input; /** * Name for a resource. */ name: pulumi.Input; /** * The parameters that the agent elicits from the user to fulfill the function. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Contains information if user confirmation is required to invoke the function. */ requireConfirmation?: pulumi.Input; } /** * Schema of Functions */ interface AgentFunctionSchemaArgs { /** * List of Function definitions */ functions: pulumi.Input[]>; } /** * Configuration for a guardrail. */ interface AgentGuardrailConfigurationArgs { /** * Identifier for the guardrail, could be the id or the arn */ guardrailIdentifier?: pulumi.Input; /** * Version of the guardrail */ guardrailVersion?: pulumi.Input; } /** * Configuration for inference in prompt configuration */ interface AgentInferenceConfigurationArgs { /** * Maximum length of output */ maximumLength?: pulumi.Input; /** * List of stop sequences */ stopSequences?: pulumi.Input[]>; /** * Controls randomness, higher values increase diversity */ temperature?: pulumi.Input; /** * Sample from the k most likely next tokens */ topK?: pulumi.Input; /** * Cumulative probability cutoff for token selection */ topP?: pulumi.Input; } /** * Agent Knowledge Base */ interface AgentKnowledgeBaseArgs { /** * Description of the Resource. */ description: pulumi.Input; /** * Identifier for a resource. */ knowledgeBaseId: pulumi.Input; /** * Specifies whether to use the knowledge base or not when sending an [InvokeAgent](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_InvokeAgent.html) request. */ knowledgeBaseState?: pulumi.Input; } /** * Configuration for memory storage */ interface AgentMemoryConfigurationArgs { /** * The type of memory that is stored. */ enabledMemoryTypes?: pulumi.Input[]>; /** * Contains the configuration for SESSION_SUMMARY memory type enabled for the agent. */ sessionSummaryConfiguration?: pulumi.Input; /** * Maximum number of days to store session details */ storageDays?: pulumi.Input; } /** * Types of executors for custom orchestration strategy */ interface AgentOrchestrationExecutorArgs { /** * ARN of a Lambda. */ lambda: pulumi.Input; } /** * Parameter detail */ interface AgentParameterDetailArgs { /** * Description of function parameter. */ description?: pulumi.Input; /** * Information about if a parameter is required for function call. Default to false. */ required?: pulumi.Input; /** * The data type of the parameter. */ type: pulumi.Input; } /** * BasePromptConfiguration per Prompt Type. */ interface AgentPromptConfigurationArgs { /** * If the Converse or ConverseStream operations support the model, `additionalModelRequestFields` contains additional inference parameters, beyond the base set of inference parameters in the `inferenceConfiguration` field. * * For more information, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . */ additionalModelRequestFields?: pulumi.Input; /** * Base Prompt Template. */ basePromptTemplate?: pulumi.Input; /** * The agent's foundation model. */ foundationModel?: pulumi.Input; /** * Contains inference parameters to use when the agent invokes a foundation model in the part of the agent sequence defined by the `promptType` . For more information, see [Inference parameters for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . */ inferenceConfiguration?: pulumi.Input; /** * Specifies whether to override the default parser Lambda function when parsing the raw foundation model output in the part of the agent sequence defined by the `promptType` . If you set the field as `OVERRIDDEN` , the `overrideLambda` field in the [PromptOverrideConfiguration](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent_PromptOverrideConfiguration.html) must be specified with the ARN of a Lambda function. */ parserMode?: pulumi.Input; /** * Specifies whether to override the default prompt template for this `promptType` . Set this value to `OVERRIDDEN` to use the prompt that you provide in the `basePromptTemplate` . If you leave it as `DEFAULT` , the agent uses a default prompt template. */ promptCreationMode?: pulumi.Input; /** * Specifies whether to allow the inline agent to carry out the step specified in the `promptType` . If you set this value to `DISABLED` , the agent skips that step. The default state for each `promptType` is as follows. * * - `PRE_PROCESSING` – `ENABLED` * - `ORCHESTRATION` – `ENABLED` * - `KNOWLEDGE_BASE_RESPONSE_GENERATION` – `ENABLED` * - `POST_PROCESSING` – `DISABLED` */ promptState?: pulumi.Input; /** * The step in the agent sequence that this prompt configuration applies to. */ promptType?: pulumi.Input; } /** * Configuration for prompt override. */ interface AgentPromptOverrideConfigurationArgs { /** * ARN of a Lambda. */ overrideLambda?: pulumi.Input; /** * List of BasePromptConfiguration */ promptConfigurations: pulumi.Input[]>; } /** * The identifier for the S3 resource. */ interface AgentS3IdentifierArgs { /** * A bucket in S3. */ s3BucketName?: pulumi.Input; /** * A object key in S3. */ s3ObjectKey?: pulumi.Input; } /** * Configuration for Session Summarization */ interface AgentSessionSummaryConfigurationArgs { /** * Maximum number of Sessions to Summarize */ maxRecentSessions?: pulumi.Input; } /** * Various ways to encode a list of models in a CreateInferenceProfile request */ interface ApplicationInferenceProfileInferenceProfileModelSourcePropertiesArgs { /** * Source arns for a custom inference profile to copy its regional load balancing config from. This * can either be a foundation model or predefined inference profile ARN. */ copyFrom: pulumi.Input; } interface AutomatedReasoningPolicyPolicyDefinitionArgs { /** * The rules definition block of an AutomatedReasoningPolicyDefinition. */ rules?: pulumi.Input[]>; /** * The types definition block of an AutomatedReasoningPolicyDefinition. */ types?: pulumi.Input[]>; /** * The variables definition block of an AutomatedReasoningPolicyDefinition. */ variables?: pulumi.Input[]>; /** * The policy format version. */ version?: pulumi.Input; } interface AutomatedReasoningPolicyPolicyDefinitionRuleArgs { /** * An alternate expression for this rule */ alternateExpression?: pulumi.Input; /** * The SMT expression for this rule */ expression: pulumi.Input; /** * A unique id within the PolicyDefinition */ id: pulumi.Input; } interface AutomatedReasoningPolicyPolicyDefinitionTypeArgs { /** * A natural language description of this type. */ description?: pulumi.Input; /** * A name for this type. */ name: pulumi.Input; /** * A list of valid values for this type. */ values: pulumi.Input[]>; } interface AutomatedReasoningPolicyPolicyDefinitionTypeValueArgs { /** * A natural language description of the type's value. */ description?: pulumi.Input; /** * The value of the type value. */ value: pulumi.Input; } interface AutomatedReasoningPolicyPolicyDefinitionVariableArgs { /** * A natural language description of this variable. */ description: pulumi.Input; /** * A name from this variable. */ name: pulumi.Input; /** * A type for this variable. */ type: pulumi.Input; } /** * KMS Encryption Configuration */ interface DataAutomationLibraryEncryptionConfigurationArgs { kmsEncryptionContext?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * KMS Key Identifier */ kmsKeyId: pulumi.Input; } interface DataAutomationProjectAudioExtractionCategoryArgs { /** * Whether generating categorical data from audio is enabled. */ state: pulumi.Input; /** * This element contains information about extractions from different types. Used to enable speaker and channel labeling for transcripts. */ typeConfiguration?: pulumi.Input; /** * The types of data to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectAudioExtractionCategoryTypeConfigurationArgs { /** * This element allows you to configure different extractions for your transcript data, such as speaker and channel labeling. */ transcript?: pulumi.Input; } interface DataAutomationProjectAudioLanguageConfigurationArgs { /** * The output language of your processing results. This can either be set to `EN` (English) or `DEFAULT` which will output the results in the dominant language of the audio. The dominant language is determined as the language in the audio, spoken the longest in the input audio. */ generativeOutputLanguage?: pulumi.Input; /** * The toggle determining if you want to detect multiple languages from your audio. */ identifyMultipleLanguages?: pulumi.Input; /** * The input language of your audio. This can be set to any of the currently supported languages via the language codes. */ inputLanguages?: pulumi.Input[]>; } interface DataAutomationProjectAudioOverrideConfigurationArgs { /** * The output and input language configuration for your audio. */ languageConfiguration?: pulumi.Input; /** * Sets modality processing for audio files. All modalities are enabled by default. */ modalityProcessing?: pulumi.Input; /** * Configuration for sensitive data detection and redaction for audio files. */ sensitiveDataConfiguration?: pulumi.Input; } interface DataAutomationProjectAudioStandardExtractionArgs { /** * Settings for generating data from audio. */ category: pulumi.Input; } interface DataAutomationProjectAudioStandardGenerativeFieldArgs { /** * Whether generating descriptions is enabled for audio. */ state: pulumi.Input; /** * The types of description to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectAudioStandardOutputConfigurationArgs { /** * Settings for populating data fields that describe the audio. */ extraction?: pulumi.Input; /** * Whether to generate descriptions of the data. */ generativeField?: pulumi.Input; } interface DataAutomationProjectBlueprintItemArgs { /** * ARN of a Blueprint */ blueprintArn: pulumi.Input; /** * The blueprint's stage. */ blueprintStage?: pulumi.Input; /** * Blueprint Version */ blueprintVersion?: pulumi.Input; } interface DataAutomationProjectChannelLabelingConfigurationArgs { /** * State of channel labeling, either enabled or disabled. */ state: pulumi.Input; } /** * Custom output configuration */ interface DataAutomationProjectCustomOutputConfigurationArgs { /** * A list of blueprints. */ blueprints?: pulumi.Input[]>; } interface DataAutomationProjectDocumentBoundingBoxArgs { /** * Whether bounding boxes are enabled for documents. */ state: pulumi.Input; } interface DataAutomationProjectDocumentExtractionGranularityArgs { /** * Granularity settings for documents. */ types?: pulumi.Input[]>; } interface DataAutomationProjectDocumentOutputAdditionalFileFormatArgs { /** * Whether additional file formats are enabled for a project. */ state: pulumi.Input; } interface DataAutomationProjectDocumentOutputFormatArgs { /** * Output settings for additional file formats. */ additionalFileFormat: pulumi.Input; /** * An output text format. */ textFormat: pulumi.Input; } interface DataAutomationProjectDocumentOutputTextFormatArgs { /** * The types of output text to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectDocumentOverrideConfigurationArgs { /** * Sets modality processing for document files. All modalities are enabled by default. */ modalityProcessing?: pulumi.Input; /** * Configuration for sensitive data detection and redaction for document files. */ sensitiveDataConfiguration?: pulumi.Input; /** * Whether document splitter is enabled for a project. */ splitter?: pulumi.Input; } interface DataAutomationProjectDocumentStandardExtractionArgs { /** * Whether to generate bounding boxes. */ boundingBox: pulumi.Input; /** * Which granularities to generate data for. */ granularity: pulumi.Input; } interface DataAutomationProjectDocumentStandardGenerativeFieldArgs { /** * Whether generating descriptions is enabled for documents. */ state: pulumi.Input; } interface DataAutomationProjectDocumentStandardOutputConfigurationArgs { /** * Settings for populating data fields that describe the document. */ extraction?: pulumi.Input; /** * Whether to generate descriptions. */ generativeField?: pulumi.Input; /** * The output format to generate. */ outputFormat?: pulumi.Input; } interface DataAutomationProjectImageBoundingBoxArgs { /** * Bounding box settings for a project. */ state: pulumi.Input; } interface DataAutomationProjectImageExtractionCategoryArgs { /** * Whether generating categorical data from images is enabled. */ state: pulumi.Input; /** * The types of data to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectImageOverrideConfigurationArgs { /** * Sets modality processing for image files. All modalities are enabled by default. */ modalityProcessing?: pulumi.Input; /** * Configuration for sensitive data detection and redaction for image files. */ sensitiveDataConfiguration?: pulumi.Input; } interface DataAutomationProjectImageStandardExtractionArgs { /** * Settings for generating bounding boxes. */ boundingBox: pulumi.Input; /** * Settings for generating categorical data. */ category: pulumi.Input; } interface DataAutomationProjectImageStandardGenerativeFieldArgs { /** * Whether generating descriptions is enabled for images. */ state: pulumi.Input; /** * Settings for generating descriptions of images. */ types?: pulumi.Input[]>; } interface DataAutomationProjectImageStandardOutputConfigurationArgs { /** * Settings for populating data fields that describe the image. */ extraction?: pulumi.Input; /** * Whether to generate descriptions of the data. */ generativeField?: pulumi.Input; } interface DataAutomationProjectModalityProcessingConfigurationArgs { /** * Stores the state of the modality for your project, set to either enabled or disabled */ state?: pulumi.Input; } /** * Modality routing configuration */ interface DataAutomationProjectModalityRoutingConfigurationArgs { /** * Sets whether JPEG files are routed to document or image processing. */ jpeg?: pulumi.Input; /** * Sets whether MOV files are routed to audio or video processing. */ mov?: pulumi.Input; /** * Sets whether MP4 files are routed to audio or video processing. */ mp4?: pulumi.Input; /** * Sets whether PNG files are routed to document or image processing. */ png?: pulumi.Input; } /** * Override configuration */ interface DataAutomationProjectOverrideConfigurationArgs { /** * This element declares whether your project will process audio files. */ audio?: pulumi.Input; /** * Additional settings for a project. */ document?: pulumi.Input; /** * This element declares whether your project will process image files. */ image?: pulumi.Input; /** * Lets you set which modalities certain file types are processed as. */ modalityRouting?: pulumi.Input; /** * This element declares whether your project will process video files. */ video?: pulumi.Input; } interface DataAutomationProjectPiiEntitiesConfigurationArgs { /** * List of PII entity types to detect/redact in the output. Choose from specific entity types (such as ADDRESS, NAME, EMAIL, PHONE, US_SOCIAL_SECURITY_NUMBER) or specify ALL to detect all supported PII types. If not specified, defaults to ALL. */ piiEntityTypes?: pulumi.Input[]>; /** * Defines how detected PII entities are masked in redacted output files. Set to PII to replace all detected entities with a generic [PII] marker regardless of entity type. Set to ENTITY_TYPE to replace each detected entity with its specific type marker (for example, [NAME], [EMAIL], [ADDRESS]). This setting only applies when detectionMode is set to DETECTION_AND_REDACTION. If not specified, defaults to ENTITY_TYPE. */ redactionMaskMode?: pulumi.Input; } interface DataAutomationProjectSensitiveDataConfigurationArgs { /** * Specifies the mode for handling sensitive data detection. Set to DETECTION to only identify sensitive data without modifying content - this produces one output file per detection scope containing detection information with original unredacted content. Set to DETECTION_AND_REDACTION to both identify and mask sensitive data - this produces two output files per detection scope: one unredacted file with detection information and one redacted file with masking applied to sensitive content. For example, if detectionScope includes both STANDARD and CUSTOM with DETECTION_AND_REDACTION mode, four output files will be generated (two for standard output and two for custom output). */ detectionMode?: pulumi.Input; /** * Defines which BDA output types to apply sensitive data detection to. Specify STANDARD to detect sensitive data in standard output, CUSTOM to detect in custom output (blueprint-based extraction), or both to apply detection to both output types. If not specified, defaults to both STANDARD and CUSTOM. The number of output files generated depends on both the detection mode and the scopes selected - each scope specified will produce its own set of output files according to the detection mode configured. */ detectionScope?: pulumi.Input[]>; /** * Configuration for detecting and redacting Personally Identifiable Information (PII) entities. */ piiEntitiesConfiguration?: pulumi.Input; } interface DataAutomationProjectSpeakerLabelingConfigurationArgs { /** * State of speaker labeling, either enabled or disabled. */ state: pulumi.Input; } interface DataAutomationProjectSplitterConfigurationArgs { /** * Whether document splitter is enabled for a project. */ state?: pulumi.Input; } /** * Standard output configuration */ interface DataAutomationProjectStandardOutputConfigurationArgs { /** * Settings for processing audio. */ audio?: pulumi.Input; /** * Settings for processing documents. */ document?: pulumi.Input; /** * Settings for processing images. */ image?: pulumi.Input; /** * Settings for processing video. */ video?: pulumi.Input; } interface DataAutomationProjectTranscriptConfigurationArgs { /** * Enables channel labeling. Each audio channel will be labeled with a number, and the transcript will indicate which channel is being used. */ channelLabeling?: pulumi.Input; /** * Enables speaker labeling. Each speaker within a transcript will recieve a number, and the transcript will note which speaker is talking. */ speakerLabeling?: pulumi.Input; } interface DataAutomationProjectVideoBoundingBoxArgs { /** * Whether bounding boxes are enabled for video. */ state: pulumi.Input; } interface DataAutomationProjectVideoExtractionCategoryArgs { /** * Whether generating categorical data from video is enabled. */ state: pulumi.Input; /** * The types of data to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectVideoOverrideConfigurationArgs { /** * Sets modality processing for video files. All modalities are enabled by default. */ modalityProcessing?: pulumi.Input; /** * Configuration for sensitive data detection and redaction for video files. */ sensitiveDataConfiguration?: pulumi.Input; } interface DataAutomationProjectVideoStandardExtractionArgs { /** * Settings for generating bounding boxes. */ boundingBox: pulumi.Input; /** * Settings for generating categorical data. */ category: pulumi.Input; } interface DataAutomationProjectVideoStandardGenerativeFieldArgs { /** * Whether generating descriptions is enabled for video. */ state: pulumi.Input; /** * The types of description to generate. */ types?: pulumi.Input[]>; } interface DataAutomationProjectVideoStandardOutputConfigurationArgs { /** * Settings for populating data fields that describe the video. */ extraction?: pulumi.Input; /** * Whether to generate descriptions of the video. */ generativeField?: pulumi.Input; } /** * Settings for a Bedrock Data Automation used to parse documents for a data source. */ interface DataSourceBedrockDataAutomationConfigurationArgs { /** * Specifies whether to enable parsing of multimodal data, including both text and/or images. */ parsingModality?: pulumi.Input; } /** * Settings for a foundation model used to parse documents for a data source. */ interface DataSourceBedrockFoundationModelConfigurationArgs { /** * The ARN of the foundation model to use for parsing. */ modelArn: pulumi.Input; /** * Specifies whether to enable parsing of multimodal data, including both text and/or images. */ parsingModality?: pulumi.Input; /** * Instructions for interpreting the contents of a document. */ parsingPrompt?: pulumi.Input; } /** * Bedrock Foundation Model configuration to be used for Context Enrichment. */ interface DataSourceBedrockFoundationModelContextEnrichmentConfigurationArgs { /** * The enrichment stategy used to provide additional context. For example, Neptune GraphRAG uses Amazon Bedrock foundation models to perform chunk entity extraction. */ enrichmentStrategyConfiguration: pulumi.Input; /** * The Amazon Resource Name (ARN) of the model used to create vector embeddings for the knowledge base. */ modelArn: pulumi.Input; } /** * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. */ interface DataSourceChunkingConfigurationArgs { /** * Knowledge base can split your source data into chunks. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. You have the following options for chunking your data. If you opt for `NONE` , then you may want to pre-process your files by splitting them up such that each file corresponds to a chunk. * * - `FIXED_SIZE` – Amazon Bedrock splits your source data into chunks of the approximate size that you set in the `fixedSizeChunkingConfiguration` . * - `HIERARCHICAL` – Split documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer. * - `SEMANTIC` – Split documents into chunks based on groups of similar content derived with natural language processing. * - `NONE` – Amazon Bedrock treats each file as one chunk. If you choose this option, you may want to pre-process your documents by splitting them into separate files. */ chunkingStrategy: pulumi.Input; /** * Configurations for when you choose fixed-size chunking. If you set the `chunkingStrategy` as `NONE` , exclude this field. */ fixedSizeChunkingConfiguration?: pulumi.Input; /** * Settings for hierarchical document chunking for a data source. Hierarchical chunking splits documents into layers of chunks where the first layer contains large chunks, and the second layer contains smaller chunks derived from the first layer. */ hierarchicalChunkingConfiguration?: pulumi.Input; /** * Settings for semantic document chunking for a data source. Semantic chunking splits a document into into smaller documents based on groups of similar content derived from the text with natural language processing. */ semanticChunkingConfiguration?: pulumi.Input; } /** * Specifies a raw data source location to ingest. */ interface DataSourceConfigurationArgs { /** * The configuration information to connect to Confluence as your data source. * * > Confluence data source connector is in preview release and is subject to change. */ confluenceConfiguration?: pulumi.Input; /** * The configuration information to connect to Amazon S3 as your data source. */ s3Configuration?: pulumi.Input; /** * The configuration information to connect to Salesforce as your data source. * * > Salesforce data source connector is in preview release and is subject to change. */ salesforceConfiguration?: pulumi.Input; /** * The configuration information to connect to SharePoint as your data source. * * > SharePoint data source connector is in preview release and is subject to change. */ sharePointConfiguration?: pulumi.Input; /** * The type of data source. */ type: pulumi.Input; /** * The configuration of web URLs to crawl for your data source. You should be authorized to crawl the URLs. * * > Crawling web URLs as your data source is in preview release and is subject to change. */ webConfiguration?: pulumi.Input; } /** * The configuration of the Confluence content. For example, configuring specific types of Confluence content. */ interface DataSourceConfluenceCrawlerConfigurationArgs { /** * The configuration of filtering the Confluence content. For example, configuring regular expression patterns to include or exclude certain content. */ filterConfiguration?: pulumi.Input; } /** * The configuration information to connect to Confluence as your data source. */ interface DataSourceConfluenceDataSourceConfigurationArgs { /** * The configuration of the Confluence content. For example, configuring specific types of Confluence content. */ crawlerConfiguration?: pulumi.Input; /** * The endpoint information to connect to your Confluence data source. */ sourceConfiguration: pulumi.Input; } /** * The endpoint information to connect to your Confluence data source. */ interface DataSourceConfluenceSourceConfigurationArgs { /** * The supported authentication type to authenticate and connect to your Confluence instance. */ authType: pulumi.Input; /** * The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Confluence instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Confluence connection configuration. */ credentialsSecretArn: pulumi.Input; /** * The supported host type, whether online/cloud or server/on-premises. */ hostType: pulumi.Input; /** * The Confluence host URL or instance URL. */ hostUrl: pulumi.Input; } /** * Additional Enrichment Configuration for example when using GraphRag. */ interface DataSourceContextEnrichmentConfigurationArgs { /** * The configuration of the Amazon Bedrock foundation model used for context enrichment. */ bedrockFoundationModelConfiguration?: pulumi.Input; /** * The method used for context enrichment. It must be Amazon Bedrock foundation models. */ type: pulumi.Input; } /** * The type of filtering that you want to apply to certain objects or content of the data source. For example, the PATTERN type is regular expression patterns you can apply to filter your content. */ interface DataSourceCrawlFilterConfigurationArgs { /** * The configuration of filtering certain objects or content types of the data source. */ patternObjectFilter?: pulumi.Input; /** * The crawl filter type. */ type: pulumi.Input; } /** * Settings for customizing steps in the data source content ingestion pipeline. */ interface DataSourceCustomTransformationConfigurationArgs { /** * An S3 bucket path for input and output objects. */ intermediateStorage: pulumi.Input; /** * A list of Lambda functions that process documents. */ transformations: pulumi.Input[]>; } /** * Strategy to be used when using Bedrock Foundation Model for Context Enrichment. */ interface DataSourceEnrichmentStrategyConfigurationArgs { /** * The method used for the context enrichment strategy. */ method: pulumi.Input; } /** * Configurations for when you choose fixed-size chunking. If you set the chunkingStrategy as NONE, exclude this field. */ interface DataSourceFixedSizeChunkingConfigurationArgs { /** * The maximum number of tokens to include in a chunk. */ maxTokens: pulumi.Input; /** * The percentage of overlap between adjacent chunks of a data source. */ overlapPercentage: pulumi.Input; } /** * Configurations for when you choose hierarchical chunking. If you set the chunkingStrategy as NONE, exclude this field. */ interface DataSourceHierarchicalChunkingConfigurationArgs { /** * Token settings for each layer. */ levelConfigurations: pulumi.Input[]>; /** * The number of tokens to repeat across chunks in the same layer. */ overlapTokens: pulumi.Input; } /** * Token settings for a layer in a hierarchical chunking configuration. */ interface DataSourceHierarchicalChunkingLevelConfigurationArgs { /** * The maximum number of tokens that a chunk can contain in this layer. */ maxTokens: pulumi.Input; } /** * A location for storing content from data sources temporarily as it is processed by custom components in the ingestion pipeline. */ interface DataSourceIntermediateStorageArgs { /** * An S3 bucket path. */ s3Location: pulumi.Input; } /** * Settings for parsing document contents */ interface DataSourceParsingConfigurationArgs { /** * If you specify `BEDROCK_DATA_AUTOMATION` as the parsing strategy for ingesting your data source, use this object to modify configurations for using the Amazon Bedrock Data Automation parser. */ bedrockDataAutomationConfiguration?: pulumi.Input; /** * If you specify `BEDROCK_FOUNDATION_MODEL` as the parsing strategy for ingesting your data source, use this object to modify configurations for using a foundation model to parse documents. */ bedrockFoundationModelConfiguration?: pulumi.Input; /** * The parsing strategy for the data source. */ parsingStrategy: pulumi.Input; } /** * Instructions for interpreting the contents of a document. */ interface DataSourceParsingPromptArgs { /** * Instructions for interpreting the contents of a document. */ parsingPromptText: pulumi.Input; } /** * The specific filters applied to your data source content. You can filter out or include certain content. */ interface DataSourcePatternObjectFilterArgs { exclusionFilters?: pulumi.Input[]>; inclusionFilters?: pulumi.Input[]>; /** * The supported object type or content type of the data source. */ objectType: pulumi.Input; } /** * The configuration of specific filters applied to your data source content. You can filter out or include certain content. */ interface DataSourcePatternObjectFilterConfigurationArgs { /** * The configuration of specific filters applied to your data source content. You can filter out or include certain content. */ filters: pulumi.Input[]>; } /** * The configuration information to connect to Amazon S3 as your data source. */ interface DataSourceS3DataSourceConfigurationArgs { /** * The ARN of the bucket that contains the data source. */ bucketArn: pulumi.Input; /** * The account ID for the owner of the S3 bucket. */ bucketOwnerAccountId?: pulumi.Input; /** * A list of S3 prefixes that define the object containing the data sources. */ inclusionPrefixes?: pulumi.Input[]>; } /** * An Amazon S3 location. */ interface DataSourceS3LocationArgs { /** * The location's URI */ uri: pulumi.Input; } /** * The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content. */ interface DataSourceSalesforceCrawlerConfigurationArgs { /** * The configuration of filtering the Salesforce content. For example, configuring regular expression patterns to include or exclude certain content. */ filterConfiguration?: pulumi.Input; } /** * The configuration information to connect to Salesforce as your data source. */ interface DataSourceSalesforceDataSourceConfigurationArgs { /** * The configuration of the Salesforce content. For example, configuring specific types of Salesforce content. */ crawlerConfiguration?: pulumi.Input; /** * The endpoint information to connect to your Salesforce data source. */ sourceConfiguration: pulumi.Input; } /** * The endpoint information to connect to your Salesforce data source. */ interface DataSourceSalesforceSourceConfigurationArgs { /** * The supported authentication type to authenticate and connect to your Salesforce instance. */ authType: pulumi.Input; /** * The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your Salesforce instance URL. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see Salesforce connection configuration. */ credentialsSecretArn: pulumi.Input; /** * The Salesforce host URL or instance URL. */ hostUrl: pulumi.Input; } /** * A seed url object. */ interface DataSourceSeedUrlArgs { /** * A web url. */ url: pulumi.Input; } /** * Configurations for when you choose semantic chunking. If you set the chunkingStrategy as NONE, exclude this field. */ interface DataSourceSemanticChunkingConfigurationArgs { /** * The dissimilarity threshold for splitting chunks. */ breakpointPercentileThreshold: pulumi.Input; /** * The buffer size. */ bufferSize: pulumi.Input; /** * The maximum number of tokens that a chunk can contain. */ maxTokens: pulumi.Input; } /** * Contains details about the server-side encryption for the data source. */ interface DataSourceServerSideEncryptionConfigurationArgs { /** * The ARN of the AWS KMS key used to encrypt the resource. */ kmsKeyArn?: pulumi.Input; } /** * The configuration of the SharePoint content. For example, configuring specific types of SharePoint content. */ interface DataSourceSharePointCrawlerConfigurationArgs { /** * The configuration of filtering the SharePoint content. For example, configuring regular expression patterns to include or exclude certain content. */ filterConfiguration?: pulumi.Input; } /** * The configuration information to connect to SharePoint as your data source. */ interface DataSourceSharePointDataSourceConfigurationArgs { /** * The configuration of the SharePoint content. For example, configuring specific types of SharePoint content. */ crawlerConfiguration?: pulumi.Input; /** * The endpoint information to connect to your SharePoint data source. */ sourceConfiguration: pulumi.Input; } /** * The endpoint information to connect to your SharePoint data source. */ interface DataSourceSharePointSourceConfigurationArgs { /** * The supported authentication type to authenticate and connect to your SharePoint site/sites. */ authType: pulumi.Input; /** * The Amazon Resource Name of an AWS Secrets Manager secret that stores your authentication credentials for your SharePoint site/sites. For more information on the key-value pairs that must be included in your secret, depending on your authentication type, see SharePoint connection configuration. */ credentialsSecretArn: pulumi.Input; /** * The domain of your SharePoint instance or site URL/URLs. */ domain: pulumi.Input; /** * The supported host type, whether online/cloud or server/on-premises. */ hostType: pulumi.Input; /** * A list of one or more SharePoint site URLs. */ siteUrls: pulumi.Input[]>; /** * The identifier of your Microsoft 365 tenant. */ tenantId?: pulumi.Input; } /** * A Lambda function that processes documents. */ interface DataSourceTransformationArgs { /** * When the service applies the transformation. */ stepToApply: pulumi.Input; /** * A Lambda function that processes documents. */ transformationFunction: pulumi.Input; } /** * A Lambda function that processes documents. */ interface DataSourceTransformationFunctionArgs { /** * The Lambda function. */ transformationLambdaConfiguration: pulumi.Input; } /** * A Lambda function that processes documents. */ interface DataSourceTransformationLambdaConfigurationArgs { /** * The function's ARN identifier. */ lambdaArn: pulumi.Input; } /** * A url configuration. */ interface DataSourceUrlConfigurationArgs { /** * One or more seed or starting point URLs. */ seedUrls: pulumi.Input[]>; } /** * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. */ interface DataSourceVectorIngestionConfigurationArgs { /** * Details about how to chunk the documents in the data source. A *chunk* refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. */ chunkingConfiguration?: pulumi.Input; /** * The context enrichment configuration used for ingestion of the data into the vector store. */ contextEnrichmentConfiguration?: pulumi.Input; /** * A custom document transformer for parsed data source documents. */ customTransformationConfiguration?: pulumi.Input; /** * Configurations for a parser to use for parsing documents in your data source. If you exclude this field, the default parser will be used. */ parsingConfiguration?: pulumi.Input; } /** * Configuration for the web crawler. */ interface DataSourceWebCrawlerConfigurationArgs { /** * The configuration of crawl limits for the web URLs. */ crawlerLimits?: pulumi.Input; /** * A list of one or more exclusion regular expression patterns to exclude certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn’t crawled. */ exclusionFilters?: pulumi.Input[]>; /** * A list of one or more inclusion regular expression patterns to include certain URLs. If you specify an inclusion and exclusion filter/pattern and both match a URL, the exclusion filter takes precedence and the web content of the URL isn’t crawled. */ inclusionFilters?: pulumi.Input[]>; /** * The scope of what is crawled for your URLs. * * You can choose to crawl only web pages that belong to the same host or primary domain. For example, only web pages that contain the seed URL "https://docs.aws.amazon.com/bedrock/latest/userguide/" and no other domains. You can choose to include sub domains in addition to the host or primary domain. For example, web pages that contain "aws.amazon.com" can also include sub domain "docs.aws.amazon.com". */ scope?: pulumi.Input; /** * The suffix that will be included in the user agent header. */ userAgent?: pulumi.Input; /** * The full user agent header, including UUID and suffix. */ userAgentHeader?: pulumi.Input; } /** * Limit settings for the web crawler. */ interface DataSourceWebCrawlerLimitsArgs { /** * Maximum number of pages the crawler can crawl. */ maxPages?: pulumi.Input; /** * Rate of web URLs retrieved per minute. */ rateLimit?: pulumi.Input; } /** * Configures a web data source location. */ interface DataSourceWebDataSourceConfigurationArgs { /** * The Web Crawler configuration details for the web data source. */ crawlerConfiguration?: pulumi.Input; /** * The source configuration details for the web data source. */ sourceConfiguration: pulumi.Input; } /** * A web source configuration. */ interface DataSourceWebSourceConfigurationArgs { /** * The configuration of the URL/URLs. */ urlConfiguration: pulumi.Input; } /** * Model-specific information for the enforced guardrail configuration. If not present, the configuration is enforced on all models */ interface EnforcedGuardrailConfigurationModelEnforcementArgs { /** * Models to exclude from enforcement. If a model is in both lists, it is excluded */ excludedModels: pulumi.Input[]>; /** * Models to enforce the guardrail on */ includedModels: pulumi.Input[]>; } /** * Selective content guarding controls for enforced guardrails */ interface EnforcedGuardrailConfigurationSelectiveContentGuardingArgs { /** * Selective guarding mode for user messages */ messages?: pulumi.Input; /** * Selective guarding mode for system prompts */ system?: pulumi.Input; } interface FlowAdditionalModelRequestFieldsArgs { } /** * Agent flow node configuration */ interface FlowAgentFlowNodeConfigurationArgs { /** * Arn representation of the Agent Alias. */ agentAliasArn: pulumi.Input; } interface FlowAliasConcurrencyConfigurationArgs { /** * Number of nodes executed concurrently at a time */ maxConcurrency?: pulumi.Input; /** * The type of concurrency to use for parallel node execution. Specify one of the following options: * * - `Automatic` - Amazon Bedrock determines which nodes can be executed in parallel based on the flow definition and its dependencies. * - `Manual` - You specify which nodes can be executed in parallel. */ type: pulumi.Input; } /** * Details about the routing configuration for a Flow alias. */ interface FlowAliasRoutingConfigurationListItemArgs { /** * Version. */ flowVersion?: pulumi.Input; } /** * Collector flow node configuration */ interface FlowCollectorFlowNodeConfigurationArgs { } /** * Condition branch for a condition node */ interface FlowConditionArgs { /** * Expression for a condition in a flow */ expression?: pulumi.Input; /** * Name of a condition in a flow */ name: pulumi.Input; } /** * Condition flow node configuration */ interface FlowConditionFlowNodeConfigurationArgs { /** * List of conditions in a condition node */ conditions: pulumi.Input[]>; } /** * Conditional connection configuration */ interface FlowConditionalConnectionConfigurationArgs { /** * Name of a condition in a flow */ condition: pulumi.Input; } /** * Flow connection */ interface FlowConnectionArgs { /** * The configuration of the connection. */ configuration?: pulumi.Input; /** * Name of a connection in a flow */ name: pulumi.Input; /** * Name of a node in a flow */ source: pulumi.Input; /** * Name of a node in a flow */ target: pulumi.Input; /** * Whether the source node that the connection begins from is a condition node ( `Conditional` ) or not ( `Data` ). */ type: pulumi.Input; } /** * Connection configuration */ interface FlowConnectionConfiguration0PropertiesArgs { data: pulumi.Input; } /** * Connection configuration */ interface FlowConnectionConfiguration1PropertiesArgs { conditional: pulumi.Input; } /** * Data connection configuration */ interface FlowDataConnectionConfigurationArgs { /** * Name of a node output in a flow */ sourceOutput: pulumi.Input; /** * Name of a node input in a flow */ targetInput: pulumi.Input; } /** * Flow definition */ interface FlowDefinitionArgs { /** * List of connections */ connections?: pulumi.Input[]>; /** * List of nodes in a flow */ nodes?: pulumi.Input[]>; } /** * Field name for reranking */ interface FlowFieldForRerankingArgs { /** * Field name for reranking */ fieldName: pulumi.Input; } /** * Configuration for a guardrail */ interface FlowGuardrailConfigurationArgs { /** * Identifier for the guardrail, could be the id or the arn */ guardrailIdentifier?: pulumi.Input; /** * Version of the guardrail */ guardrailVersion?: pulumi.Input; } /** * Inline code config strucuture, contains code configs */ interface FlowInlineCodeFlowNodeConfigurationArgs { /** * The inline code entered by customers. max size is 5MB. */ code: pulumi.Input; language: pulumi.Input; } /** * Input flow node configuration */ interface FlowInputFlowNodeConfigurationArgs { } /** * Iterator flow node configuration */ interface FlowIteratorFlowNodeConfigurationArgs { } /** * Knowledge base flow node configuration */ interface FlowKnowledgeBaseFlowNodeConfigurationArgs { guardrailConfiguration?: pulumi.Input; inferenceConfiguration?: pulumi.Input; /** * Identifier of the KnowledgeBase */ knowledgeBaseId: pulumi.Input; /** * ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. */ modelId?: pulumi.Input; /** * Number Of Results to Retrieve */ numberOfResults?: pulumi.Input; orchestrationConfiguration?: pulumi.Input; promptTemplate?: pulumi.Input; rerankingConfiguration?: pulumi.Input; } interface FlowKnowledgeBaseOrchestrationConfigurationArgs { additionalModelRequestFields?: pulumi.Input; inferenceConfig?: pulumi.Input; performanceConfig?: pulumi.Input; promptTemplate?: pulumi.Input; } /** * Knowledge Base Prompt template */ interface FlowKnowledgeBasePromptTemplatePropertiesArgs { textPromptTemplate: pulumi.Input; } /** * Lambda function flow node configuration */ interface FlowLambdaFunctionFlowNodeConfigurationArgs { /** * ARN of a Lambda. */ lambdaArn: pulumi.Input; } /** * Lex flow node configuration */ interface FlowLexFlowNodeConfigurationArgs { /** * ARN of a Lex bot alias */ botAliasArn: pulumi.Input; /** * Lex bot locale id */ localeId: pulumi.Input; } /** * Configuration for the LoopController node, which manages loop execution */ interface FlowLoopControllerFlowNodeConfigurationArgs { continueCondition: pulumi.Input; /** * Maximum number of iterations the loop can perform */ maxIterations?: pulumi.Input; } /** * Loop node config, contains loop's internal definition */ interface FlowLoopFlowNodeConfigurationArgs { definition: pulumi.Input; } /** * Configuration for the LoopInput node */ interface FlowLoopInputFlowNodeConfigurationArgs { } interface FlowMetadataConfigurationForRerankingArgs { selectionMode: pulumi.Input; selectiveModeConfiguration?: pulumi.Input; } /** * Internal mixin for flow node */ interface FlowNodeArgs { /** * Contains configurations for the node. */ configuration?: pulumi.Input; /** * List of node inputs in a flow */ inputs?: pulumi.Input[]>; /** * Name of a node in a flow */ name: pulumi.Input; /** * List of node outputs in a flow */ outputs?: pulumi.Input[]>; /** * The type of node. This value must match the name of the key that you provide in the configuration you provide in the `FlowNodeConfiguration` field. */ type: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration0PropertiesArgs { input: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration10PropertiesArgs { collector: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration11PropertiesArgs { retrieval: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration12PropertiesArgs { inlineCode: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration13PropertiesArgs { loop: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration14PropertiesArgs { loopInput: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration15PropertiesArgs { loopController: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration1PropertiesArgs { output: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration2PropertiesArgs { knowledgeBase: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration3PropertiesArgs { condition: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration4PropertiesArgs { lex: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration5PropertiesArgs { prompt: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration6PropertiesArgs { lambdaFunction: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration7PropertiesArgs { agent: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration8PropertiesArgs { storage: pulumi.Input; } /** * Node configuration in a flow */ interface FlowNodeConfiguration9PropertiesArgs { iterator: pulumi.Input; } /** * Input to a node in a flow */ interface FlowNodeInputArgs { /** * Specifies how input data flows between iterations in a DoWhile loop. * * - `LoopCondition` - Controls whether the loop continues by evaluating condition expressions against the input data. Use this category to define the condition that determines if the loop should continue. * - `ReturnValueToLoopStart` - Defines data to pass back to the start of the loop's next iteration. Use this category for variables that you want to update for each loop iteration. * - `ExitLoop` - Defines the value that's available once the loop ends. Use this category to expose loop results to nodes outside the loop. */ category?: pulumi.Input; /** * Expression for a node input in a flow */ expression: pulumi.Input; /** * Name of a node input in a flow */ name: pulumi.Input; /** * Specifies the data type of the input. If the input doesn't match this type at runtime, a validation error will be thrown. */ type: pulumi.Input; } /** * Output of a node in a flow */ interface FlowNodeOutputArgs { /** * Name of a node output in a flow */ name: pulumi.Input; /** * The data type of the output. If the output doesn't match this type at runtime, a validation error will be thrown. */ type: pulumi.Input; } /** * Output flow node configuration */ interface FlowOutputFlowNodeConfigurationArgs { } interface FlowPerformanceConfigurationArgs { latency?: pulumi.Input; } /** * Prompt flow node configuration */ interface FlowPromptFlowNodeConfigurationArgs { guardrailConfiguration?: pulumi.Input; sourceConfiguration: pulumi.Input; } /** * Inline prompt configuration for prompt node */ interface FlowPromptFlowNodeInlineConfigurationArgs { inferenceConfiguration?: pulumi.Input; /** * ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. */ modelId: pulumi.Input; templateConfiguration: pulumi.Input; templateType: pulumi.Input; } /** * Resource prompt configuration for prompt node */ interface FlowPromptFlowNodeResourceConfigurationArgs { /** * ARN of a prompt resource possibly with a version */ promptArn: pulumi.Input; } /** * Prompt source configuration for prompt node */ interface FlowPromptFlowNodeSourceConfiguration0PropertiesArgs { resource: pulumi.Input; } /** * Prompt source configuration for prompt node */ interface FlowPromptFlowNodeSourceConfiguration1PropertiesArgs { inline: pulumi.Input; } /** * Model inference configuration */ interface FlowPromptInferenceConfigurationPropertiesArgs { text: pulumi.Input; } /** * Input variable */ interface FlowPromptInputVariableArgs { /** * Name for an input variable */ name?: pulumi.Input; } /** * Prompt model inference configuration */ interface FlowPromptModelInferenceConfigurationArgs { /** * Maximum length of output */ maxTokens?: pulumi.Input; /** * List of stop sequences */ stopSequences?: pulumi.Input[]>; /** * Controls randomness, higher values increase diversity */ temperature?: pulumi.Input; /** * Cumulative probability cutoff for token selection */ topP?: pulumi.Input; } /** * Prompt template configuration */ interface FlowPromptTemplateConfigurationPropertiesArgs { text: pulumi.Input; } /** * Reranking Metadata Selective Mode Configuration */ interface FlowRerankingMetadataSelectiveModeConfiguration0PropertiesArgs { fieldsToInclude: pulumi.Input[]>; } /** * Reranking Metadata Selective Mode Configuration */ interface FlowRerankingMetadataSelectiveModeConfiguration1PropertiesArgs { fieldsToExclude: pulumi.Input[]>; } /** * Retrieval flow node configuration */ interface FlowRetrievalFlowNodeConfigurationArgs { serviceConfiguration: pulumi.Input; } /** * s3 Retrieval configuration for Retrieval node */ interface FlowRetrievalFlowNodeS3ConfigurationArgs { /** * bucket name of an s3 that will be used for Retrieval flow node configuration */ bucketName: pulumi.Input; } /** * Retrieval service configuration for Retrieval node */ interface FlowRetrievalFlowNodeServiceConfigurationPropertiesArgs { s3?: pulumi.Input; } /** * A bucket, key and optional version pointing to an S3 object containing a UTF-8 encoded JSON string Definition with the same schema as the Definition property of this resource */ interface FlowS3LocationArgs { /** * A bucket in S3 */ bucket: pulumi.Input; /** * A object key in S3 */ key: pulumi.Input; /** * The version of the the S3 object to use */ version?: pulumi.Input; } /** * Storage flow node configuration */ interface FlowStorageFlowNodeConfigurationArgs { serviceConfiguration: pulumi.Input; } /** * s3 storage configuration for storage node */ interface FlowStorageFlowNodeS3ConfigurationArgs { /** * bucket name of an s3 that will be used for storage flow node configuration */ bucketName: pulumi.Input; } /** * storage service configuration for storage node */ interface FlowStorageFlowNodeServiceConfigurationPropertiesArgs { s3?: pulumi.Input; } /** * Configuration for text prompt template */ interface FlowTextPromptTemplateConfigurationArgs { /** * List of input variables */ inputVariables?: pulumi.Input[]>; /** * Prompt content for String prompt template */ text: pulumi.Input; } interface FlowVectorSearchBedrockRerankingConfigurationArgs { metadataConfiguration?: pulumi.Input; modelConfiguration: pulumi.Input; /** * Number Of Results For Reranking */ numberOfRerankedResults?: pulumi.Input; } interface FlowVectorSearchBedrockRerankingModelConfigurationArgs { additionalModelRequestFields?: pulumi.Input; modelArn: pulumi.Input; } interface FlowVectorSearchRerankingConfigurationArgs { bedrockRerankingConfiguration?: pulumi.Input; type: pulumi.Input; } /** * Optional configuration for integrating Automated Reasoning policies with the guardrail. */ interface GuardrailAutomatedReasoningPolicyConfigArgs { /** * The confidence threshold for triggering guardrail actions based on Automated Reasoning policy violations. */ confidenceThreshold?: pulumi.Input; /** * The list of Automated Reasoning policy ARNs to include in the guardrail configuration */ policies: pulumi.Input[]>; } /** * Content filter config in content policy. */ interface GuardrailContentFilterConfigArgs { /** * Specifies the action to take when harmful content is detected. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * List of modalities */ inputModalities?: pulumi.Input[]>; /** * The strength of the content filter to apply to prompts. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces. */ inputStrength: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * List of modalities */ outputModalities?: pulumi.Input[]>; /** * The strength of the content filter to apply to model responses. As you increase the filter strength, the likelihood of filtering harmful content increases and the probability of seeing harmful content in your application reduces. */ outputStrength: pulumi.Input; /** * The harmful category that the content filter is applied to. */ type: pulumi.Input; } /** * Content policy config for a guardrail. */ interface GuardrailContentPolicyConfigArgs { /** * Guardrail tier config for content policy */ contentFiltersTierConfig?: pulumi.Input; /** * List of content filter configs in content policy. */ filtersConfig: pulumi.Input[]>; } /** * Guardrail tier config for content policy */ interface GuardrailContentPolicyConfigContentFiltersTierConfigPropertiesArgs { tierName: pulumi.Input; } /** * A config for grounding filter. */ interface GuardrailContextualGroundingFilterConfigArgs { /** * Specifies the action to take when content fails the contextual grounding evaluation. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ action?: pulumi.Input; /** * Specifies whether to enable contextual grounding evaluation. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ enabled?: pulumi.Input; /** * The threshold for this filter. */ threshold: pulumi.Input; /** * The filter details for the guardrails contextual grounding filter. */ type: pulumi.Input; } /** * Contextual grounding policy config for a guardrail. */ interface GuardrailContextualGroundingPolicyConfigArgs { /** * List of contextual grounding filter configs. */ filtersConfig: pulumi.Input[]>; } /** * The system-defined guardrail profile that you’re using with your guardrail */ interface GuardrailCrossRegionConfigArgs { /** * The Amazon Resource Name (ARN) of the guardrail profile */ guardrailProfileArn: pulumi.Input; } /** * A managed words config. */ interface GuardrailManagedWordsConfigArgs { /** * Specifies the action to take when harmful content is detected in the input. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * The managed word type to configure for the guardrail. */ type: pulumi.Input; } /** * Pii entity configuration. */ interface GuardrailPiiEntityConfigArgs { /** * Configure guardrail action when the PII entity is detected. */ action: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the input. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `ANONYMIZE` – Mask the content and replace it with identifier tags. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `ANONYMIZE` – Mask the content and replace it with identifier tags. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Indicates whether guardrail evaluation is enabled on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * Configure guardrail type when the PII entity is detected. * * The following PIIs are used to block or mask sensitive information: * * - *General* * * - *ADDRESS* * * A physical address, such as "100 Main Street, Anytown, USA" or "Suite #12, Building 123". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood. * - *AGE* * * An individual's age, including the quantity and unit of time. For example, in the phrase "I am 40 years old," Guardrails recognizes "40 years" as an age. * - *NAME* * * An individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. guardrails doesn't apply this entity type to names that are part of organizations or addresses. For example, guardrails recognizes the "John Doe Organization" as an organization, and it recognizes "Jane Doe Street" as an address. * - *EMAIL* * * An email address, such as *marymajor@email.com* . * - *PHONE* * * A phone number. This entity type also includes fax and pager numbers. * - *USERNAME* * * A user name that identifies an account, such as a login name, screen name, nick name, or handle. * - *PASSWORD* * * An alphanumeric string that is used as a password, such as "* *very20special#pass** ". * - *DRIVER_ID* * * The number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters. * - *LICENSE_PLATE* * * A license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country. * - *VEHICLE_IDENTIFICATION_NUMBER* * * A Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs. * - *Finance* * * - *CREDIT_DEBIT_CARD_CVV* * * A three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code. * - *CREDIT_DEBIT_CARD_EXPIRY* * * The expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . Guardrails recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* . * - *CREDIT_DEBIT_CARD_NUMBER* * * The number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present. * - *PIN* * * A four-digit personal identification number (PIN) with which you can access your bank account. * - *INTERNATIONAL_BANK_ACCOUNT_NUMBER* * * An International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) . * - *SWIFT_CODE* * * A SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers. * * SWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office. * - *IT* * * - *IP_ADDRESS* * * An IPv4 address, such as *198.51.100.0* . * - *MAC_ADDRESS* * * A *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC). * - *URL* * * A web address, such as *www.example.com* . * - *AWS_ACCESS_KEY* * * A unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically. * - *AWS_SECRET_KEY* * * A unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically. * - *USA specific* * * - *US_BANK_ACCOUNT_NUMBER* * * A US bank account number, which is typically 10 to 12 digits long. * - *US_BANK_ROUTING_NUMBER* * * A US bank account routing number. These are typically nine digits long, * - *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER* * * A US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a "9" and contain a "7" or "8" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits. * - *US_PASSPORT_NUMBER* * * A US passport number. Passport numbers range from six to nine alphanumeric characters. * - *US_SOCIAL_SECURITY_NUMBER* * * A US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents. * - *Canada specific* * * - *CA_HEALTH_NUMBER* * * A Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits. * - *CA_SOCIAL_INSURANCE_NUMBER* * * A Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits. * * The SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) . * - *UK Specific* * * - *UK_NATIONAL_HEALTH_SERVICE_NUMBER* * * A UK National Health Service Number is a 10-17 digit number, such as *485 777 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum. * - *UK_NATIONAL_INSURANCE_NUMBER* * * A UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system. * * The number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits. * - *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER* * * A UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business. * - *Custom* * * - *Regex filter* - You can use a regular expressions to define patterns for a guardrail to recognize and act upon such as serial number, booking ID etc.. */ type: pulumi.Input; } /** * A regex configuration. */ interface GuardrailRegexConfigArgs { /** * The guardrail action to configure when matching regular expression is detected. */ action: pulumi.Input; /** * The regex description. */ description?: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the input. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * The regex name. */ name: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * The regex pattern. */ pattern: pulumi.Input; } /** * Sensitive information policy config for a guardrail. */ interface GuardrailSensitiveInformationPolicyConfigArgs { /** * List of entities. */ piiEntitiesConfig?: pulumi.Input[]>; /** * List of regex. */ regexesConfig?: pulumi.Input[]>; } /** * Topic config in topic policy. */ interface GuardrailTopicConfigArgs { /** * Definition of topic in topic policy */ definition: pulumi.Input; /** * List of text examples */ examples?: pulumi.Input[]>; /** * Specifies the action to take when harmful content is detected in the input. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the input. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * Name of topic in topic policy */ name: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * Specifies to deny the topic. */ type: pulumi.Input; } /** * Topic policy config for a guardrail. */ interface GuardrailTopicPolicyConfigArgs { /** * List of topic configs in topic policy. */ topicsConfig: pulumi.Input[]>; /** * Guardrail tier config for topic policy */ topicsTierConfig?: pulumi.Input; } /** * Guardrail tier config for topic policy */ interface GuardrailTopicPolicyConfigTopicsTierConfigPropertiesArgs { tierName: pulumi.Input; } /** * A custom word config. */ interface GuardrailWordConfigArgs { /** * Specifies the action to take when harmful content is detected in the input. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ inputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the intput. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ inputEnabled?: pulumi.Input; /** * Specifies the action to take when harmful content is detected in the output. Supported values include: * * - `BLOCK` – Block the content and replace it with blocked messaging. * - `NONE` – Take no action but return detection information in the trace response. */ outputAction?: pulumi.Input; /** * Specifies whether to enable guardrail evaluation on the output. When disabled, you aren't charged for the evaluation. The evaluation doesn't appear in the response. */ outputEnabled?: pulumi.Input; /** * The custom word text. */ text: pulumi.Input; } /** * Word policy config for a guardrail. */ interface GuardrailWordPolicyConfigArgs { /** * A config for the list of managed words. */ managedWordListsConfig?: pulumi.Input[]>; /** * List of custom word configs. */ wordsConfig?: pulumi.Input[]>; } /** * Model configuration */ interface IntelligentPromptRouterPromptRouterTargetModelArgs { /** * Arn of underlying model which are added in the Prompt Router. */ modelArn: pulumi.Input; } /** * Represents the criteria used for routing requests. */ interface IntelligentPromptRouterRoutingCriteriaArgs { /** * The criteria's response quality difference. */ responseQualityDifference: pulumi.Input; } /** * Configure the audio configuration for multi modal ingestion. */ interface KnowledgeBaseAudioConfigurationArgs { segmentationConfiguration: pulumi.Input; } /** * Configure the audio segmentation configuration for multi modal ingestion. */ interface KnowledgeBaseAudioSegmentationConfigurationArgs { fixedLengthDuration: pulumi.Input; } /** * The vector configuration details for the Bedrock embeddings model. */ interface KnowledgeBaseBedrockEmbeddingModelConfigurationArgs { /** * Configuration settings for processing audio content in multimodal knowledge bases. */ audio?: pulumi.Input[]>; /** * The dimensions details for the vector configuration used on the Bedrock embeddings model. */ dimensions?: pulumi.Input; /** * The data type for the vectors when using a model to convert text into vector embeddings. */ embeddingDataType?: pulumi.Input; /** * Configuration settings for processing video content in multimodal knowledge bases. */ video?: pulumi.Input[]>; } /** * Contains details about the embeddings model used for the knowledge base. */ interface KnowledgeBaseConfigurationArgs { /** * Settings for an Amazon Kendra knowledge base. */ kendraKnowledgeBaseConfiguration?: pulumi.Input; /** * Specifies configurations for a knowledge base connected to an SQL database. */ sqlKnowledgeBaseConfiguration?: pulumi.Input; /** * The type of data that the data source is converted into for the knowledge base. */ type: pulumi.Input; /** * Contains details about the model that's used to convert the data source into vector embeddings. */ vectorKnowledgeBaseConfiguration?: pulumi.Input; } /** * Curated query or question and answer pair */ interface KnowledgeBaseCuratedQueryArgs { naturalLanguage: pulumi.Input; sql: pulumi.Input; } /** * The embeddings model configuration details for the vector model used in Knowledge Base. */ interface KnowledgeBaseEmbeddingModelConfigurationArgs { /** * The vector configuration details on the Bedrock embeddings model. */ bedrockEmbeddingModelConfiguration?: pulumi.Input; } /** * Configurations for a Kendra knowledge base */ interface KnowledgeBaseKendraKnowledgeBaseConfigurationArgs { /** * The ARN of the Amazon Kendra index. */ kendraIndexArn: pulumi.Input; } /** * Contains the storage configuration of the knowledge base in MongoDb Atlas Cloud. */ interface KnowledgeBaseMongoDbAtlasConfigurationArgs { /** * Name of the collection within MongoDB Atlas. */ collectionName: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon Mongo database. */ credentialsSecretArn: pulumi.Input; /** * Name of the database within MongoDB Atlas. */ databaseName: pulumi.Input; /** * MongoDB Atlas endpoint. */ endpoint: pulumi.Input; /** * MongoDB Atlas endpoint service name. */ endpointServiceName?: pulumi.Input; /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * Name of a MongoDB Atlas text index. */ textIndexName?: pulumi.Input; /** * Name of a MongoDB Atlas index. */ vectorIndexName: pulumi.Input; } /** * Contains the names of the fields to which to map information about the vector store. */ interface KnowledgeBaseMongoDbAtlasFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField: pulumi.Input; } /** * Contains the configurations to use Neptune Analytics as Vector Store. */ interface KnowledgeBaseNeptuneAnalyticsConfigurationArgs { /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * ARN for Neptune Analytics graph database. */ graphArn: pulumi.Input; } /** * A mapping of Bedrock Knowledge Base fields to Neptune Analytics fields. */ interface KnowledgeBaseNeptuneAnalyticsFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; } /** * Contains the storage configuration of the knowledge base in Amazon OpenSearch Service. */ interface KnowledgeBaseOpenSearchManagedClusterConfigurationArgs { /** * The Amazon Resource Name (ARN) of the OpenSearch domain. */ domainArn: pulumi.Input; /** * The endpoint URL the OpenSearch domain. */ domainEndpoint: pulumi.Input; /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * The name of the vector store. */ vectorIndexName: pulumi.Input; } /** * A mapping of Bedrock Knowledge Base fields to OpenSearch Managed Cluster field names */ interface KnowledgeBaseOpenSearchManagedClusterFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField: pulumi.Input; } /** * Contains the storage configuration of the knowledge base in Amazon OpenSearch Service. */ interface KnowledgeBaseOpenSearchServerlessConfigurationArgs { /** * The ARN of the OpenSearch Service vector store. */ collectionArn: pulumi.Input; /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * The name of the vector store. */ vectorIndexName: pulumi.Input; } /** * A mapping of Bedrock Knowledge Base fields to OpenSearch Serverless field names */ interface KnowledgeBaseOpenSearchServerlessFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField: pulumi.Input; } /** * Contains the storage configuration of the knowledge base in Pinecone. */ interface KnowledgeBasePineconeConfigurationArgs { /** * The endpoint URL for your index management page. */ connectionString: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager that is linked to your Pinecone API key. */ credentialsSecretArn: pulumi.Input; /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * The namespace to be used to write new data to your database. */ namespace?: pulumi.Input; } /** * Contains the names of the fields to which to map information about the vector store. */ interface KnowledgeBasePineconeFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; } /** * Redshift query generation column */ interface KnowledgeBaseQueryGenerationColumnArgs { description?: pulumi.Input; inclusion?: pulumi.Input; name?: pulumi.Input; } /** * Configurations for generating Redshift engine queries */ interface KnowledgeBaseQueryGenerationConfigurationArgs { /** * The time after which query generation will time out. */ executionTimeoutSeconds?: pulumi.Input; /** * Specifies configurations for context to use during query generation. */ generationContext?: pulumi.Input; } /** * Context used to improve query generation */ interface KnowledgeBaseQueryGenerationContextArgs { /** * An array of objects, each of which defines information about example queries to help the query engine generate appropriate SQL queries. */ curatedQueries?: pulumi.Input[]>; /** * An array of objects, each of which defines information about a table in the database. */ tables?: pulumi.Input[]>; } /** * Tables used for Redshift query generation context */ interface KnowledgeBaseQueryGenerationTableArgs { columns?: pulumi.Input[]>; description?: pulumi.Input; inclusion?: pulumi.Input; name: pulumi.Input; } /** * Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see Create a vector index in Amazon RDS. */ interface KnowledgeBaseRdsConfigurationArgs { /** * The ARN of the secret that you created in AWS Secrets Manager that is linked to your Amazon RDS database. */ credentialsSecretArn: pulumi.Input; /** * The name of your Amazon RDS database. */ databaseName: pulumi.Input; /** * Contains the names of the fields to which to map information about the vector store. */ fieldMapping: pulumi.Input; /** * The ARN of the vector store. */ resourceArn: pulumi.Input; /** * The name of the table in the database. */ tableName: pulumi.Input; } /** * Contains the names of the fields to which to map information about the vector store. */ interface KnowledgeBaseRdsFieldMappingArgs { /** * The name of the field in which Amazon Bedrock stores custom metadata about the vector store. */ customMetadataField?: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores metadata about the vector store. */ metadataField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the ID for each entry. */ primaryKeyField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the raw text from your data. The text is split according to the chunking strategy you choose. */ textField: pulumi.Input; /** * The name of the field in which Amazon Bedrock stores the vector embeddings for your data sources. */ vectorField: pulumi.Input; } /** * Configurations for a Redshift knowledge base */ interface KnowledgeBaseRedshiftConfigurationArgs { /** * Specifies configurations for an Amazon Redshift query engine. */ queryEngineConfiguration: pulumi.Input; /** * Specifies configurations for generating queries. */ queryGenerationConfiguration?: pulumi.Input; /** * Specifies configurations for Amazon Redshift database storage. */ storageConfigurations: pulumi.Input[]>; } /** * Configurations for Redshift query engine provisioned auth setup */ interface KnowledgeBaseRedshiftProvisionedAuthConfigurationArgs { /** * Redshift database user */ databaseUser?: pulumi.Input; /** * The type of authentication to use. */ type: pulumi.Input; /** * The ARN of an Secrets Manager secret for authentication. */ usernamePasswordSecretArn?: pulumi.Input; } /** * Configurations for provisioned Redshift query engine */ interface KnowledgeBaseRedshiftProvisionedConfigurationArgs { /** * Specifies configurations for authentication to Amazon Redshift. */ authConfiguration: pulumi.Input; /** * The ID of the Amazon Redshift cluster. */ clusterIdentifier: pulumi.Input; } /** * Configurations for Redshift query engine AWS Data Catalog backed storage */ interface KnowledgeBaseRedshiftQueryEngineAwsDataCatalogStorageConfigurationArgs { tableNames: pulumi.Input[]>; } /** * Configurations for Redshift query engine */ interface KnowledgeBaseRedshiftQueryEngineConfigurationArgs { /** * Specifies configurations for a provisioned Amazon Redshift query engine. */ provisionedConfiguration?: pulumi.Input; /** * Specifies configurations for a serverless Amazon Redshift query engine. */ serverlessConfiguration?: pulumi.Input; /** * The type of query engine. */ type: pulumi.Input; } /** * Configurations for Redshift query engine Redshift backed storage */ interface KnowledgeBaseRedshiftQueryEngineRedshiftStorageConfigurationArgs { databaseName: pulumi.Input; } /** * Configurations for available Redshift query engine storage types */ interface KnowledgeBaseRedshiftQueryEngineStorageConfigurationArgs { awsDataCatalogConfiguration?: pulumi.Input; redshiftConfiguration?: pulumi.Input; type: pulumi.Input; } /** * Configurations for Redshift query engine serverless auth setup */ interface KnowledgeBaseRedshiftServerlessAuthConfigurationArgs { /** * The type of authentication to use. */ type: pulumi.Input; /** * The ARN of an Secrets Manager secret for authentication. */ usernamePasswordSecretArn?: pulumi.Input; } /** * Configurations for serverless Redshift query engine */ interface KnowledgeBaseRedshiftServerlessConfigurationArgs { /** * Specifies configurations for authentication to an Amazon Redshift provisioned data warehouse. */ authConfiguration: pulumi.Input; /** * The ARN of the Amazon Redshift workgroup. */ workgroupArn: pulumi.Input; } /** * An Amazon S3 location. */ interface KnowledgeBaseS3LocationArgs { /** * The location's URI */ uri: pulumi.Input; } /** * Contains the storage configuration of the knowledge base for S3 vectors. */ interface KnowledgeBaseS3VectorsConfigurationArgs { /** * The Amazon Resource Name (ARN) of the vector index used for the knowledge base. This ARN identifies the specific vector index resource within Amazon Bedrock. */ indexArn?: pulumi.Input; /** * The name of the vector index used for the knowledge base. This name identifies the vector index within the Amazon Bedrock service. */ indexName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the S3 bucket where vector embeddings are stored. This bucket contains the vector data used by the knowledge base. */ vectorBucketArn?: pulumi.Input; } /** * Configurations for a SQL knowledge base */ interface KnowledgeBaseSqlKnowledgeBaseConfigurationArgs { /** * Specifies configurations for a knowledge base connected to an Amazon Redshift database. */ redshiftConfiguration?: pulumi.Input; /** * The type of SQL database to connect to the knowledge base. */ type: pulumi.Input; } /** * The vector store service in which the knowledge base is stored. */ interface KnowledgeBaseStorageConfigurationArgs { /** * Contains the storage configuration of the knowledge base in MongoDB Atlas. */ mongoDbAtlasConfiguration?: pulumi.Input; /** * Contains details about the Neptune Analytics configuration of the knowledge base in Amazon Neptune. For more information, see [Create a vector index in Amazon Neptune Analytics.](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-neptune.html) . */ neptuneAnalyticsConfiguration?: pulumi.Input; /** * Contains details about the storage configuration of the knowledge base in OpenSearch Managed Cluster. For more information, see [Create a vector index in Amazon OpenSearch Service](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-osm.html) . */ opensearchManagedClusterConfiguration?: pulumi.Input; /** * Contains the storage configuration of the knowledge base in Amazon OpenSearch Service. */ opensearchServerlessConfiguration?: pulumi.Input; /** * Contains the storage configuration of the knowledge base in Pinecone. */ pineconeConfiguration?: pulumi.Input; /** * Contains details about the storage configuration of the knowledge base in Amazon RDS. For more information, see [Create a vector index in Amazon RDS](https://docs.aws.amazon.com/bedrock/latest/userguide/knowledge-base-setup-rds.html) . */ rdsConfiguration?: pulumi.Input; /** * The configuration settings for storing knowledge base data using S3 vectors. This includes vector index information and S3 bucket details for vector storage. */ s3VectorsConfiguration?: pulumi.Input; /** * The vector store service in which the knowledge base is stored. */ type: pulumi.Input; } /** * Configurations for supplemental data storage. */ interface KnowledgeBaseSupplementalDataStorageConfigurationArgs { supplementalDataStorageLocations: pulumi.Input[]>; } /** * Supplemental data storage location. */ interface KnowledgeBaseSupplementalDataStorageLocationArgs { s3Location?: pulumi.Input; supplementalDataStorageLocationType: pulumi.Input; } /** * Contains details about the model used to create vector embeddings for the knowledge base. */ interface KnowledgeBaseVectorKnowledgeBaseConfigurationArgs { /** * The ARN of the model used to create vector embeddings for the knowledge base. */ embeddingModelArn: pulumi.Input; /** * The embeddings model configuration details for the vector model used in Knowledge Base. */ embeddingModelConfiguration?: pulumi.Input; /** * If you include multimodal data from your data source, use this object to specify configurations for the storage location of the images extracted from your documents. These images can be retrieved and returned to the end user. They can also be used in generation when using [RetrieveAndGenerate](https://docs.aws.amazon.com/bedrock/latest/APIReference/API_agent-runtime_RetrieveAndGenerate.html) . */ supplementalDataStorageConfiguration?: pulumi.Input; } /** * Configure the video configuration for multi modal ingestion. */ interface KnowledgeBaseVideoConfigurationArgs { segmentationConfiguration: pulumi.Input; } /** * Configure the video segmentation configuration for multi modal ingestion. */ interface KnowledgeBaseVideoSegmentationConfigurationArgs { fixedLengthDuration: pulumi.Input; } /** * Contains model-specific configurations */ interface PromptAdditionalModelRequestFieldsArgs { } /** * Target Agent to invoke with Prompt */ interface PromptAgentResourceArgs { /** * Arn representation of the Agent Alias. */ agentIdentifier: pulumi.Input; } /** * Any Tool choice */ interface PromptAnyToolChoiceArgs { } /** * Auto Tool choice */ interface PromptAutoToolChoiceArgs { } /** * CachePointBlock */ interface PromptCachePointBlockArgs { type: pulumi.Input; } /** * Configuration for chat prompt template */ interface PromptChatPromptTemplateConfigurationArgs { /** * List of input variables */ inputVariables?: pulumi.Input[]>; /** * List of messages for chat prompt template */ messages: pulumi.Input[]>; /** * Configuration for chat prompt template */ system?: pulumi.Input[]>; toolConfiguration?: pulumi.Input; } /** * Configuration for chat prompt template */ interface PromptContentBlock0PropertiesArgs { /** * Configuration for chat prompt template */ text: pulumi.Input; } /** * Configuration for chat prompt template */ interface PromptContentBlock1PropertiesArgs { cachePoint: pulumi.Input; } /** * Target resource to invoke with Prompt */ interface PromptGenAiResourcePropertiesArgs { agent: pulumi.Input; } /** * Model inference configuration */ interface PromptInferenceConfigurationPropertiesArgs { text: pulumi.Input; } /** * Input variable */ interface PromptInputVariableArgs { /** * Name for an input variable */ name?: pulumi.Input; } /** * Chat prompt Message */ interface PromptMessageArgs { /** * List of Content Blocks */ content: pulumi.Input[]>; role: pulumi.Input; } /** * Contains a key-value pair that defines a metadata tag and value to attach to a prompt variant. */ interface PromptMetadataEntryArgs { key: pulumi.Input; value: pulumi.Input; } /** * Prompt model inference configuration */ interface PromptModelInferenceConfigurationArgs { /** * Maximum length of output */ maxTokens?: pulumi.Input; /** * List of stop sequences */ stopSequences?: pulumi.Input[]>; /** * Controls randomness, higher values increase diversity */ temperature?: pulumi.Input; /** * Cumulative probability cutoff for token selection */ topP?: pulumi.Input; } /** * Specific Tool choice */ interface PromptSpecificToolChoiceArgs { /** * Tool name */ name: pulumi.Input; } /** * Configuration for chat prompt template */ interface PromptSystemContentBlock0PropertiesArgs { /** * Configuration for chat prompt template */ text: pulumi.Input; } /** * Configuration for chat prompt template */ interface PromptSystemContentBlock1PropertiesArgs { cachePoint: pulumi.Input; } /** * Prompt template configuration */ interface PromptTemplateConfiguration0PropertiesArgs { text: pulumi.Input; } /** * Prompt template configuration */ interface PromptTemplateConfiguration1PropertiesArgs { chat: pulumi.Input; } /** * Configuration for text prompt template */ interface PromptTextPromptTemplateConfigurationArgs { cachePoint?: pulumi.Input; /** * List of input variables */ inputVariables?: pulumi.Input[]>; /** * Prompt content for String prompt template */ text?: pulumi.Input; textS3Location?: pulumi.Input; } /** * The identifier for the S3 resource. */ interface PromptTextS3LocationArgs { /** * A bucket in S3 */ bucket: pulumi.Input; /** * A object key in S3 */ key: pulumi.Input; /** * The version of the the S3 object to use */ version?: pulumi.Input; } /** * Tool details */ interface PromptTool0PropertiesArgs { toolSpec: pulumi.Input; } /** * Tool details */ interface PromptTool1PropertiesArgs { cachePoint: pulumi.Input; } /** * Tool choice */ interface PromptToolChoice0PropertiesArgs { auto: pulumi.Input; } /** * Tool choice */ interface PromptToolChoice1PropertiesArgs { any: pulumi.Input; } /** * Tool choice */ interface PromptToolChoice2PropertiesArgs { tool: pulumi.Input; } /** * Tool configuration */ interface PromptToolConfigurationArgs { toolChoice?: pulumi.Input; /** * List of Tools */ tools: pulumi.Input[]>; } /** * Tool input schema json */ interface PromptToolInputSchemaPropertiesArgs { json: any; } /** * Tool specification */ interface PromptToolSpecificationArgs { description?: pulumi.Input; inputSchema: pulumi.Input; /** * Tool name */ name: pulumi.Input; } /** * Prompt variant */ interface PromptVariantArgs { /** * Contains model-specific inference configurations that aren't in the `inferenceConfiguration` field. To see model-specific inference parameters, see [Inference request parameters and response fields for foundation models](https://docs.aws.amazon.com/bedrock/latest/userguide/model-parameters.html) . */ additionalModelRequestFields?: pulumi.Input; /** * Specifies a generative AI resource with which to use the prompt. */ genAiResource?: pulumi.Input; /** * Contains inference configurations for the prompt variant. */ inferenceConfiguration?: pulumi.Input; /** * An array of objects, each containing a key-value pair that defines a metadata tag and value to attach to a prompt variant. */ metadata?: pulumi.Input[]>; /** * ARN or Id of a Bedrock Foundational Model or Inference Profile, or the ARN of a imported model, or a provisioned throughput ARN for custom models. */ modelId?: pulumi.Input; /** * Name for a variant. */ name: pulumi.Input; /** * Contains configurations for the prompt template. */ templateConfiguration: pulumi.Input; /** * The type of prompt template to use. */ templateType: pulumi.Input; } } export declare namespace bedrockagentcore { /** * Network configuration for browser */ interface BrowserCustomBrowserNetworkConfigurationArgs { /** * The network mode. */ networkMode: pulumi.Input; vpcConfig?: pulumi.Input; } /** * Browser signing configuration */ interface BrowserCustomBrowserSigningArgs { enabled?: pulumi.Input; } /** * Recording configuration for browser */ interface BrowserCustomRecordingConfigArgs { /** * The recording configuration for a browser. This structure defines how browser sessions are recorded. */ enabled?: pulumi.Input; /** * The S3 location. */ s3Location?: pulumi.Input; } /** * S3 Location Configuration */ interface BrowserCustomS3LocationArgs { /** * The S3 location bucket name. */ bucket: pulumi.Input; /** * The S3 location object prefix. */ prefix: pulumi.Input; } /** * Network mode configuration for VPC */ interface BrowserCustomVpcConfigArgs { securityGroups: pulumi.Input[]>; subnets: pulumi.Input[]>; } /** * Network configuration for code interpreter */ interface CodeInterpreterCustomCodeInterpreterNetworkConfigurationArgs { /** * The network mode. */ networkMode: pulumi.Input; vpcConfig?: pulumi.Input; } /** * Network mode configuration for VPC */ interface CodeInterpreterCustomVpcConfigArgs { securityGroups: pulumi.Input[]>; subnets: pulumi.Input[]>; } /** * The configuration for using Amazon Bedrock models in evaluator assessments. */ interface EvaluatorBedrockEvaluatorModelConfigArgs { /** * Additional model-specific request fields. */ additionalModelRequestFields?: any; inferenceConfig?: pulumi.Input; /** * The identifier of the Amazon Bedrock model to use for evaluation. */ modelId: pulumi.Input; } /** * A categorical rating scale option. */ interface EvaluatorCategoricalScaleDefinitionArgs { /** * The description that explains what this categorical rating represents. */ definition: pulumi.Input; /** * The label of this categorical rating option. */ label: pulumi.Input; } /** * The configuration for code-based evaluation using a Lambda function. */ interface EvaluatorCodeBasedEvaluatorConfigArgs { lambdaConfig: pulumi.Input; } /** * The configuration that defines how an evaluator assesses agent performance. */ interface EvaluatorConfigArgs { codeBased?: pulumi.Input; llmAsAJudge?: pulumi.Input; } /** * The inference configuration parameters that control model behavior during evaluation. */ interface EvaluatorInferenceConfigurationArgs { /** * The maximum number of tokens to generate in the model response. */ maxTokens?: pulumi.Input; /** * The temperature value that controls randomness in the model's responses. */ temperature?: pulumi.Input; /** * The top-p sampling parameter that controls the diversity of the model's responses. */ topP?: pulumi.Input; } /** * The Lambda function configuration for code-based evaluation. */ interface EvaluatorLambdaEvaluatorConfigArgs { /** * The ARN of the Lambda function used for evaluation. */ lambdaArn: pulumi.Input; /** * The timeout in seconds for the Lambda function invocation. */ lambdaTimeoutInSeconds?: pulumi.Input; } /** * The configuration for LLM-as-a-Judge evaluation. */ interface EvaluatorLlmAsAJudgeEvaluatorConfigArgs { /** * The evaluation instructions that guide the language model in assessing agent performance. */ instructions: pulumi.Input; modelConfig: pulumi.Input; ratingScale: pulumi.Input; } /** * The model configuration that specifies which foundation model to use for evaluation. */ interface EvaluatorModelConfigArgs { bedrockEvaluatorModelConfig: pulumi.Input; } /** * A numerical rating scale option. */ interface EvaluatorNumericalScaleDefinitionArgs { /** * The description that explains what this numerical rating represents. */ definition: pulumi.Input; /** * The label that describes this numerical rating option. */ label: pulumi.Input; /** * The numerical value for this rating scale option. */ value: pulumi.Input; } /** * The rating scale that defines how evaluators should score agent performance. */ interface EvaluatorRatingScaleArgs { categorical?: pulumi.Input[]>; numerical?: pulumi.Input[]>; } interface GatewayAuthorizerConfigurationPropertiesArgs { customJwtAuthorizer: pulumi.Input; } /** * The value or values in the custom claim to match and relationship of match */ interface GatewayAuthorizingClaimMatchValueTypeArgs { claimMatchOperator: pulumi.Input; claimMatchValue: pulumi.Input; } /** * The value or values in the custom claim to match for */ interface GatewayClaimMatchValueTypeArgs { matchValueString?: pulumi.Input; matchValueStringList?: pulumi.Input[]>; } /** * Required custom claim */ interface GatewayCustomClaimValidationTypeArgs { authorizingClaimMatchValue: pulumi.Input; inboundTokenClaimName: pulumi.Input; inboundTokenClaimValueType: pulumi.Input; } interface GatewayCustomJwtAuthorizerConfigurationArgs { allowedAudience?: pulumi.Input[]>; allowedClients?: pulumi.Input[]>; allowedScopes?: pulumi.Input[]>; customClaims?: pulumi.Input[]>; discoveryUrl: pulumi.Input; } interface GatewayInterceptorConfigurationArgs { inputConfiguration?: pulumi.Input; interceptionPoints: pulumi.Input[]>; interceptor: pulumi.Input; } interface GatewayInterceptorInputConfigurationArgs { passRequestHeaders: pulumi.Input; } interface GatewayLambdaInterceptorConfigurationArgs { arn: pulumi.Input; } interface GatewayMcpGatewayConfigurationArgs { instructions?: pulumi.Input; searchType?: pulumi.Input; supportedVersions?: pulumi.Input[]>; } /** * The configuration for a policy engine associated with a gateway. A policy engine is a collection of policies that evaluates and authorizes agent tool calls. When associated with a gateway, the policy engine intercepts all agent requests and determines whether to allow or deny each action based on the defined policies. */ interface GatewayPolicyEngineConfigurationArgs { /** * The ARN of the policy engine. The policy engine contains Cedar policies that define fine-grained authorization rules specifying who can perform what actions on which resources as agents interact through the gateway. */ arn: pulumi.Input; mode: pulumi.Input; } interface GatewayProtocolConfigurationPropertiesArgs { mcp: pulumi.Input; } interface GatewayTargetApiGatewayTargetConfigurationArgs { apiGatewayToolConfiguration: pulumi.Input; restApiId: pulumi.Input; stage: pulumi.Input; } interface GatewayTargetApiGatewayToolConfigurationArgs { toolFilters: pulumi.Input[]>; toolOverrides?: pulumi.Input[]>; } interface GatewayTargetApiGatewayToolFilterArgs { filterPath: pulumi.Input; methods: pulumi.Input[]>; } interface GatewayTargetApiGatewayToolOverrideArgs { description?: pulumi.Input; method: pulumi.Input; name: pulumi.Input; path: pulumi.Input; } interface GatewayTargetApiKeyCredentialProviderArgs { credentialLocation?: pulumi.Input; credentialParameterName?: pulumi.Input; credentialPrefix?: pulumi.Input; providerArn: pulumi.Input; } interface GatewayTargetApiSchemaConfiguration0PropertiesArgs { s3: pulumi.Input; } interface GatewayTargetApiSchemaConfiguration1PropertiesArgs { inlinePayload: pulumi.Input; } interface GatewayTargetCredentialProvider0PropertiesArgs { oauthCredentialProvider: pulumi.Input; } interface GatewayTargetCredentialProvider1PropertiesArgs { apiKeyCredentialProvider: pulumi.Input; } interface GatewayTargetCredentialProviderConfigurationArgs { /** * The credential provider for the gateway target. */ credentialProvider?: pulumi.Input; /** * The credential provider type for the gateway target. */ credentialProviderType: pulumi.Input; } interface GatewayTargetMcpLambdaTargetConfigurationArgs { lambdaArn: pulumi.Input; toolSchema: pulumi.Input; } interface GatewayTargetMcpServerTargetConfigurationArgs { endpoint: pulumi.Input; } interface GatewayTargetMcpTargetConfiguration0PropertiesArgs { openApiSchema: pulumi.Input; } interface GatewayTargetMcpTargetConfiguration1PropertiesArgs { smithyModel: pulumi.Input; } interface GatewayTargetMcpTargetConfiguration2PropertiesArgs { lambda: pulumi.Input; } interface GatewayTargetMcpTargetConfiguration3PropertiesArgs { mcpServer: pulumi.Input; } interface GatewayTargetMcpTargetConfiguration4PropertiesArgs { apiGateway: pulumi.Input; } interface GatewayTargetMetadataConfigurationArgs { allowedQueryParameters?: pulumi.Input[]>; allowedRequestHeaders?: pulumi.Input[]>; allowedResponseHeaders?: pulumi.Input[]>; } interface GatewayTargetOAuthCredentialProviderArgs { customParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Return URL for OAuth callback. */ defaultReturnUrl?: pulumi.Input; grantType?: pulumi.Input; providerArn: pulumi.Input; scopes: pulumi.Input[]>; } interface GatewayTargetS3ConfigurationArgs { bucketOwnerAccountId?: pulumi.Input; uri?: pulumi.Input; } interface GatewayTargetSchemaDefinitionArgs { description?: pulumi.Input; items?: pulumi.Input; properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; required?: pulumi.Input[]>; type: pulumi.Input; } interface GatewayTargetTargetConfigurationPropertiesArgs { mcp: pulumi.Input; } interface GatewayTargetToolDefinitionArgs { description: pulumi.Input; inputSchema: pulumi.Input; name: pulumi.Input; outputSchema?: pulumi.Input; } interface GatewayTargetToolSchema0PropertiesArgs { s3: pulumi.Input; } interface GatewayTargetToolSchema1PropertiesArgs { inlinePayload: pulumi.Input[]>; } interface InterceptorConfigurationPropertiesArgs { lambda: pulumi.Input; } interface MemoryContentConfigurationArgs { /** * The level of content detail to deliver */ level?: pulumi.Input; /** * The type of content to deliver */ type: pulumi.Input; } interface MemoryCustomConfigurationInputArgs { episodicOverride?: pulumi.Input; selfManagedConfiguration?: pulumi.Input; semanticOverride?: pulumi.Input; summaryOverride?: pulumi.Input; userPreferenceOverride?: pulumi.Input; } interface MemoryCustomMemoryStrategyArgs { configuration?: pulumi.Input; /** * Creation timestamp of the memory strategy */ createdAt?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; /** * Status of the memory strategy */ status?: pulumi.Input; /** * Unique identifier for the memory strategy */ strategyId?: pulumi.Input; /** * Type of memory strategy */ type?: pulumi.Input; /** * Last update timestamp of the memory strategy */ updatedAt?: pulumi.Input; } interface MemoryEpisodicMemoryStrategyArgs { /** * Creation timestamp of the memory strategy */ createdAt?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; reflectionConfiguration?: pulumi.Input; /** * Status of the memory strategy */ status?: pulumi.Input; /** * Unique identifier for the memory strategy */ strategyId?: pulumi.Input; /** * Type of memory strategy */ type?: pulumi.Input; /** * Last update timestamp of the memory strategy */ updatedAt?: pulumi.Input; } interface MemoryEpisodicOverrideArgs { consolidation?: pulumi.Input; extraction?: pulumi.Input; reflection?: pulumi.Input; } interface MemoryEpisodicOverrideConsolidationConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemoryEpisodicOverrideExtractionConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemoryEpisodicOverrideReflectionConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; } interface MemoryEpisodicReflectionConfigurationInputArgs { namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; } interface MemoryInvocationConfigurationInputArgs { payloadDeliveryBucketName?: pulumi.Input; topicArn?: pulumi.Input; } interface MemoryKinesisResourceArgs { contentConfigurations: pulumi.Input[]>; dataStreamArn: pulumi.Input; } interface MemoryMessageBasedTriggerInputArgs { messageCount?: pulumi.Input; } interface MemorySelfManagedConfigurationArgs { historicalContextWindowSize?: pulumi.Input; invocationConfiguration?: pulumi.Input; triggerConditions?: pulumi.Input[]>; } interface MemorySemanticMemoryStrategyArgs { /** * Creation timestamp of the memory strategy */ createdAt?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; /** * Status of the memory strategy */ status?: pulumi.Input; /** * Unique identifier for the memory strategy */ strategyId?: pulumi.Input; /** * Type of memory strategy */ type?: pulumi.Input; /** * Last update timestamp of the memory strategy */ updatedAt?: pulumi.Input; } interface MemorySemanticOverrideArgs { consolidation?: pulumi.Input; extraction?: pulumi.Input; } interface MemorySemanticOverrideConsolidationConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemorySemanticOverrideExtractionConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemoryStrategyArgs { customMemoryStrategy?: pulumi.Input; episodicMemoryStrategy?: pulumi.Input; semanticMemoryStrategy?: pulumi.Input; summaryMemoryStrategy?: pulumi.Input; userPreferenceMemoryStrategy?: pulumi.Input; } interface MemoryStreamDeliveryResourceArgs { kinesis?: pulumi.Input; } interface MemoryStreamDeliveryResourcesArgs { resources: pulumi.Input[]>; } interface MemorySummaryMemoryStrategyArgs { /** * Creation timestamp of the memory strategy */ createdAt?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; /** * Status of the memory strategy */ status?: pulumi.Input; /** * Unique identifier for the memory strategy */ strategyId?: pulumi.Input; /** * Type of memory strategy */ type?: pulumi.Input; /** * Last update timestamp of the memory strategy */ updatedAt?: pulumi.Input; } interface MemorySummaryOverrideArgs { consolidation?: pulumi.Input; } interface MemorySummaryOverrideConsolidationConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemoryTimeBasedTriggerInputArgs { idleSessionTimeout?: pulumi.Input; } interface MemoryTokenBasedTriggerInputArgs { tokenCount?: pulumi.Input; } interface MemoryTriggerConditionInputArgs { messageBasedTrigger?: pulumi.Input; timeBasedTrigger?: pulumi.Input; tokenBasedTrigger?: pulumi.Input; } interface MemoryUserPreferenceMemoryStrategyArgs { /** * Creation timestamp of the memory strategy */ createdAt?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; namespaceTemplates?: pulumi.Input[]>; namespaces?: pulumi.Input[]>; /** * Status of the memory strategy */ status?: pulumi.Input; /** * Unique identifier for the memory strategy */ strategyId?: pulumi.Input; /** * Type of memory strategy */ type?: pulumi.Input; /** * Last update timestamp of the memory strategy */ updatedAt?: pulumi.Input; } interface MemoryUserPreferenceOverrideArgs { consolidation?: pulumi.Input; extraction?: pulumi.Input; } interface MemoryUserPreferenceOverrideConsolidationConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } interface MemoryUserPreferenceOverrideExtractionConfigurationInputArgs { appendToPrompt: pulumi.Input; modelId: pulumi.Input; } /** * Input configuration for an Atlassian OAuth2 provider */ interface OAuth2CredentialProviderAtlassianOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * Input configuration for a custom OAuth2 provider */ interface OAuth2CredentialProviderCustomOauth2ProviderConfigInputArgs { /** * The client ID for the custom OAuth2 provider */ clientId: pulumi.Input; /** * The client secret for the custom OAuth2 provider */ clientSecret: pulumi.Input; oauthDiscovery: pulumi.Input; } /** * Input configuration for a GitHub OAuth2 provider */ interface OAuth2CredentialProviderGithubOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * Input configuration for a Google OAuth2 provider */ interface OAuth2CredentialProviderGoogleOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * Input configuration for a supported non-custom OAuth2 provider */ interface OAuth2CredentialProviderIncludedOauth2ProviderConfigInputArgs { /** * OAuth2 authorization endpoint for your isolated OAuth2 application tenant */ authorizationEndpoint?: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; /** * Token issuer of your isolated OAuth2 application tenant */ issuer?: pulumi.Input; /** * OAuth2 token endpoint for your isolated OAuth2 application tenant */ tokenEndpoint?: pulumi.Input; } /** * Input configuration for a LinkedIn OAuth2 provider */ interface OAuth2CredentialProviderLinkedinOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * Input configuration for a Microsoft OAuth2 provider */ interface OAuth2CredentialProviderMicrosoftOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; /** * The Microsoft Entra ID tenant ID */ tenantId?: pulumi.Input; } /** * Authorization server metadata for the OAuth2 provider */ interface OAuth2CredentialProviderOauth2AuthorizationServerMetadataArgs { /** * The authorization endpoint URL */ authorizationEndpoint: pulumi.Input; /** * The issuer URL for the OAuth2 authorization server */ issuer: pulumi.Input; /** * The supported response types */ responseTypes?: pulumi.Input[]>; /** * The token endpoint URL */ tokenEndpoint: pulumi.Input; } /** * Discovery information for an OAuth2 provider */ interface OAuth2CredentialProviderOauth2DiscoveryArgs { authorizationServerMetadata?: pulumi.Input; /** * The discovery URL for the OAuth2 provider */ discoveryUrl?: pulumi.Input; } /** * Input configuration for an OAuth2 provider */ interface OAuth2CredentialProviderOauth2ProviderConfigInputArgs { atlassianOauth2ProviderConfig?: pulumi.Input; customOauth2ProviderConfig?: pulumi.Input; githubOauth2ProviderConfig?: pulumi.Input; googleOauth2ProviderConfig?: pulumi.Input; includedOauth2ProviderConfig?: pulumi.Input; linkedinOauth2ProviderConfig?: pulumi.Input; microsoftOauth2ProviderConfig?: pulumi.Input; salesforceOauth2ProviderConfig?: pulumi.Input; slackOauth2ProviderConfig?: pulumi.Input; } /** * Input configuration for a Salesforce OAuth2 provider */ interface OAuth2CredentialProviderSalesforceOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * Input configuration for a Slack OAuth2 provider */ interface OAuth2CredentialProviderSlackOauth2ProviderConfigInputArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; } /** * The configuration for reading agent traces from CloudWatch logs. */ interface OnlineEvaluationConfigCloudWatchLogsInputConfigArgs { /** * The list of CloudWatch log group names to monitor for agent traces. */ logGroupNames: pulumi.Input[]>; /** * The list of service names to filter traces within the specified log groups. */ serviceNames: pulumi.Input[]>; } /** * The configuration that specifies where to read agent traces for online evaluation. */ interface OnlineEvaluationConfigDataSourceConfigArgs { cloudWatchLogs: pulumi.Input; } /** * The reference to an evaluator used in online evaluation configurations. */ interface OnlineEvaluationConfigEvaluatorReferenceArgs { /** * The unique identifier of the evaluator. */ evaluatorId: pulumi.Input; } /** * The filter that applies conditions to agent traces during online evaluation. */ interface OnlineEvaluationConfigFilterArgs { /** * The key or field name to filter on within the agent trace data. */ key: pulumi.Input; /** * The comparison operator to use for filtering. */ operator: pulumi.Input; value: pulumi.Input; } /** * The value used in filter comparisons. */ interface OnlineEvaluationConfigFilterValueArgs { /** * The boolean value for true/false filtering conditions. */ booleanValue?: pulumi.Input; /** * The numeric value for numerical filtering. */ doubleValue?: pulumi.Input; /** * The string value for text-based filtering. */ stringValue?: pulumi.Input; } /** * The evaluation rule that defines sampling configuration, filtering criteria, and session detection settings. */ interface OnlineEvaluationConfigRuleArgs { /** * The list of filters that determine which agent traces should be included in the evaluation. */ filters?: pulumi.Input[]>; samplingConfig: pulumi.Input; sessionConfig?: pulumi.Input; } /** * The configuration that controls what percentage of agent traces are sampled for evaluation. */ interface OnlineEvaluationConfigSamplingConfigArgs { /** * The percentage of agent traces to sample for evaluation. */ samplingPercentage: pulumi.Input; } /** * The configuration that defines how agent sessions are detected. */ interface OnlineEvaluationConfigSessionConfigArgs { /** * The number of minutes of inactivity after which an agent session is considered complete. */ sessionTimeoutMinutes: pulumi.Input; } /** * A Cedar policy statement within the AgentCore Policy system. */ interface PolicyCedarPolicyArgs { /** * The Cedar policy statement that defines the authorization logic. */ statement: pulumi.Input; } /** * The definition structure for policies. Encapsulates different policy formats. */ interface PolicyDefinitionArgs { cedar: pulumi.Input; } interface RuntimeAgentRuntimeArtifactArgs { codeConfiguration?: pulumi.Input; /** * Representation of a container configuration. */ containerConfiguration?: pulumi.Input; } /** * Configuration for the authorizer */ interface RuntimeAuthorizerConfigurationArgs { /** * Represents inbound authorization configuration options used to authenticate incoming requests. */ customJwtAuthorizer?: pulumi.Input; } /** * The value or values in the custom claim to match and relationship of match */ interface RuntimeAuthorizingClaimMatchValueTypeArgs { claimMatchOperator: pulumi.Input; claimMatchValue: pulumi.Input; } /** * The value or values in the custom claim to match for */ interface RuntimeClaimMatchValueTypeArgs { matchValueString?: pulumi.Input; matchValueStringList?: pulumi.Input[]>; } /** * Object represents source code from zip file */ interface RuntimeCodeArgs { s3?: pulumi.Input; } /** * Representation of a code configuration */ interface RuntimeCodeConfigurationArgs { code: pulumi.Input; entryPoint: pulumi.Input[]>; runtime: pulumi.Input; } interface RuntimeContainerConfigurationArgs { /** * The container Uri. */ containerUri: pulumi.Input; } /** * Required custom claim */ interface RuntimeCustomClaimValidationTypeArgs { authorizingClaimMatchValue: pulumi.Input; inboundTokenClaimName: pulumi.Input; inboundTokenClaimValueType: pulumi.Input; } /** * Configuration for custom JWT authorizer */ interface RuntimeCustomJwtAuthorizerConfigurationArgs { /** * Represents inbound authorization configuration options used to authenticate incoming requests. */ allowedAudience?: pulumi.Input[]>; /** * Represents individual client IDs that are validated in the incoming JWT token validation process. */ allowedClients?: pulumi.Input[]>; allowedScopes?: pulumi.Input[]>; customClaims?: pulumi.Input[]>; /** * The configuration authorization. */ discoveryUrl: pulumi.Input; } /** * Filesystem configuration for the runtime */ interface RuntimeFilesystemConfigurationArgs { sessionStorage?: pulumi.Input; } /** * Configuration for managing the lifecycle of runtime sessions and resources */ interface RuntimeLifecycleConfigurationArgs { /** * Timeout in seconds for idle runtime sessions */ idleRuntimeSessionTimeout?: pulumi.Input; /** * Maximum lifetime in seconds for runtime sessions */ maxLifetime?: pulumi.Input; } interface RuntimeNetworkConfigurationArgs { /** * The network mode. */ networkMode: pulumi.Input; networkModeConfig?: pulumi.Input; } /** * Configuration for HTTP request headers */ interface RuntimeRequestHeaderConfigurationArgs { requestHeaderAllowlist?: pulumi.Input[]>; } /** * S3 Location Configuration */ interface RuntimeS3LocationArgs { /** * S3 bucket name */ bucket: pulumi.Input; /** * S3 object key prefix */ prefix: pulumi.Input; /** * S3 object version ID */ versionId?: pulumi.Input; } /** * Configuration for session storage */ interface RuntimeSessionStorageConfigurationArgs { mountPath: pulumi.Input; } /** * Network mode configuration for VPC */ interface RuntimeVpcConfigArgs { securityGroups: pulumi.Input[]>; subnets: pulumi.Input[]>; } } export declare namespace bedrockmantle { } export declare namespace billing { /** * See [Expression](https://docs.aws.amazon.com/aws-cost-management/latest/APIReference/API_billing_Expression.html) . Billing view only supports `LINKED_ACCOUNT` and `Tags` . */ interface DataFilterExpressionPropertiesArgs { /** * The specific `Dimension` to use for `Expression` . */ dimensions?: pulumi.Input; /** * The specific `Tag` to use for `Expression` . */ tags?: pulumi.Input; timeRange?: pulumi.Input; } /** * The specific `Dimension` to use for `Expression` . */ interface DataFilterExpressionPropertiesDimensionsPropertiesArgs { key?: pulumi.Input; values?: pulumi.Input[]>; } /** * The specific `Tag` to use for `Expression` . */ interface DataFilterExpressionPropertiesTagsPropertiesArgs { key?: pulumi.Input; values?: pulumi.Input[]>; } interface DataFilterExpressionPropertiesTimeRangePropertiesArgs { beginDateInclusive?: pulumi.Input; endDateInclusive?: pulumi.Input; } } export declare namespace braket { /** * Defines a time range for spending limits, specifying when the limit is active. */ interface SpendingLimitTimePeriodArgs { /** * The end date and time for the spending limit period, in ISO 8601 format. */ endAt: pulumi.Input; /** * The start date and time for the spending limit period, in ISO 8601 format. */ startAt: pulumi.Input; } } export declare namespace budgets { interface BudgetsActionActionThresholdArgs { /** * The type of threshold for a notification. */ type: pulumi.Input; /** * The threshold of a notification. */ value: pulumi.Input; } interface BudgetsActionDefinitionArgs { /** * The AWS Identity and Access Management ( IAM ) action definition details. */ iamActionDefinition?: pulumi.Input; /** * The service control policies (SCP) action definition details. */ scpActionDefinition?: pulumi.Input; /** * The Amazon EC2 Systems Manager ( SSM ) action definition details. */ ssmActionDefinition?: pulumi.Input; } interface BudgetsActionIamActionDefinitionArgs { /** * A list of groups to be attached. There must be at least one group. */ groups?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the policy to be attached. */ policyArn: pulumi.Input; /** * A list of roles to be attached. There must be at least one role. */ roles?: pulumi.Input[]>; /** * A list of users to be attached. There must be at least one user. */ users?: pulumi.Input[]>; } interface BudgetsActionScpActionDefinitionArgs { /** * The policy ID attached. */ policyId: pulumi.Input; /** * A list of target IDs. */ targetIds: pulumi.Input[]>; } interface BudgetsActionSsmActionDefinitionArgs { /** * The EC2 and RDS instance IDs. */ instanceIds: pulumi.Input[]>; /** * The Region to run the ( SSM ) document. */ region: pulumi.Input; /** * The action subType. */ subtype: pulumi.Input; } interface BudgetsActionSubscriberArgs { /** * The address that AWS sends budget notifications to, either an SNS topic or an email. * * When you create a subscriber, the value of `Address` can't contain line breaks. */ address: pulumi.Input; /** * The type of notification that AWS sends to a subscriber. */ type: pulumi.Input; } } export declare namespace cases { /** * A boolean condition for a rule. */ interface CaseRuleBooleanCondition0PropertiesArgs { equalTo: pulumi.Input; } /** * A boolean condition for a rule. */ interface CaseRuleBooleanCondition1PropertiesArgs { notEqualTo: pulumi.Input; } /** * Boolean operands for a condition. */ interface CaseRuleBooleanOperandsArgs { operandOne: pulumi.Input; operandTwo: pulumi.Input; /** * The value of the outer rule if the condition evaluates to true. */ result: pulumi.Input; } /** * Defines the rule behavior and conditions. Specifies the rule type and the conditions under which it applies. In the Amazon Connect admin website, this corresponds to case field conditions. */ interface CaseRuleDetails0PropertiesArgs { required: pulumi.Input; } /** * Defines the rule behavior and conditions. Specifies the rule type and the conditions under which it applies. In the Amazon Connect admin website, this corresponds to case field conditions. */ interface CaseRuleDetails1PropertiesArgs { hidden: pulumi.Input; } /** * An empty operand value. */ interface CaseRuleEmptyOperandValueArgs { } /** * Hidden rule type, used to indicate whether a field is hidden */ interface CaseRuleHiddenCaseRuleArgs { /** * List of conditions for the hidden rule; the first condition to evaluate to true dictates the value of the rule */ conditions: pulumi.Input[]>; /** * The value of the rule (i.e. whether the field is hidden) should none of the conditions evaluate to true */ defaultValue: pulumi.Input; } /** * The left hand operand in the condition. */ interface CaseRuleOperandOnePropertiesArgs { /** * The field ID this operand should take the value of. */ fieldId: pulumi.Input; } /** * The right hand operand in the condition. */ interface CaseRuleOperandTwo0PropertiesArgs { /** * A string value to compare against the field value in the condition evaluation. */ stringValue: pulumi.Input; } /** * The right hand operand in the condition. */ interface CaseRuleOperandTwo1PropertiesArgs { /** * A boolean value to compare against the field value in the condition evaluation. */ booleanValue: pulumi.Input; } /** * The right hand operand in the condition. */ interface CaseRuleOperandTwo2PropertiesArgs { /** * A numeric value to compare against the field value in the condition evaluation. */ doubleValue: pulumi.Input; } /** * The right hand operand in the condition. */ interface CaseRuleOperandTwo3PropertiesArgs { emptyValue: pulumi.Input; } /** * A required rule type, used to indicate whether a field is required. */ interface CaseRuleRequiredCaseRuleArgs { /** * An ordered list of boolean conditions that determine when the field should be required. Conditions are evaluated in order, and the first condition that evaluates to true determines whether the field is required, overriding the default value. */ conditions: pulumi.Input[]>; /** * The default required state for the field when none of the specified conditions are met. If true, the field is required by default; if false, the field is optional by default. */ defaultValue: pulumi.Input; } /** * Union of field attributes */ interface FieldAttributesArgs { text?: pulumi.Input; } /** * Field attributes for Text field type */ interface FieldTextAttributesArgs { /** * Attribute that defines rendering component and validation */ isMultiline: pulumi.Input; } /** * Defines the field layout for the agent's case interface. Configures which fields appear in the top panel (immediately visible) and More Info tab (expandable section) of the case view, allowing customization of the agent experience. */ interface LayoutBasicLayoutArgs { moreInfo?: pulumi.Input; topPanel?: pulumi.Input; } /** * Defines the layout structure and field organization for the case interface. Specifies which fields appear in the top panel and More Info tab, and their display order. */ interface LayoutContentPropertiesArgs { basic: pulumi.Input; } /** * Consists of a group of fields and associated properties. */ interface LayoutFieldGroupArgs { /** * An ordered list of fields to display in this group. The order determines the sequence in which fields appear in the agent interface. Each field is referenced by its unique field ID. */ fields: pulumi.Input[]>; /** * A descriptive name for the field group. Helps organize related fields together in the layout interface. */ name?: pulumi.Input; } /** * Field specific properties. */ interface LayoutFieldItemArgs { /** * The unique identifier of a field. */ id: pulumi.Input; } /** * A section can be a grouped list of fields. */ interface LayoutSectionPropertiesArgs { fieldGroup: pulumi.Input; } /** * Sections within a panel or tab of the page layout. */ interface LayoutSectionsArgs { /** * Defines the sections within a panel or tab. Contains field groups that organize related fields together. */ sections?: pulumi.Input[]>; } /** * Specifies the default layout to use when displaying cases created from this template. The layout determines which fields are visible and their arrangement in the agent interface. */ interface TemplateLayoutConfigurationArgs { /** * The unique identifier of a layout. */ defaultLayout?: pulumi.Input; } /** * Wrapper object containing a field identifier */ interface TemplateRequiredFieldArgs { /** * The unique identifier of a field. */ fieldId: pulumi.Input; } /** * Links a case rule to a specific field within this template. When specified, the rule's conditions will be evaluated for the associated field, controlling behavior like required status, visibility, or available options. */ interface TemplateRuleArgs { /** * The unique identifier of a case rule. */ caseRuleId: pulumi.Input; /** * The ID of the field that this rule applies to. */ fieldId?: pulumi.Input; } } export declare namespace cassandra { interface KeyspaceReplicationSpecificationArgs { /** * Specifies the AWS Regions that the keyspace is replicated in. You must specify at least two Regions, including the Region that the keyspace is being created in. * * To specify a Region [that's disabled by default](https://docs.aws.amazon.com/accounts/latest/reference/manage-acct-regions.html#rande-manage-enable) , you must first enable the Region. For more information, see [Multi-Region replication in AWS Regions disabled by default](https://docs.aws.amazon.com/keyspaces/latest/devguide/multiRegion-replication_how-it-works.html#howitworks_mrr_opt_in) in the *Amazon Keyspaces Developer Guide* . */ regionList?: pulumi.Input[]>; /** * The options are: * * - `SINGLE_REGION` (optional) * - `MULTI_REGION` * * If no value is specified, the default is `SINGLE_REGION` . If `MULTI_REGION` is specified, `RegionList` is required. */ replicationStrategy?: pulumi.Input; } /** * Represents configuration for auto scaling. */ interface TableAutoScalingSettingArgs { /** * This optional parameter enables auto scaling for the table if set to `false` . */ autoScalingDisabled?: pulumi.Input; /** * Manage costs by specifying the maximum amount of throughput to provision. The value must be between 1 and the max throughput per second quota for your account (40,000 by default). */ maximumUnits?: pulumi.Input; /** * The minimum level of throughput the table should always be ready to support. The value must be between 1 and the max throughput per second quota for your account (40,000 by default). */ minimumUnits?: pulumi.Input; /** * Amazon Keyspaces supports the `target tracking` auto scaling policy. With this policy, Amazon Keyspaces auto scaling ensures that the table's ratio of consumed to provisioned capacity stays at or near the target value that you specify. You define the target value as a percentage between 20 and 90. */ scalingPolicy?: pulumi.Input; } /** * Represents the read and write settings used for AutoScaling. */ interface TableAutoScalingSpecificationArgs { /** * The auto scaling settings for the table's read capacity. */ readCapacityAutoScaling?: pulumi.Input; /** * The auto scaling settings for the table's write capacity. */ writeCapacityAutoScaling?: pulumi.Input; } interface TableBillingModeArgs { /** * The billing mode for the table: * * - On-demand mode - `ON_DEMAND` * - Provisioned mode - `PROVISIONED` * * > If you choose `PROVISIONED` mode, then you also need to specify provisioned throughput (read and write capacity) for the table. * * Valid values: `ON_DEMAND` | `PROVISIONED` */ mode: pulumi.Input; /** * The provisioned read capacity and write capacity for the table. For more information, see [Provisioned throughput capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html#ReadWriteCapacityMode.Provisioned) in the *Amazon Keyspaces Developer Guide* . */ provisionedThroughput?: pulumi.Input; } /** * Represents the CDC configuration for the table */ interface TableCdcSpecificationArgs { /** * The status of the CDC stream. You can enable or disable a stream for a table. */ status: pulumi.Input; /** * An array of key-value pairs to apply to the CDC stream resource */ tags?: pulumi.Input[]>; /** * The view type specifies the changes Amazon Keyspaces records for each changed row in the stream. After you create the stream, you can't make changes to this selection. * * The options are: * * - `NEW_AND_OLD_IMAGES` - both versions of the row, before and after the change. This is the default. * - `NEW_IMAGE` - the version of the row after the change. * - `OLD_IMAGE` - the version of the row before the change. * - `KEYS_ONLY` - the partition and clustering keys of the row that was changed. */ viewType?: pulumi.Input; } interface TableClusteringKeyColumnArgs { /** * The name and data type of this clustering key column. */ column: pulumi.Input; /** * The order in which this column's data is stored: * * - `ASC` (default) - The column's data is stored in ascending order. * - `DESC` - The column's data is stored in descending order. */ orderBy?: pulumi.Input; } interface TableColumnArgs { /** * The name of the column. For more information, see [Identifiers](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.elements.identifier) in the *Amazon Keyspaces Developer Guide* . */ columnName: pulumi.Input; /** * The data type of the column. For more information, see [Data types](https://docs.aws.amazon.com/keyspaces/latest/devguide/cql.elements.html#cql.data-types) in the *Amazon Keyspaces Developer Guide* . */ columnType: pulumi.Input; } /** * Represents the settings used to enable server-side encryption */ interface TableEncryptionSpecificationArgs { /** * The encryption at rest options for the table. * * - *AWS owned key* (default) - `AWS_OWNED_KMS_KEY` * - *Customer managed key* - `CUSTOMER_MANAGED_KMS_KEY` * * > If you choose `CUSTOMER_MANAGED_KMS_KEY` , a `kms_key_identifier` in the format of a key ARN is required. * * Valid values: `CUSTOMER_MANAGED_KMS_KEY` | `AWS_OWNED_KMS_KEY` . */ encryptionType: pulumi.Input; /** * Requires a `kms_key_identifier` in the format of a key ARN. */ kmsKeyIdentifier?: pulumi.Input; } /** * Throughput for the specified table, which consists of values for ReadCapacityUnits and WriteCapacityUnits */ interface TableProvisionedThroughputArgs { /** * The amount of read capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* . */ readCapacityUnits: pulumi.Input; /** * The amount of write capacity that's provisioned for the table. For more information, see [Read/write capacity mode](https://docs.aws.amazon.com/keyspaces/latest/devguide/ReadWriteCapacityMode.html) in the *Amazon Keyspaces Developer Guide* . */ writeCapacityUnits: pulumi.Input; } /** * Represents replica specifications. */ interface TableReplicaSpecificationArgs { /** * The read capacity auto scaling settings for the multi-Region table in the specified AWS Region. */ readCapacityAutoScaling?: pulumi.Input; /** * The provisioned read capacity units for the multi-Region table in the specified AWS Region. */ readCapacityUnits?: pulumi.Input; /** * The AWS Region. */ region: pulumi.Input; } /** * Represents scaling policy. */ interface TableScalingPolicyArgs { /** * The auto scaling policy that scales a table based on the ratio of consumed to provisioned capacity. */ targetTrackingScalingPolicyConfiguration?: pulumi.Input; } /** * A key-value pair to apply to the resource */ interface TableTagArgs { /** * The key of the tag. Tag keys are case sensitive. Each Amazon Keyspaces resource can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value. */ key: pulumi.Input; /** * The value of the tag. Tag values are case-sensitive and can be null. */ value: pulumi.Input; } /** * Represents configuration for target tracking scaling policy. */ interface TableTargetTrackingScalingPolicyConfigurationArgs { /** * Specifies if `scale-in` is enabled. * * When auto scaling automatically decreases capacity for a table, the table *scales in* . When scaling policies are set, they can't scale in the table lower than its minimum capacity. */ disableScaleIn?: pulumi.Input; /** * Specifies a `scale-in` cool down period. * * A cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts. */ scaleInCooldown?: pulumi.Input; /** * Specifies a scale out cool down period. * * A cooldown period in seconds between scaling activities that lets the table stabilize before another scaling activity starts. */ scaleOutCooldown?: pulumi.Input; /** * Specifies the target value for the target tracking auto scaling policy. * * Amazon Keyspaces auto scaling scales up capacity automatically when traffic exceeds this target utilization rate, and then back down when it falls below the target. This ensures that the ratio of consumed capacity to provisioned capacity stays at or near this value. You define `targetValue` as a percentage. An `integer` between 20 and 90. */ targetValue: pulumi.Input; } /** * Warm throughput configuration for the table */ interface TableWarmThroughputArgs { readUnitsPerSecond?: pulumi.Input; writeUnitsPerSecond?: pulumi.Input; } interface TypeFieldArgs { /** * The name of the field. */ fieldName: pulumi.Input; /** * The data type of the field. This can be any Cassandra data type or another user-defined type. */ fieldType: pulumi.Input; } } export declare namespace ce { interface AnomalySubscriptionSubscriberArgs { /** * The email address or SNS Topic Amazon Resource Name (ARN), depending on the `Type` . */ address: pulumi.Input; /** * Indicates if the subscriber accepts the notifications. */ status?: pulumi.Input; /** * The notification delivery channel. */ type: pulumi.Input; } } export declare namespace certificatemanager { interface AccountExpiryEventsConfigurationArgs { /** * This option specifies the number of days prior to certificate expiration when ACM starts generating `EventBridge` events. ACM sends one event per day per certificate until the certificate expires. By default, accounts receive events starting 45 days before certificate expiration. */ daysBeforeExpiry?: pulumi.Input; } } export declare namespace chatbot { interface CustomActionAttachmentArgs { /** * The text of the button that appears on the notification. */ buttonText?: pulumi.Input; /** * The criteria for when a button should be shown based on values in the notification. */ criteria?: pulumi.Input[]>; /** * The type of notification that the custom action should be attached to. */ notificationType?: pulumi.Input; /** * The variables to extract from the notification. */ variables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface CustomActionAttachmentCriteriaArgs { /** * The operation to perform on the named variable. */ operator: pulumi.Input; /** * A value that is compared with the actual value of the variable based on the behavior of the operator. */ value?: pulumi.Input; /** * The name of the variable to operate on. */ variableName: pulumi.Input; } interface CustomActionDefinitionArgs { /** * The command string to run which may include variables by prefixing with a dollar sign ($). */ commandText: pulumi.Input; } } export declare namespace cleanrooms { interface AnalysisTemplateAnalysisParameterArgs { /** * Optional. The default value that is applied in the analysis template. The member who can query can override this value in the query editor. */ defaultValue?: pulumi.Input; /** * The name of the parameter. The name must use only alphanumeric, underscore (_), or hyphen (-) characters but cannot start or end with a hyphen. */ name: pulumi.Input; /** * The type of parameter. */ type: pulumi.Input; } interface AnalysisTemplateAnalysisSchemaArgs { /** * The tables referenced in the analysis schema. */ referencedTables: pulumi.Input[]>; } interface AnalysisTemplateAnalysisSource0PropertiesArgs { text: pulumi.Input; } interface AnalysisTemplateAnalysisSource1PropertiesArgs { artifacts: pulumi.Input; } interface AnalysisTemplateAnalysisSourceMetadataPropertiesArgs { artifacts: pulumi.Input; } interface AnalysisTemplateArtifactArgs { location: pulumi.Input; } interface AnalysisTemplateArtifactMetadataArgs { additionalArtifactHashes?: pulumi.Input[]>; entryPointHash: pulumi.Input; } interface AnalysisTemplateArtifactsArgs { additionalArtifacts?: pulumi.Input[]>; entryPoint: pulumi.Input; roleArn: pulumi.Input; } interface AnalysisTemplateColumnClassificationDetailsArgs { columnMapping: pulumi.Input[]>; } interface AnalysisTemplateErrorMessageConfigurationArgs { /** * The level of detail for error messages returned by the PySpark job. When set to DETAILED, error messages include more information to help troubleshoot issues with your PySpark job. * * Because this setting may expose sensitive data, it is recommended for development and testing environments. */ type: pulumi.Input; } interface AnalysisTemplateHashArgs { sha256?: pulumi.Input; } interface AnalysisTemplateMlSyntheticDataParametersArgs { columnClassification: pulumi.Input; epsilon: pulumi.Input; maxMembershipInferenceAttackScore: pulumi.Input; } interface AnalysisTemplateS3LocationArgs { bucket: pulumi.Input; key: pulumi.Input; } interface AnalysisTemplateSyntheticDataColumnPropertiesArgs { columnName: pulumi.Input; columnType: pulumi.Input; isPredictiveValue: pulumi.Input; } interface AnalysisTemplateSyntheticDataParametersPropertiesArgs { mlSyntheticDataParameters: pulumi.Input; } interface CollaborationDataEncryptionMetadataArgs { /** * Indicates whether encrypted tables can contain cleartext data ( `TRUE` ) or are to cryptographically process every column ( `FALSE` ). */ allowCleartext: pulumi.Input; /** * Indicates whether Fingerprint columns can contain duplicate entries ( `TRUE` ) or are to contain only non-repeated values ( `FALSE` ). */ allowDuplicates: pulumi.Input; /** * Indicates whether Fingerprint columns can be joined on any other Fingerprint column with a different name ( `TRUE` ) or can only be joined on Fingerprint columns of the same name ( `FALSE` ). */ allowJoinsOnColumnsWithDifferentNames: pulumi.Input; /** * Indicates whether NULL values are to be copied as NULL to encrypted tables ( `TRUE` ) or cryptographically processed ( `FALSE` ). */ preserveNulls: pulumi.Input; } interface CollaborationJobComputePaymentConfigArgs { /** * Indicates whether the collaboration creator has configured the collaboration member to pay for query and job compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query and job compute costs ( `FALSE` ). * * Exactly one member can be configured to pay for query and job compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration. * * An error is returned if the collaboration creator sets a `FALSE` value for the member who can run queries and jobs. */ isResponsible: pulumi.Input; } interface CollaborationMemberSpecificationArgs { /** * The identifier used to reference members of the collaboration. Currently only supports AWS account ID. */ accountId: pulumi.Input; /** * The member's display name. */ displayName: pulumi.Input; /** * The abilities granted to the collaboration member. * * *Allowed Values* : `CAN_QUERY` | `CAN_RECEIVE_RESULTS` */ memberAbilities?: pulumi.Input[]>; /** * The ML abilities granted to the collaboration member. */ mlMemberAbilities?: pulumi.Input; /** * The collaboration member's payment responsibilities set by the collaboration creator. * * If the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. */ paymentConfiguration?: pulumi.Input; } interface CollaborationMlMemberAbilitiesArgs { /** * The custom ML member abilities for a collaboration member. */ customMlMemberAbilities: pulumi.Input[]>; } interface CollaborationMlPaymentConfigArgs { /** * The payment responsibilities accepted by the member for model inference. */ modelInference?: pulumi.Input; /** * The payment responsibilities accepted by the member for model training. */ modelTraining?: pulumi.Input; /** * The payment configuration for machine learning synthetic data generation. */ syntheticDataGeneration?: pulumi.Input; } interface CollaborationModelInferencePaymentConfigArgs { /** * Indicates whether the collaboration creator has configured the collaboration member to pay for model inference costs ( `TRUE` ) or has not configured the collaboration member to pay for model inference costs ( `FALSE` ). * * Exactly one member can be configured to pay for model inference costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration. * * If the collaboration creator hasn't specified anyone as the member paying for model inference costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query. */ isResponsible: pulumi.Input; } interface CollaborationModelTrainingPaymentConfigArgs { /** * Indicates whether the collaboration creator has configured the collaboration member to pay for model training costs ( `TRUE` ) or has not configured the collaboration member to pay for model training costs ( `FALSE` ). * * Exactly one member can be configured to pay for model training costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration. * * If the collaboration creator hasn't specified anyone as the member paying for model training costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query. */ isResponsible: pulumi.Input; } interface CollaborationPaymentConfigurationArgs { /** * The compute configuration for the job. */ jobCompute?: pulumi.Input; /** * An object representing the collaboration member's machine learning payment responsibilities set by the collaboration creator. */ machineLearning?: pulumi.Input; /** * The collaboration member's payment responsibilities set by the collaboration creator for query compute costs. */ queryCompute: pulumi.Input; } interface CollaborationQueryComputePaymentConfigArgs { /** * Indicates whether the collaboration creator has configured the collaboration member to pay for query compute costs ( `TRUE` ) or has not configured the collaboration member to pay for query compute costs ( `FALSE` ). * * Exactly one member can be configured to pay for query compute costs. An error is returned if the collaboration creator sets a `TRUE` value for more than one member in the collaboration. * * If the collaboration creator hasn't specified anyone as the member paying for query compute costs, then the member who can query is the default payer. An error is returned if the collaboration creator sets a `FALSE` value for the member who can query. */ isResponsible: pulumi.Input; } interface CollaborationSyntheticDataGenerationPaymentConfigArgs { /** * Indicates who is responsible for paying for synthetic data generation. */ isResponsible: pulumi.Input; } interface ConfiguredTableAggregateColumnArgs { columnNames: pulumi.Input[]>; function: pulumi.Input; } interface ConfiguredTableAggregationConstraintArgs { columnName: pulumi.Input; minimum: pulumi.Input; type: pulumi.Input; } interface ConfiguredTableAnalysisRuleArgs { /** * A policy that describes the associated data usage limitations. */ policy: pulumi.Input; /** * The type of analysis rule. */ type: pulumi.Input; } interface ConfiguredTableAnalysisRuleAggregationArgs { additionalAnalyses?: pulumi.Input; aggregateColumns: pulumi.Input[]>; allowedJoinOperators?: pulumi.Input[]>; dimensionColumns: pulumi.Input[]>; joinColumns: pulumi.Input[]>; joinRequired?: pulumi.Input; outputConstraints: pulumi.Input[]>; scalarFunctions: pulumi.Input[]>; } interface ConfiguredTableAnalysisRuleCustomArgs { additionalAnalyses?: pulumi.Input; allowedAnalyses: pulumi.Input[]>; allowedAnalysisProviders?: pulumi.Input[]>; differentialPrivacy?: pulumi.Input; disallowedOutputColumns?: pulumi.Input[]>; } interface ConfiguredTableAnalysisRuleListArgs { additionalAnalyses?: pulumi.Input; allowedJoinOperators?: pulumi.Input[]>; joinColumns: pulumi.Input[]>; listColumns: pulumi.Input[]>; } interface ConfiguredTableAnalysisRulePolicyArgs { /** * Controls on the query specifications that can be run on a configured table. */ v1: pulumi.Input; } interface ConfiguredTableAnalysisRulePolicyV10PropertiesArgs { list: pulumi.Input; } interface ConfiguredTableAnalysisRulePolicyV11PropertiesArgs { aggregation: pulumi.Input; } interface ConfiguredTableAnalysisRulePolicyV12PropertiesArgs { custom: pulumi.Input; } interface ConfiguredTableAssociationAnalysisRuleArgs { /** * The policy of the configured table association analysis rule. */ policy: pulumi.Input; /** * The type of the configured table association analysis rule. */ type: pulumi.Input; } interface ConfiguredTableAssociationAnalysisRuleAggregationArgs { allowedAdditionalAnalyses?: pulumi.Input[]>; allowedResultReceivers?: pulumi.Input[]>; } interface ConfiguredTableAssociationAnalysisRuleCustomArgs { allowedAdditionalAnalyses?: pulumi.Input[]>; allowedResultReceivers?: pulumi.Input[]>; } interface ConfiguredTableAssociationAnalysisRuleListArgs { allowedAdditionalAnalyses?: pulumi.Input[]>; allowedResultReceivers?: pulumi.Input[]>; } interface ConfiguredTableAssociationAnalysisRulePolicyArgs { /** * The policy for the configured table association analysis rule. */ v1: pulumi.Input; } interface ConfiguredTableAssociationAnalysisRulePolicyV10PropertiesArgs { list: pulumi.Input; } interface ConfiguredTableAssociationAnalysisRulePolicyV11PropertiesArgs { aggregation: pulumi.Input; } interface ConfiguredTableAssociationAnalysisRulePolicyV12PropertiesArgs { custom: pulumi.Input; } interface ConfiguredTableAthenaTableReferenceArgs { catalogName?: pulumi.Input; databaseName: pulumi.Input; outputLocation?: pulumi.Input; region?: pulumi.Input; tableName: pulumi.Input; workGroup: pulumi.Input; } interface ConfiguredTableDifferentialPrivacyArgs { columns: pulumi.Input[]>; } interface ConfiguredTableDifferentialPrivacyColumnArgs { name: pulumi.Input; } interface ConfiguredTableGlueTableReferenceArgs { databaseName: pulumi.Input; region?: pulumi.Input; tableName: pulumi.Input; } interface ConfiguredTableSnowflakeTableReferenceArgs { accountIdentifier: pulumi.Input; databaseName: pulumi.Input; schemaName: pulumi.Input; secretArn: pulumi.Input; tableName: pulumi.Input; tableSchema: pulumi.Input; } interface ConfiguredTableSnowflakeTableSchemaPropertiesArgs { v1: pulumi.Input[]>; } interface ConfiguredTableSnowflakeTableSchemaV1Args { columnName: pulumi.Input; columnType: pulumi.Input; } interface ConfiguredTableTableReference0PropertiesArgs { glue: pulumi.Input; } interface ConfiguredTableTableReference1PropertiesArgs { snowflake: pulumi.Input; } interface ConfiguredTableTableReference2PropertiesArgs { athena: pulumi.Input; } interface IdMappingTableInputReferenceConfigArgs { /** * The Amazon Resource Name (ARN) of the referenced resource in AWS Entity Resolution . Valid values are ID mapping workflow ARNs. */ inputReferenceArn: pulumi.Input; /** * When `TRUE` , AWS Clean Rooms manages permissions for the ID mapping table resource. * * When `FALSE` , the resource owner manages permissions for the ID mapping table resource. */ manageResourcePolicies: pulumi.Input; } interface IdNamespaceAssociationIdMappingConfigArgs { /** * An indicator as to whether you can use your column as a dimension column in the ID mapping table ( `TRUE` ) or not ( `FALSE` ). * * Default is `FALSE` . */ allowUseAsDimensionColumn: pulumi.Input; } interface IdNamespaceAssociationInputReferenceConfigArgs { /** * The Amazon Resource Name (ARN) of the AWS Entity Resolution resource that is being associated to the collaboration. Valid resource ARNs are from the ID namespaces that you own. */ inputReferenceArn: pulumi.Input; /** * When `TRUE` , AWS Clean Rooms manages permissions for the ID namespace association resource. * * When `FALSE` , the resource owner manages permissions for the ID namespace association resource. */ manageResourcePolicies: pulumi.Input; } interface MembershipJobComputePaymentConfigArgs { /** * Indicates whether the collaboration member has accepted to pay for job compute costs ( `TRUE` ) or has not accepted to pay for query and job compute costs ( `FALSE` ). * * There is only one member who pays for queries and jobs. * * An error message is returned for the following reasons: * * - If you set the value to `FALSE` but you are responsible to pay for query and job compute costs. * - If you set the value to `TRUE` but you are not responsible to pay for query and job compute costs. */ isResponsible: pulumi.Input; } interface MembershipMlPaymentConfigArgs { /** * The payment responsibilities accepted by the member for model inference. */ modelInference?: pulumi.Input; /** * The payment responsibilities accepted by the member for model training. */ modelTraining?: pulumi.Input; /** * The payment configuration for synthetic data generation for this machine learning membership. */ syntheticDataGeneration?: pulumi.Input; } interface MembershipModelInferencePaymentConfigArgs { /** * Indicates whether the collaboration member has accepted to pay for model inference costs ( `TRUE` ) or has not accepted to pay for model inference costs ( `FALSE` ). * * If the collaboration creator has not specified anyone to pay for model inference costs, then the member who can query is the default payer. * * An error message is returned for the following reasons: * * - If you set the value to `FALSE` but you are responsible to pay for model inference costs. * - If you set the value to `TRUE` but you are not responsible to pay for model inference costs. */ isResponsible: pulumi.Input; } interface MembershipModelTrainingPaymentConfigArgs { /** * Indicates whether the collaboration member has accepted to pay for model training costs ( `TRUE` ) or has not accepted to pay for model training costs ( `FALSE` ). * * If the collaboration creator has not specified anyone to pay for model training costs, then the member who can query is the default payer. * * An error message is returned for the following reasons: * * - If you set the value to `FALSE` but you are responsible to pay for model training costs. * - If you set the value to `TRUE` but you are not responsible to pay for model training costs. */ isResponsible: pulumi.Input; } interface MembershipPaymentConfigurationArgs { /** * The payment responsibilities accepted by the collaboration member for job compute costs. */ jobCompute?: pulumi.Input; /** * The payment responsibilities accepted by the collaboration member for machine learning costs. */ machineLearning?: pulumi.Input; /** * The payment responsibilities accepted by the collaboration member for query compute costs. */ queryCompute: pulumi.Input; } interface MembershipProtectedJobOutputConfigurationArgs { /** * Contains the configuration to write the job results to S3. */ s3: pulumi.Input; } interface MembershipProtectedJobResultConfigurationArgs { /** * The output configuration for a protected job result. */ outputConfiguration: pulumi.Input; /** * The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected job results to the result location, given by the member who can receive results. */ roleArn: pulumi.Input; } interface MembershipProtectedJobS3OutputConfigurationInputArgs { /** * The S3 bucket for job output. */ bucket: pulumi.Input; /** * The S3 prefix to unload the protected job results. */ keyPrefix?: pulumi.Input; } interface MembershipProtectedQueryOutputConfigurationArgs { /** * Required configuration for a protected query with an `s3` output type. */ s3: pulumi.Input; } interface MembershipProtectedQueryResultConfigurationArgs { /** * Configuration for protected query results. */ outputConfiguration: pulumi.Input; /** * The unique ARN for an IAM role that is used by AWS Clean Rooms to write protected query results to the result location, given by the member who can receive results. */ roleArn?: pulumi.Input; } interface MembershipProtectedQueryS3OutputConfigurationArgs { /** * The S3 bucket to unload the protected query results. */ bucket: pulumi.Input; /** * The S3 prefix to unload the protected query results. */ keyPrefix?: pulumi.Input; /** * Intended file format of the result. */ resultFormat: pulumi.Input; /** * Indicates whether files should be output as a single file ( `TRUE` ) or output as multiple files ( `FALSE` ). This parameter is only supported for analyses with the Spark analytics engine. */ singleFileOutput?: pulumi.Input; } interface MembershipQueryComputePaymentConfigArgs { /** * Indicates whether the collaboration member has accepted to pay for query compute costs ( `TRUE` ) or has not accepted to pay for query compute costs ( `FALSE` ). * * If the collaboration creator has not specified anyone to pay for query compute costs, then the member who can query is the default payer. * * An error message is returned for the following reasons: * * - If you set the value to `FALSE` but you are responsible to pay for query compute costs. * - If you set the value to `TRUE` but you are not responsible to pay for query compute costs. */ isResponsible: pulumi.Input; } interface MembershipSyntheticDataGenerationPaymentConfigArgs { /** * Indicates if this membership is responsible for paying for synthetic data generation. */ isResponsible: pulumi.Input; } /** * Specifies the epsilon and noise parameters for the privacy budget template. */ interface ParametersPropertiesArgs { budgetParameters?: pulumi.Input[]>; /** * The epsilon value that you want to use. */ epsilon?: pulumi.Input; resourceArn?: pulumi.Input; /** * Noise added per query is measured in terms of the number of users whose contributions you want to obscure. This value governs the rate at which the privacy budget is depleted. */ usersNoisePerQuery?: pulumi.Input; } interface PrivacyBudgetTemplateBudgetParameterArgs { /** * Whether this individual budget parameter automatically refreshes when the budget period resets. */ autoRefresh?: pulumi.Input; /** * The budget allocation amount for this specific parameter. */ budget: pulumi.Input; /** * The type of budget parameter being configured. */ type: pulumi.Input; } } export declare namespace cleanroomsml { interface ConfiguredModelAlgorithmAssociationCustomEntityConfigArgs { customDataIdentifiers: pulumi.Input[]>; } interface ConfiguredModelAlgorithmAssociationLogRedactionConfigurationArgs { customEntityConfig?: pulumi.Input; entitiesToRedact: pulumi.Input[]>; } interface ConfiguredModelAlgorithmAssociationLogsConfigurationPolicyArgs { allowedAccountIds: pulumi.Input[]>; filterPattern?: pulumi.Input; logRedactionConfiguration?: pulumi.Input; logType?: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationMetricsConfigurationPolicyArgs { noiseLevel: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationPrivacyConfigurationArgs { policies: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationPrivacyConfigurationPoliciesArgs { trainedModelExports?: pulumi.Input; trainedModelInferenceJobs?: pulumi.Input; trainedModels?: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelArtifactMaxSizeArgs { unit: pulumi.Input; value: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelExportsConfigurationPolicyArgs { filesToExport: pulumi.Input[]>; maxSize: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelExportsMaxSizeArgs { unit: pulumi.Input; value: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelInferenceJobsConfigurationPolicyArgs { containerLogs?: pulumi.Input[]>; maxOutputSize?: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelInferenceMaxOutputSizeArgs { unit: pulumi.Input; value: pulumi.Input; } interface ConfiguredModelAlgorithmAssociationTrainedModelsConfigurationPolicyArgs { containerLogs?: pulumi.Input[]>; containerMetrics?: pulumi.Input; maxArtifactSize?: pulumi.Input; } interface ConfiguredModelAlgorithmContainerConfigArgs { arguments?: pulumi.Input[]>; entrypoint?: pulumi.Input[]>; imageUri: pulumi.Input; metricDefinitions?: pulumi.Input[]>; } interface ConfiguredModelAlgorithmInferenceContainerConfigArgs { imageUri: pulumi.Input; } interface ConfiguredModelAlgorithmMetricDefinitionArgs { name: pulumi.Input; regex: pulumi.Input; } interface TrainingDatasetColumnSchemaArgs { /** * The name of a column. */ columnName: pulumi.Input; /** * The data type of column. */ columnTypes: pulumi.Input[]>; } interface TrainingDatasetDataSourceArgs { /** * A GlueDataSource object that defines the catalog ID, database name, and table name for the training data. */ glueDataSource: pulumi.Input; } interface TrainingDatasetDatasetArgs { /** * A DatasetInputConfig object that defines the data source and schema mapping. */ inputConfig: pulumi.Input; /** * What type of information is found in the dataset. */ type: pulumi.Input; } interface TrainingDatasetDatasetInputConfigArgs { /** * A DataSource object that specifies the Glue data source for the training data. */ dataSource: pulumi.Input; /** * The schema information for the training data. */ schema: pulumi.Input[]>; } interface TrainingDatasetGlueDataSourceArgs { /** * The Glue catalog that contains the training data. */ catalogId?: pulumi.Input; /** * The Glue database that contains the training data. */ databaseName: pulumi.Input; /** * The Glue table that contains the training data. */ tableName: pulumi.Input; } } export declare namespace cloudformation { /** * S3 Source Location for the Guard files. */ interface GuardHookS3LocationArgs { /** * S3 uri of Guard files. */ uri: pulumi.Input; /** * S3 object version */ versionId?: pulumi.Input; } interface HookVersionLoggingConfigArgs { /** * The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers. */ logGroupName?: pulumi.Input; /** * The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs. */ logRoleArn?: pulumi.Input; } /** * Hook targets are the destination where hooks will be invoked against. */ interface LambdaHookHookTargetArgs { action: pulumi.Input; invocationPoint: pulumi.Input; targetName: pulumi.Input; } /** * Describes whether StackSets performs non-conflicting operations concurrently and queues conflicting operations. */ interface ManagedExecutionPropertiesArgs { /** * When `true` , CloudFormation performs non-conflicting operations concurrently and queues conflicting operations. After conflicting operations finish, CloudFormation starts queued operations in request order. * * > If there are already running or queued operations, CloudFormation queues all incoming operations even if they are non-conflicting. * > * > You can't modify your StackSet's execution configuration while there are running or queued operations for that StackSet. * * When `false` (default), StackSets performs one operation at a time in request order. */ active?: pulumi.Input; } /** * Specifies the S3 location of your input parameters. */ interface OptionsPropertiesArgs { /** * Specifies the S3 location where your input parameters are located. */ inputParams?: pulumi.Input[]>; } interface ResourceVersionLoggingConfigArgs { /** * The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers. */ logGroupName?: pulumi.Input; /** * The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs. */ logRoleArn?: pulumi.Input; } /** * Filters to allow hooks to target specific stack attributes */ interface StackFiltersPropertiesArgs { /** * Attribute to specify the filtering behavior. ANY will make the Hook pass if one filter matches. ALL will make the Hook pass if all filters match */ filteringCriteria: pulumi.Input; /** * List of stack names as filters */ stackNames?: pulumi.Input; /** * List of stack roles that are performing the stack operations. */ stackRoles?: pulumi.Input; } /** * List of stack names as filters */ interface StackFiltersPropertiesStackNamesPropertiesArgs { /** * List of stack names that the hook is going to be excluded from */ exclude?: pulumi.Input[]>; /** * List of stack names that the hook is going to target */ include?: pulumi.Input[]>; } /** * List of stack roles that are performing the stack operations. */ interface StackFiltersPropertiesStackRolesPropertiesArgs { /** * List of stack roles that the hook is going to be excluded from */ exclude?: pulumi.Input[]>; /** * List of stack roles that the hook is going to target */ include?: pulumi.Input[]>; } interface StackSetAutoDeploymentArgs { /** * A list of StackSet ARNs that this StackSet depends on for auto-deployment operations. When auto-deployment is triggered, operations will be sequenced to ensure all dependencies complete successfully before this StackSet's operation begins. */ dependsOn?: pulumi.Input[]>; /** * If set to true, StackSets automatically deploys additional stack instances to AWS Organizations accounts that are added to a target organization or organizational unit (OU) in the specified Regions. If an account is removed from a target organization or OU, StackSets deletes stack instances from the account in the specified Regions. */ enabled?: pulumi.Input; /** * If set to true, stack resources are retained when an account is removed from a target organization or OU. If set to false, stack resources are deleted. Specify only if Enabled is set to True. */ retainStacksOnAccountRemoval?: pulumi.Input; } /** * The AWS OrganizationalUnitIds or Accounts for which to create stack instances in the specified Regions. */ interface StackSetDeploymentTargetsArgs { /** * The filter type you want to apply on organizational units and accounts. */ accountFilterType?: pulumi.Input; /** * AWS accounts that you want to create stack instances in the specified Region(s) for. */ accounts?: pulumi.Input[]>; /** * Returns the value of the AccountsUrl property. */ accountsUrl?: pulumi.Input; /** * The organization root ID or organizational unit (OU) IDs to which StackSets deploys. */ organizationalUnitIds?: pulumi.Input[]>; } /** * The user-specified preferences for how AWS CloudFormation performs a stack set operation. */ interface StackSetOperationPreferencesArgs { /** * Specifies how the concurrency level behaves during the operation execution. * * - `STRICT_FAILURE_TOLERANCE` : This option dynamically lowers the concurrency level to ensure the number of failed accounts never exceeds the value of `FailureToleranceCount` +1. The initial actual concurrency is set to the lower of either the value of the `MaxConcurrentCount` , or the value of `FailureToleranceCount` +1. The actual concurrency is then reduced proportionally by the number of failures. This is the default behavior. * * If failure tolerance or Maximum concurrent accounts are set to percentages, the behavior is similar. * - `SOFT_FAILURE_TOLERANCE` : This option decouples `FailureToleranceCount` from the actual concurrency. This allows StackSet operations to run at the concurrency level set by the `MaxConcurrentCount` value, or `MaxConcurrentPercentage` , regardless of the number of failures. */ concurrencyMode?: pulumi.Input; /** * The number of accounts per Region this operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions. * * Conditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` (but not both). */ failureToleranceCount?: pulumi.Input; /** * The percentage of accounts per Region this stack operation can fail in before CloudFormation stops the operation in that Region. If the operation is stopped in a Region, CloudFormation doesn't attempt the operation in any subsequent Regions. * * When calculating the number of accounts based on the specified percentage, CloudFormation rounds *down* to the next whole number. * * Conditional: You must specify either `FailureToleranceCount` or `FailureTolerancePercentage` , but not both. */ failureTolerancePercentage?: pulumi.Input; /** * The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `FailureToleranceCount` . `MaxConcurrentCount` is at most one more than the `FailureToleranceCount` . * * Note that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. * * Conditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both. */ maxConcurrentCount?: pulumi.Input; /** * The maximum percentage of accounts in which to perform this operation at one time. * * When calculating the number of accounts based on the specified percentage, CloudFormation rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, CloudFormation sets the number as one instead. * * Note that this setting lets you specify the *maximum* for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. * * Conditional: You must specify either `MaxConcurrentCount` or `MaxConcurrentPercentage` , but not both. */ maxConcurrentPercentage?: pulumi.Input; /** * The concurrency type of deploying StackSets operations in Regions, could be in parallel or one Region at a time. */ regionConcurrencyType?: pulumi.Input; /** * The order of the Regions where you want to perform the stack operation. */ regionOrder?: pulumi.Input[]>; } interface StackSetParameterArgs { /** * The key associated with the parameter. If you don't specify a key and value for a particular parameter, AWS CloudFormation uses the default value that is specified in your template. */ parameterKey: pulumi.Input; /** * The input value associated with the parameter. */ parameterValue: pulumi.Input; } /** * Stack instances in some specific accounts and Regions. */ interface StackSetStackInstancesArgs { /** * The AWS Organizations accounts or AWS accounts to deploy stacks to in the specified Regions. */ deploymentTargets: pulumi.Input; /** * A list of stack set parameters whose values you want to override in the selected stack instances. */ parameterOverrides?: pulumi.Input[]>; /** * The names of one or more Regions where you want to create stack instances using the specified AWS account(s). */ regions: pulumi.Input[]>; } /** * Attribute to specify which targets should invoke the hook */ interface TargetFilters0PropertiesArgs { /** * List of actions that the hook is going to target */ actions?: pulumi.Input[]>; /** * List of invocation points that the hook is going to target */ invocationPoints?: pulumi.Input[]>; /** * List of type names that the hook is going to target */ targetNames?: pulumi.Input[]>; } /** * Attribute to specify which targets should invoke the hook */ interface TargetFilters1PropertiesArgs { /** * List of hook targets */ targets: pulumi.Input[]>; } interface TypeActivationLoggingConfigArgs { /** * The Amazon CloudWatch log group to which CloudFormation sends error logging information when invoking the type's handlers. */ logGroupName?: pulumi.Input; /** * The ARN of the role that CloudFormation should assume when sending log entries to CloudWatch logs. */ logRoleArn?: pulumi.Input; } } export declare namespace cloudfront { /** * A cache policy configuration. * This configuration determines the following: * + The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. * + The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache. * If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the ``Cache-Control: no-cache``, ``no-store``, or ``private`` directives are present in the origin headers. * * The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but *not* include them in the cache key, use ``OriginRequestPolicy``. */ interface CachePolicyConfigArgs { /** * A comment to describe the cache policy. The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object's time to live (TTL) only when the origin does *not* send ``Cache-Control`` or ``Expires`` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. * The default value for this field is 86400 seconds (one day). If the value of ``MinTTL`` is more than 86400 seconds, then the default value for this field is the same as the value of ``MinTTL``. */ defaultTtl: pulumi.Input; /** * The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends ``Cache-Control`` or ``Expires`` headers with the object. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. * The default value for this field is 31536000 seconds (one year). If the value of ``MinTTL`` or ``DefaultTTL`` is more than 31536000 seconds, then the default value for this field is the same as the value of ``DefaultTTL``. */ maxTtl: pulumi.Input; /** * The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ minTtl: pulumi.Input; /** * A unique name to identify the cache policy. */ name: pulumi.Input; /** * The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin. */ parametersInCacheKeyAndForwardedToOrigin: pulumi.Input; } /** * An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin. */ interface CachePolicyCookiesConfigArgs { /** * Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any cookies that are listed in an ``OriginRequestPolicy``*are* included in origin requests. * + ``whitelist`` – Only the cookies in viewer requests that are listed in the ``CookieNames`` type are included in the cache key and in requests that CloudFront sends to the origin. * + ``allExcept`` – All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, *except* for those that are listed in the ``CookieNames`` type, which are not included. * + ``all`` – All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. */ cookieBehavior: pulumi.Input; /** * Contains a list of cookie names. */ cookies?: pulumi.Input[]>; } /** * An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin. */ interface CachePolicyHeadersConfigArgs { /** * Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any headers that are listed in an ``OriginRequestPolicy``*are* included in origin requests. * + ``whitelist`` – Only the HTTP headers that are listed in the ``Headers`` type are included in the cache key and in requests that CloudFront sends to the origin. */ headerBehavior: pulumi.Input; /** * Contains a list of HTTP header names. */ headers?: pulumi.Input[]>; } /** * This object determines the values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. * The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find an object in its cache that matches the request's cache key. If you want to send values to the origin but *not* include them in the cache key, use ``OriginRequestPolicy``. */ interface CachePolicyParametersInCacheKeyAndForwardedToOriginArgs { /** * An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin. */ cookiesConfig: pulumi.Input; /** * A flag that can affect whether the ``Accept-Encoding`` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin. * This field is related to the ``EnableAcceptEncodingGzip`` field. If one or both of these fields is ``true``*and* the viewer request includes the ``Accept-Encoding`` header, then CloudFront does the following: * + Normalizes the value of the viewer's ``Accept-Encoding`` header * + Includes the normalized header in the cache key * + Includes the normalized header in the request to the origin, if a request is necessary * * For more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide*. * If you set this value to ``true``, and this cache behavior also has an origin request policy attached, do not include the ``Accept-Encoding`` header in the origin request policy. CloudFront always includes the ``Accept-Encoding`` header in origin requests when the value of this field is ``true``, so including this header in an origin request policy has no effect. * If both of these fields are ``false``, then CloudFront treats the ``Accept-Encoding`` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add ``Accept-Encoding`` to the headers whitelist like any other HTTP header. */ enableAcceptEncodingBrotli?: pulumi.Input; /** * A flag that can affect whether the ``Accept-Encoding`` HTTP header is included in the cache key and included in requests that CloudFront sends to the origin. * This field is related to the ``EnableAcceptEncodingBrotli`` field. If one or both of these fields is ``true``*and* the viewer request includes the ``Accept-Encoding`` header, then CloudFront does the following: * + Normalizes the value of the viewer's ``Accept-Encoding`` header * + Includes the normalized header in the cache key * + Includes the normalized header in the request to the origin, if a request is necessary * * For more information, see [Compression support](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-policy-compressed-objects) in the *Amazon CloudFront Developer Guide*. * If you set this value to ``true``, and this cache behavior also has an origin request policy attached, do not include the ``Accept-Encoding`` header in the origin request policy. CloudFront always includes the ``Accept-Encoding`` header in origin requests when the value of this field is ``true``, so including this header in an origin request policy has no effect. * If both of these fields are ``false``, then CloudFront treats the ``Accept-Encoding`` header the same as any other HTTP header in the viewer request. By default, it's not included in the cache key and it's not included in origin requests. In this case, you can manually add ``Accept-Encoding`` to the headers whitelist like any other HTTP header. */ enableAcceptEncodingGzip: pulumi.Input; /** * An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin. */ headersConfig: pulumi.Input; /** * An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin. */ queryStringsConfig: pulumi.Input; } /** * An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin. */ interface CachePolicyQueryStringsConfigArgs { /** * Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any query strings that are listed in an ``OriginRequestPolicy``*are* included in origin requests. * + ``whitelist`` – Only the query strings in viewer requests that are listed in the ``QueryStringNames`` type are included in the cache key and in requests that CloudFront sends to the origin. * + ``allExcept`` – All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, *except* those that are listed in the ``QueryStringNames`` type, which are not included. * + ``all`` – All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. */ queryStringBehavior: pulumi.Input; /** * Contains a list of query string names. */ queryStrings?: pulumi.Input[]>; } /** * Origin access identity configuration. Send a ``GET`` request to the ``/CloudFront API version/CloudFront/identity ID/config`` resource. */ interface CloudFrontOriginAccessIdentityConfigArgs { /** * A comment to describe the origin access identity. The comment cannot be longer than 128 characters. */ comment: pulumi.Input; } /** * Contains configuration information about a CloudFront function. */ interface ConnectionFunctionConfigArgs { /** * A comment to describe the function. */ comment: pulumi.Input; /** * The configuration for the key value store associations. */ keyValueStoreAssociations?: pulumi.Input[]>; /** * The function's runtime environment version. */ runtime: pulumi.Input; } /** * The key value store association. */ interface ConnectionFunctionKeyValueStoreAssociationArgs { /** * The Amazon Resource Name (ARN) of the key value store association. */ keyValueStoreArn: pulumi.Input; } /** * Contains the configuration for a continuous deployment policy. */ interface ContinuousDeploymentPolicyConfigArgs { /** * A Boolean that indicates whether this continuous deployment policy is enabled (in effect). When this value is ``true``, this policy is enabled and in effect. When this value is ``false``, this policy is not enabled and has no effect. */ enabled: pulumi.Input; /** * This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution. */ singleHeaderPolicyConfig?: pulumi.Input; /** * This configuration determines the percentage of HTTP requests that are sent to the staging distribution. */ singleWeightPolicyConfig?: pulumi.Input; /** * The CloudFront domain name of the staging distribution. For example: ``d111111abcdef8.cloudfront.net``. */ stagingDistributionDnsNames: pulumi.Input[]>; /** * Contains the parameters for routing production traffic from your primary to staging distributions. */ trafficConfig?: pulumi.Input; /** * The type of traffic configuration. */ type?: pulumi.Input; } /** * This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution. */ interface ContinuousDeploymentPolicyConfigSingleHeaderPolicyConfigPropertiesArgs { header: pulumi.Input; value: pulumi.Input; } /** * This configuration determines the percentage of HTTP requests that are sent to the staging distribution. */ interface ContinuousDeploymentPolicyConfigSingleWeightPolicyConfigPropertiesArgs { sessionStickinessConfig?: pulumi.Input; weight: pulumi.Input; } /** * Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values. */ interface ContinuousDeploymentPolicySessionStickinessConfigArgs { /** * The amount of time after which you want sessions to cease if no requests are received. Allowed values are 300–3600 seconds (5–60 minutes). */ idleTtl: pulumi.Input; /** * The maximum amount of time to consider requests from the viewer as being part of the same session. Allowed values are 300–3600 seconds (5–60 minutes). */ maximumTtl: pulumi.Input; } /** * Determines which HTTP requests are sent to the staging distribution. */ interface ContinuousDeploymentPolicySingleHeaderConfigArgs { /** * The request header name that you want CloudFront to send to your staging distribution. The header must contain the prefix ``aws-cf-cd-``. */ header: pulumi.Input; /** * The request header value. */ value: pulumi.Input; } /** * This configuration determines the percentage of HTTP requests that are sent to the staging distribution. */ interface ContinuousDeploymentPolicySingleWeightConfigArgs { /** * Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values. */ sessionStickinessConfig?: pulumi.Input; /** * The percentage of traffic to send to a staging distribution, expressed as a decimal number between 0 and 0.15. For example, a value of 0.10 means 10% of traffic is sent to the staging distribution. */ weight: pulumi.Input; } /** * The traffic configuration of your continuous deployment. */ interface ContinuousDeploymentPolicyTrafficConfigArgs { /** * Determines which HTTP requests are sent to the staging distribution. */ singleHeaderConfig?: pulumi.Input; /** * Contains the percentage of traffic to send to the staging distribution. */ singleWeightConfig?: pulumi.Input; /** * The type of traffic configuration. */ type: pulumi.Input; } /** * A complex type that describes how CloudFront processes requests. * You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used. * For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see [Quotas](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) in the *Amazon CloudFront Developer Guide*. * If you don't want to specify any cache behaviors, include only an empty ``CacheBehaviors`` element. Don't specify an empty individual ``CacheBehavior`` element, because this is invalid. For more information, see [CacheBehaviors](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CacheBehaviors.html). * To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty ``CacheBehaviors`` element. * To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution. * If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the ``Cache-Control: no-cache``, ``no-store``, or ``private`` directives are present in the origin headers. * For more information about cache behaviors, see [Cache Behavior Settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior) in the *Amazon CloudFront Developer Guide*. */ interface DistributionCacheBehaviorArgs { /** * A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices: * + CloudFront forwards only ``GET`` and ``HEAD`` requests. * + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests. * + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests. * * If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin. */ allowedMethods?: pulumi.Input[]>; /** * The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * A ``CacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. */ cachePolicyId?: pulumi.Input; /** * A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices: * + CloudFront caches responses to ``GET`` and ``HEAD`` requests. * + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests. * * If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly. */ cachedMethods?: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*. */ compress?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ defaultTtl?: pulumi.Input; /** * The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior. */ fieldLevelEncryptionId?: pulumi.Input; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*. * If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*. * A ``CacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. * A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers. */ forwardedValues?: pulumi.Input; /** * A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ``LIVE`` stage to associate them with a cache behavior. */ functionAssociations?: pulumi.Input[]>; /** * The gRPC configuration for your cache behavior. */ grpcConfig?: pulumi.Input; /** * A complex type that contains zero or more Lambda@Edge function associations for a cache behavior. */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ maxTtl?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. * You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``Headers``, if you specify ``1`` for ``Quantity`` and ``*`` for ``Name``). */ minTtl?: pulumi.Input; /** * The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*. */ originRequestPolicyId?: pulumi.Input; /** * The pattern (for example, ``images/*.jpg``) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution. * You can optionally include a slash (``/``) at the beginning of the path pattern. For example, ``/images/*.jpg``. CloudFront behavior is the same with or without the leading ``/``. * The path pattern for the default cache behavior is ``*`` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior. * For more information, see [Path Pattern](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern) in the *Amazon CloudFront Developer Guide*. */ pathPattern: pulumi.Input; /** * The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*. */ realtimeLogConfigArn?: pulumi.Input; /** * The identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``. */ smoothStreaming?: pulumi.Input; /** * The value of ``ID`` for the origin that you want CloudFront to route requests to when they match this cache behavior. */ targetOriginId: pulumi.Input; /** * A list of key groups that CloudFront can use to validate signed URLs or signed cookies. * When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. */ trustedKeyGroups?: pulumi.Input[]>; /** * We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``. * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies. * When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. */ trustedSigners?: pulumi.Input[]>; /** * The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options: * + ``allow-all``: Viewers can use HTTP or HTTPS. * + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL. * + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden). * * For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*. * The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ viewerProtocolPolicy: pulumi.Input; } /** * A distribution configuration. */ interface DistributionConfigArgs { /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution. */ aliases?: pulumi.Input[]>; /** * To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html). * ID of the Anycast static IP list that is associated with the distribution. */ anycastIpListId?: pulumi.Input; /** * A complex type that contains zero or more ``CacheBehavior`` elements. */ cacheBehaviors?: pulumi.Input[]>; /** * An alias for the CF distribution's domain name. * This property is legacy. We recommend that you use [Aliases](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases) instead. */ cnames?: pulumi.Input[]>; /** * A comment to describe the distribution. The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * The distribution's connection function association. */ connectionFunctionAssociation?: pulumi.Input; /** * This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only). */ connectionMode?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * The identifier of a continuous deployment policy. For more information, see ``CreateContinuousDeploymentPolicy``. */ continuousDeploymentPolicyId?: pulumi.Input; /** * A complex type that controls the following: * + Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer. * + How long CloudFront caches HTTP status codes in the 4xx and 5xx range. * * For more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. */ customErrorResponses?: pulumi.Input[]>; /** * The user-defined HTTP server that serves as the origin for content that CF distributes. * This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead. */ customOrigin?: pulumi.Input; /** * A complex type that describes the default cache behavior if you don't specify a ``CacheBehavior`` element or if files don't match any of the values of ``PathPattern`` in ``CacheBehavior`` elements. You must create exactly one default cache behavior. */ defaultCacheBehavior: pulumi.Input; /** * When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. For example, if your root URL is ``https://www.example.com``, you can specify CloudFront to return the ``index.html`` file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, ``https://www.example.com/product-description.html``). A default root object avoids exposing the contents of your distribution. * You can specify the object name or a path to the object name (for example, ``index.html`` or ``exampleFolderName/index.html``). Your string can't begin with a forward slash (``/``). Only specify the object name or the path to the object. * If you don't want to specify a default root object when you create a distribution, include an empty ``DefaultRootObject`` element. * To delete the default root object from an existing distribution, update the distribution configuration and include an empty ``DefaultRootObject`` element. * To replace the default root object, update the distribution configuration and specify the new object. * For more information about the default root object, see [Specify a default root object](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html) in the *Amazon CloudFront Developer Guide*. */ defaultRootObject?: pulumi.Input; /** * From this field, you can enable or disable the selected distribution. */ enabled: pulumi.Input; /** * (Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CF. The default value for new distributions is ``http1.1``. * For viewers and CF to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI). * For viewers and CF to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CF supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see [Connection Migration](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc9000.html#name-connection-migration) at RFC 9000. For more information about supported TLSv1.3 ciphers, see [Supported protocols and ciphers between viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html). */ httpVersion?: pulumi.Input; /** * To use this field for a multi-tenant distribution, use a connection group instead. For more information, see [ConnectionGroup](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ConnectionGroup.html). * If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify ``true``. If you specify ``false``, CloudFront responds to IPv6 DNS requests with the DNS response code ``NOERROR`` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution. * In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the ``IpAddress`` parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html) in the *Amazon CloudFront Developer Guide*. * If you're using an R53AWSIntlong alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true: * + You enable IPv6 for the distribution * + You're using alternate domain names in the URLs for your objects * * For more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html) in the *Developer Guide*. * If you created a CNAME resource record set, either with R53AWSIntlong or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request. */ ipv6Enabled?: pulumi.Input; /** * A complex type that controls whether access logs are written for the distribution. * For more information about logging, see [Access Logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide*. */ logging?: pulumi.Input; /** * A complex type that contains information about origin groups for this distribution. * Specify a value for either the ``Origins`` or ``OriginGroups`` property. */ originGroups?: pulumi.Input; /** * A complex type that contains information about origins for this distribution. * Specify a value for either the ``Origins`` or ``OriginGroups`` property. */ origins?: pulumi.Input[]>; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify ``PriceClass_All``, CloudFront responds to requests for your objects from all CloudFront edge locations. * If you specify a price class other than ``PriceClass_All``, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance. * For more information about price classes, see [Choosing the Price Class for a CloudFront Distribution](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html) in the *Amazon CloudFront Developer Guide*. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing](https://docs.aws.amazon.com/cloudfront/pricing/). */ priceClass?: pulumi.Input; /** * A complex type that identifies ways in which you want to restrict distribution of your content. */ restrictions?: pulumi.Input; /** * The origin as an S3 bucket. * This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead. */ s3Origin?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A Boolean that indicates whether this is a staging distribution. When this value is ``true``, this is a staging distribution. When this value is ``false``, this is not a staging distribution. */ staging?: pulumi.Input; /** * This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A distribution tenant configuration. */ tenantConfig?: pulumi.Input; /** * A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. */ viewerCertificate?: pulumi.Input; /** * The distribution's viewer mTLS configuration. */ viewerMtlsConfig?: pulumi.Input; /** * Multi-tenant distributions only support WAF V2 web ACLs. * A unique identifier that specifies the WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of WAF, use the ACL ARN, for example ``arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111``. To specify a web ACL created using WAF Classic, use the ACL ID, for example ``a1b2c3d4-5678-90ab-cdef-EXAMPLE11111``. * WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about WAF, see the [Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html). */ webAclId?: pulumi.Input; } /** * This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A distribution tenant configuration. */ interface DistributionConfigTenantConfigPropertiesArgs { parameterDefinitions?: pulumi.Input[]>; } /** * A connection function association. */ interface DistributionConnectionFunctionAssociationArgs { /** * The association's ID. */ id: pulumi.Input; } /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionCookiesArgs { /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send cookies to the origin but not include them in the cache key, use origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the ``WhitelistedNames`` complex type. * Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the ``Forward`` element. */ forward: pulumi.Input; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * Required if you specify ``whitelist`` for the value of ``Forward``. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies. * If you specify ``all`` or ``none`` for the value of ``Forward``, omit ``WhitelistedNames``. If you change the value of ``Forward`` from ``whitelist`` to ``all`` or ``none`` and you don't delete the ``WhitelistedNames`` element and its child elements, CloudFront deletes them automatically. * For the current limit on the number of cookie names that you can whitelist for each cache behavior, see [CloudFront Limits](https://docs.aws.amazon.com/general/latest/gr/xrefaws_service_limits.html#limits_cloudfront) in the *General Reference*. */ whitelistedNames?: pulumi.Input[]>; } /** * A complex type that controls: * + Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer. * + How long CloudFront caches HTTP status codes in the 4xx and 5xx range. * * For more information about custom error pages, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionCustomErrorResponseArgs { /** * The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ``ErrorCode``. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available. * For more information, see [Customizing Error Responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html) in the *Amazon CloudFront Developer Guide*. */ errorCachingMinTtl?: pulumi.Input; /** * The HTTP status code for which you want to specify a custom error page and/or a caching duration. */ errorCode: pulumi.Input; /** * The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example: * + Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx and 5xx and prevent the response from being returned to the viewer. If you substitute ``200``, the response typically won't be intercepted. * + If you don't care about distinguishing among different client errors or server errors, you can specify ``400`` or ``500`` as the ``ResponseCode`` for all 4xx or 5xx errors. * + You might want to return a ``200`` status code (OK) and static website so your customers don't know that your website is down. * * If you specify a value for ``ResponseCode``, you must also specify a value for ``ResponsePagePath``. */ responseCode?: pulumi.Input; /** * The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by ``ErrorCode``, for example, ``/4xx-errors/403-forbidden.html``. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true: * + The value of ``PathPattern`` matches the path to your custom error messages. For example, suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named ``/4xx-errors``. Your distribution must include a cache behavior for which the path pattern routes requests for your custom error pages to that location, for example, ``/4xx-errors/*``. * + The value of ``TargetOriginId`` specifies the value of the ``ID`` element for the origin that contains your custom error pages. * * If you specify a value for ``ResponsePagePath``, you must also specify a value for ``ResponseCode``. * We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable. */ responsePagePath?: pulumi.Input; } /** * A custom origin. A custom origin is any origin that is *not* an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is [configured with static website hosting](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)*is* a custom origin. */ interface DistributionCustomOriginConfigArgs { /** * The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the origin listens on. */ httpPort?: pulumi.Input; /** * The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that the origin listens on. */ httpsPort?: pulumi.Input; /** * Specifies which IP protocol CloudFront uses when connecting to your origin. If your origin uses both IPv4 and IPv6 protocols, you can choose ``dualstack`` to help optimize reliability. */ ipAddressType?: pulumi.Input; /** * Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds. * For more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide*. */ originKeepaliveTimeout?: pulumi.Input; /** * Configures mutual TLS authentication between CloudFront and your origin server. */ originMtlsConfig?: pulumi.Input; /** * Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid values are: * + ``http-only`` – CloudFront always uses HTTP to connect to the origin. * + ``match-viewer`` – CloudFront connects to the origin using the same protocol that the viewer used to connect to CloudFront. * + ``https-only`` – CloudFront always uses HTTPS to connect to the origin. */ originProtocolPolicy: pulumi.Input; /** * Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds. * For more information, see [Response timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*. */ originReadTimeout?: pulumi.Input; /** * Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include ``SSLv3``, ``TLSv1``, ``TLSv1.1``, and ``TLSv1.2``. * For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide*. */ originSslProtocols?: pulumi.Input[]>; } /** * A complex type that describes the default cache behavior if you don't specify a ``CacheBehavior`` element or if request URLs don't match any of the values of ``PathPattern`` in ``CacheBehavior`` elements. You must create exactly one default cache behavior. * If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the ``Cache-Control: no-cache``, ``no-store``, or ``private`` directives are present in the origin headers. */ interface DistributionDefaultCacheBehaviorArgs { /** * A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices: * + CloudFront forwards only ``GET`` and ``HEAD`` requests. * + CloudFront forwards only ``GET``, ``HEAD``, and ``OPTIONS`` requests. * + CloudFront forwards ``GET, HEAD, OPTIONS, PUT, PATCH, POST``, and ``DELETE`` requests. * * If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin. */ allowedMethods?: pulumi.Input[]>; /** * The unique identifier of the cache policy that is attached to the default cache behavior. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * A ``DefaultCacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. */ cachePolicyId?: pulumi.Input; /** * A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices: * + CloudFront caches responses to ``GET`` and ``HEAD`` requests. * + CloudFront caches responses to ``GET``, ``HEAD``, and ``OPTIONS`` requests. * * If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly. */ cachedMethods?: pulumi.Input[]>; /** * Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify ``true``; if not, specify ``false``. For more information, see [Serving Compressed Files](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html) in the *Amazon CloudFront Developer Guide*. */ compress?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``DefaultTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ defaultTtl?: pulumi.Input; /** * The value of ``ID`` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior. */ fieldLevelEncryptionId?: pulumi.Input; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html) in the *Amazon CloudFront Developer Guide*. * If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*. * A ``DefaultCacheBehavior`` must include either a ``CachePolicyId`` or ``ForwardedValues``. We recommend that you use a ``CachePolicyId``. * A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers. */ forwardedValues?: pulumi.Input; /** * A list of CloudFront functions that are associated with this cache behavior. Your functions must be published to the ``LIVE`` stage to associate them with a cache behavior. */ functionAssociations?: pulumi.Input[]>; /** * The gRPC configuration for your cache behavior. */ grpcConfig?: pulumi.Input; /** * A complex type that contains zero or more Lambda@Edge function associations for a cache behavior. */ lambdaFunctionAssociations?: pulumi.Input[]>; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``MaxTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ``Cache-Control max-age``, ``Cache-Control s-maxage``, and ``Expires`` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ maxTtl?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use the ``MinTTL`` field in a cache policy instead of this field. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) or [Using the managed cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html) in the *Amazon CloudFront Developer Guide*. * The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. * You must specify ``0`` for ``MinTTL`` if you configure CloudFront to forward all headers to your origin (under ``Headers``, if you specify ``1`` for ``Quantity`` and ``*`` for ``Name``). */ minTtl?: pulumi.Input; /** * The unique identifier of the origin request policy that is attached to the default cache behavior. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) or [Using the managed origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html) in the *Amazon CloudFront Developer Guide*. */ originRequestPolicyId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see [Real-time logs](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html) in the *Amazon CloudFront Developer Guide*. */ realtimeLogConfigArn?: pulumi.Input; /** * The identifier for a response headers policy. */ responseHeadersPolicyId?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ``true``; if not, specify ``false``. If you specify ``true`` for ``SmoothStreaming``, you can still distribute other content using this cache behavior if the content matches the value of ``PathPattern``. */ smoothStreaming?: pulumi.Input; /** * The value of ``ID`` for the origin that you want CloudFront to route requests to when they use the default cache behavior. */ targetOriginId: pulumi.Input; /** * A list of key groups that CloudFront can use to validate signed URLs or signed cookies. * When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. */ trustedKeyGroups?: pulumi.Input[]>; /** * We recommend using ``TrustedKeyGroups`` instead of ``TrustedSigners``. * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * A list of AWS-account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies. * When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in a trusted signer's AWS-account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. */ trustedSigners?: pulumi.Input[]>; /** * The protocol that viewers can use to access the files in the origin specified by ``TargetOriginId`` when a request matches the path pattern in ``PathPattern``. You can specify the following options: * + ``allow-all``: Viewers can use HTTP or HTTPS. * + ``redirect-to-https``: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL. * + ``https-only``: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden). * * For more information about requiring the HTTPS protocol, see [Requiring HTTPS Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html) in the *Amazon CloudFront Developer Guide*. * The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html) in the *Amazon CloudFront Developer Guide*. */ viewerProtocolPolicy: pulumi.Input; } /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers. */ interface DistributionForwardedValuesArgs { /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include cookies in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send cookies to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see [How CloudFront Forwards, Caches, and Logs Cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html) in the *Amazon CloudFront Developer Guide*. */ cookies?: pulumi.Input; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include headers in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send headers to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * A complex type that specifies the ``Headers``, if any, that you want CloudFront to forward to the origin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront also caches separate versions of a specified object that is based on the header values in viewer requests. * For more information, see [Caching Content Based on Request Headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/header-caching.html) in the *Amazon CloudFront Developer Guide*. */ headers?: pulumi.Input[]>; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of ``QueryString`` and on the values that you specify for ``QueryStringCacheKeys``, if any: * If you specify true for ``QueryString`` and you don't specify any values for ``QueryStringCacheKeys``, CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin. * If you specify true for ``QueryString`` and you specify one or more values for ``QueryStringCacheKeys``, CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify. * If you specify false for ``QueryString``, CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters. * For more information, see [Configuring CloudFront to Cache Based on Query String Parameters](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/QueryStringParameters.html) in the *Amazon CloudFront Developer Guide*. */ queryString: pulumi.Input; /** * This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. * If you want to include query strings in the cache key, use a cache policy. For more information, see [Creating cache policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy) in the *Amazon CloudFront Developer Guide*. * If you want to send query strings to the origin but not include them in the cache key, use an origin request policy. For more information, see [Creating origin request policies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy) in the *Amazon CloudFront Developer Guide*. * A complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior. */ queryStringCacheKeys?: pulumi.Input[]>; } /** * A CloudFront function that is associated with a cache behavior in a CloudFront distribution. */ interface DistributionFunctionAssociationArgs { /** * The event type of the function, either ``viewer-request`` or ``viewer-response``. You cannot use origin-facing event types (``origin-request`` and ``origin-response``) with a CloudFront function. */ eventType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the function. */ functionArn?: pulumi.Input; } /** * A complex type that controls the countries in which your content is distributed. CF determines the location of your users using ``MaxMind`` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template. */ interface DistributionGeoRestrictionArgs { /** * A complex type that contains a ``Location`` element for each country in which you want CloudFront either to distribute your content (``whitelist``) or not distribute your content (``blacklist``). * The ``Location`` element is a two-letter, uppercase country code for a country that you want to include in your ``blacklist`` or ``whitelist``. Include one ``Location`` element for each country. * CloudFront and ``MaxMind`` both use ``ISO 3166`` country codes. For the current list of countries and the corresponding codes, see ``ISO 3166-1-alpha-2`` code on the *International Organization for Standardization* website. You can also refer to the country list on the CloudFront console, which includes both country names and codes. */ locations?: pulumi.Input[]>; /** * The method that you want to use to restrict distribution of your content by country: * + ``none``: No geo restriction is enabled, meaning access to content is not restricted by client geo location. * + ``blacklist``: The ``Location`` elements specify the countries in which you don't want CloudFront to distribute your content. * + ``whitelist``: The ``Location`` elements specify the countries in which you want CloudFront to distribute your content. */ restrictionType: pulumi.Input; } /** * Amazon CloudFront supports gRPC, an open-source remote procedure call (RPC) framework built on HTTP/2. gRPC offers bi-directional streaming and binary protocol that buffers payloads, making it suitable for applications that require low latency communications. * To enable your distribution to handle gRPC requests, you must include HTTP/2 as one of the supported ``HTTP`` versions and allow ``HTTP`` methods, including ``POST``. * For more information, see [Using gRPC with CloudFront distributions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-using-grpc.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionGrpcConfigArgs { /** * Enables your CloudFront distribution to receive gRPC requests and to proxy them directly to your origins. */ enabled: pulumi.Input; } /** * A complex type that contains a Lambda@Edge function association. */ interface DistributionLambdaFunctionAssociationArgs { /** * Specifies the event type that triggers a Lambda@Edge function invocation. You can specify the following values: * + ``viewer-request``: The function executes when CloudFront receives a request from a viewer and before it checks to see whether the requested object is in the edge cache. * + ``origin-request``: The function executes only when CloudFront sends a request to your origin. When the requested object is in the edge cache, the function doesn't execute. * + ``origin-response``: The function executes after CloudFront receives a response from the origin and before it caches the object in the response. When the requested object is in the edge cache, the function doesn't execute. * + ``viewer-response``: The function executes before CloudFront returns the requested object to the viewer. The function executes regardless of whether the object was already in the edge cache. * If the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute. */ eventType?: pulumi.Input; /** * A flag that allows a Lambda@Edge function to have read access to the body content. For more information, see [Accessing the Request Body by Choosing the Include Body Option](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html) in the Amazon CloudFront Developer Guide. */ includeBody?: pulumi.Input; /** * The ARN of the Lambda@Edge function. You must specify the ARN of a function version; you can't specify an alias or $LATEST. */ lambdaFunctionArn?: pulumi.Input; } /** * A custom origin. A custom origin is any origin that is *not* an S3 bucket, with one exception. An S3 bucket that is [configured with static website hosting](https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)*is* a custom origin. * This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead. */ interface DistributionLegacyCustomOriginArgs { /** * The domain name assigned to your CF distribution. */ dnsName: pulumi.Input; /** * The HTTP port that CF uses to connect to the origin. Specify the HTTP port that the origin listens on. */ httpPort?: pulumi.Input; /** * The HTTPS port that CF uses to connect to the origin. Specify the HTTPS port that the origin listens on. */ httpsPort?: pulumi.Input; /** * Specifies the protocol (HTTP or HTTPS) that CF uses to connect to the origin. */ originProtocolPolicy: pulumi.Input; /** * The minimum SSL/TLS protocol version that CF uses when communicating with your origin server over HTTPs. * For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginSSLProtocols) in the *Developer Guide*. */ originSslProtocols: pulumi.Input[]>; } /** * The origin as an S3 bucket. * This property is legacy. We recommend that you use [Origin](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html) instead. */ interface DistributionLegacyS3OriginArgs { /** * The domain name assigned to your CF distribution. */ dnsName: pulumi.Input; /** * The CF origin access identity to associate with the distribution. Use an origin access identity to configure the distribution so that end users can only access objects in an S3 through CF. * This property is legacy. We recommend that you use [OriginAccessControl](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html) instead. */ originAccessIdentity?: pulumi.Input; } /** * A complex type that specifies whether access logs are written for the distribution. * If you already enabled standard logging (legacy) and you want to enable standard logging (v2) to send your access logs to Amazon S3, we recommend that you specify a *different* Amazon S3 bucket or use a *separate path* in the same bucket (for example, use a log prefix or partitioning). This helps you keep track of which log files are associated with which logging subscription and prevents log files from overwriting each other. For more information, see [Standard logging (access logs)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionLoggingArgs { /** * The Amazon S3 bucket to store the access logs in, for example, ``amzn-s3-demo-bucket.s3.amazonaws.com``. */ bucket?: pulumi.Input; /** * Specifies whether you want CloudFront to include cookies in access logs, specify ``true`` for ``IncludeCookies``. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify ``false`` for ``IncludeCookies``. */ includeCookies?: pulumi.Input; /** * An optional string that you want CloudFront to prefix to the access log ``filenames`` for this distribution, for example, ``myprefix/``. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty ``Prefix`` element in the ``Logging`` element. */ prefix?: pulumi.Input; } /** * An origin. * An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin: * + Use ``S3OriginConfig`` to specify an Amazon S3 bucket that is not configured with static website hosting. * + Use ``VpcOriginConfig`` to specify a VPC origin. * + Use ``CustomOriginConfig`` to specify all other kinds of origins, including: * + An Amazon S3 bucket that is configured with static website hosting * + An Elastic Load Balancing load balancer * + An EMPlong endpoint * + An EMSlong container * + Any other HTTP server, running on an Amazon EC2 instance or any other kind of host * * * For the current maximum number of origins that you can specify per distribution, see [General Quotas on Web Distributions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions) in the *Amazon CloudFront Developer Guide* (quotas were formerly referred to as limits). */ interface DistributionOriginArgs { /** * The number of times that CloudFront attempts to connect to the origin. The minimum number is 1, the maximum is 3, and the default (if you don't specify otherwise) is 3. * For a custom origin (including an Amazon S3 bucket that's configured with static website hosting), this value also specifies the number of times that CloudFront attempts to get a response from the origin, in the case of an [Origin Response Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginResponseTimeout). * For more information, see [Origin Connection Attempts](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-attempts) in the *Amazon CloudFront Developer Guide*. */ connectionAttempts?: pulumi.Input; /** * The number of seconds that CloudFront waits when trying to establish a connection to the origin. The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don't specify otherwise) is 10 seconds. * For more information, see [Origin Connection Timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#origin-connection-timeout) in the *Amazon CloudFront Developer Guide*. */ connectionTimeout?: pulumi.Input; /** * Use this type to specify an origin that is not an Amazon S3 bucket, with one exception. If the Amazon S3 bucket is configured with static website hosting, use this type. If the Amazon S3 bucket is not configured with static website hosting, use the ``S3OriginConfig`` type instead. */ customOriginConfig?: pulumi.Input; /** * The domain name for the origin. * For more information, see [Origin Domain Name](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesDomainName) in the *Amazon CloudFront Developer Guide*. */ domainName: pulumi.Input; /** * A unique identifier for the origin. This value must be unique within the distribution. * Use this value to specify the ``TargetOriginId`` in a ``CacheBehavior`` or ``DefaultCacheBehavior``. */ id: pulumi.Input; /** * The unique identifier of an origin access control for this origin. * For more information, see [Restricting access to an Amazon S3 origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide*. */ originAccessControlId?: pulumi.Input; /** * A list of HTTP header names and values that CloudFront adds to the requests that it sends to the origin. * For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/add-origin-custom-headers.html) in the *Amazon CloudFront Developer Guide*. */ originCustomHeaders?: pulumi.Input[]>; /** * An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. * For more information, see [Origin Path](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesOriginPath) in the *Amazon CloudFront Developer Guide*. */ originPath?: pulumi.Input; /** * CloudFront Origin Shield. Using Origin Shield can help reduce the load on your origin. * For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide*. */ originShield?: pulumi.Input; /** * The time (in seconds) that a request from CloudFront to the origin can stay open and wait for a response. If the complete response isn't received from the origin by this time, CloudFront ends the connection. * The value for ``ResponseCompletionTimeout`` must be equal to or greater than the value for ``OriginReadTimeout``. If you don't set a value for ``ResponseCompletionTimeout``, CloudFront doesn't enforce a maximum value. * For more information, see [Response completion timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#response-completion-timeout) in the *Amazon CloudFront Developer Guide*. */ responseCompletionTimeout?: pulumi.Input; /** * Use this type to specify an origin that is an Amazon S3 bucket that is not configured with static website hosting. To specify any other type of origin, including an Amazon S3 bucket that is configured with static website hosting, use the ``CustomOriginConfig`` type instead. */ s3OriginConfig?: pulumi.Input; /** * The VPC origin configuration. */ vpcOriginConfig?: pulumi.Input; } /** * A complex type that contains ``HeaderName`` and ``HeaderValue`` elements, if any, for this distribution. */ interface DistributionOriginCustomHeaderArgs { /** * The name of a header that you want CloudFront to send to your origin. For more information, see [Adding Custom Headers to Origin Requests](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/forward-custom-headers.html) in the *Amazon CloudFront Developer Guide*. */ headerName: pulumi.Input; /** * The value for the header that you specified in the ``HeaderName`` field. */ headerValue: pulumi.Input; } /** * An origin group includes two origins (a primary origin and a secondary origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specify the origin group instead of a single origin, and CloudFront will failover from the primary origin to the secondary origin under the failover conditions that you've chosen. * Optionally, you can choose selection criteria for your origin group to specify how your origins are selected when your distribution routes viewer requests. */ interface DistributionOriginGroupArgs { /** * A complex type that contains information about the failover criteria for an origin group. */ failoverCriteria: pulumi.Input; /** * The origin group's ID. */ id: pulumi.Input; /** * A complex type that contains information about the origins in an origin group. */ members: pulumi.Input; /** * The selection criteria for the origin group. For more information, see [Create an origin group](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/high_availability_origin_failover.html#concept_origin_groups.creating) in the *Amazon CloudFront Developer Guide*. */ selectionCriteria?: pulumi.Input; } /** * A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin. */ interface DistributionOriginGroupFailoverCriteriaArgs { /** * The status codes that, when returned from the primary origin, will trigger CloudFront to failover to the second origin. */ statusCodes: pulumi.Input; } /** * An origin in an origin group. */ interface DistributionOriginGroupMemberArgs { /** * The ID for an origin in an origin group. */ originId: pulumi.Input; } /** * A complex data type for the origins included in an origin group. */ interface DistributionOriginGroupMembersArgs { /** * Items (origins) in an origin group. */ items: pulumi.Input[]>; /** * The number of origins in an origin group. */ quantity: pulumi.Input; } /** * A complex data type for the origin groups specified for a distribution. */ interface DistributionOriginGroupsArgs { /** * The items (origin groups) in a distribution. */ items?: pulumi.Input[]>; /** * The number of origin groups. */ quantity: pulumi.Input; } /** * Configures mutual TLS authentication between CloudFront and your origin server. */ interface DistributionOriginMtlsConfigArgs { /** * The Amazon Resource Name (ARN) of the client certificate stored in AWS Certificate Manager (ACM) that CloudFront uses to authenticate with your origin using Mutual TLS. */ clientCertificateArn: pulumi.Input; } /** * CloudFront Origin Shield. * Using Origin Shield can help reduce the load on your origin. For more information, see [Using Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionOriginShieldArgs { /** * A flag that specifies whether Origin Shield is enabled. * When it's enabled, CloudFront routes all requests through Origin Shield, which can help protect your origin. When it's disabled, CloudFront might send requests directly to your origin from multiple edge locations or regional edge caches. */ enabled?: pulumi.Input; /** * The AWS-Region for Origin Shield. * Specify the AWS-Region that has the lowest latency to your origin. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as ``us-east-2``. * When you enable CloudFront Origin Shield, you must specify the AWS-Region for Origin Shield. For the list of AWS-Regions that you can specify, and for help choosing the best Region for your origin, see [Choosing the for Origin Shield](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html#choose-origin-shield-region) in the *Amazon CloudFront Developer Guide*. */ originShieldRegion?: pulumi.Input; } /** * A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution. */ interface DistributionParameterDefinitionArgs { /** * The value that you assigned to the parameter. */ definition: pulumi.Input; /** * The name of the parameter. */ name: pulumi.Input; } /** * The value that you assigned to the parameter. */ interface DistributionParameterDefinitionDefinitionPropertiesArgs { stringSchema?: pulumi.Input; } interface DistributionParameterDefinitionDefinitionPropertiesStringSchemaPropertiesArgs { comment?: pulumi.Input; defaultValue?: pulumi.Input; required: pulumi.Input; } /** * A complex type that identifies ways in which you want to restrict distribution of your content. */ interface DistributionRestrictionsArgs { /** * A complex type that controls the countries in which your content is distributed. CF determines the location of your users using ``MaxMind`` GeoIP databases. To disable geo restriction, remove the [Restrictions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-restrictions) property from your stack template. */ geoRestriction: pulumi.Input; } /** * A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the ``CustomOriginConfig`` element instead. */ interface DistributionS3OriginConfigArgs { /** * If you're using origin access control (OAC) instead of origin access identity, specify an empty ``OriginAccessIdentity`` element. For more information, see [Restricting access to an](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide*. * The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that viewers can *only* access objects in an Amazon S3 bucket through CloudFront. The format of the value is: * ``origin-access-identity/cloudfront/ID-of-origin-access-identity`` * The ``ID-of-origin-access-identity`` is the value that CloudFront returned in the ``ID`` element when you created the origin access identity. * If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty ``OriginAccessIdentity`` element. * To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty ``OriginAccessIdentity`` element. * To replace the origin access identity, update the distribution configuration and specify the new origin access identity. * For more information about the origin access identity, see [Serving Private Content through CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) in the *Amazon CloudFront Developer Guide*. */ originAccessIdentity?: pulumi.Input; /** * Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds. * For more information, see [Response timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*. */ originReadTimeout?: pulumi.Input; } /** * A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin. */ interface DistributionStatusCodesArgs { /** * The items (status codes) for an origin group. */ items: pulumi.Input[]>; /** * The number of status codes. */ quantity: pulumi.Input; } /** * The ACMlong (ACM) certificate associated with your distribution. */ interface DistributionTenantCertificateArgs { /** * The Amazon Resource Name (ARN) of the ACM certificate. */ arn?: pulumi.Input; } /** * Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant. */ interface DistributionTenantCustomizationsArgs { /** * The ACMlong (ACM) certificate. */ certificate?: pulumi.Input; /** * The geographic restrictions. */ geoRestrictions?: pulumi.Input; /** * The WAF web ACL. */ webAcl?: pulumi.Input; } /** * The customizations that you specified for the distribution tenant for geographic restrictions. */ interface DistributionTenantGeoRestrictionCustomizationArgs { /** * The locations for geographic restrictions. */ locations?: pulumi.Input[]>; /** * The method that you want to use to restrict distribution of your content by country: * + ``none``: No geographic restriction is enabled, meaning access to content is not restricted by client geo location. * + ``blacklist``: The ``Location`` elements specify the countries in which you don't want CloudFront to distribute your content. * + ``whitelist``: The ``Location`` elements specify the countries in which you want CloudFront to distribute your content. */ restrictionType?: pulumi.Input; } /** * An object that represents the request for the Amazon CloudFront managed ACM certificate. */ interface DistributionTenantManagedCertificateRequestArgs { /** * You can opt out of certificate transparency logging by specifying the ``disabled`` option. Opt in by specifying ``enabled``. For more information, see [Certificate Transparency Logging](https://docs.aws.amazon.com/acm/latest/userguide/acm-concepts.html#concept-transparency) in the *User Guide*. */ certificateTransparencyLoggingPreference?: pulumi.Input; /** * The primary domain name associated with the CloudFront managed ACM certificate. */ primaryDomainName?: pulumi.Input; /** * Specify how the HTTP validation token will be served when requesting the CloudFront managed ACM certificate. * + For ``cloudfront``, CloudFront will automatically serve the validation token. Choose this mode if you can point the domain's DNS to CloudFront immediately. * + For ``self-hosted``, you serve the validation token from your existing infrastructure. Choose this mode when you need to maintain current traffic flow while your certificate is being issued. You can place the validation token at the well-known path on your existing web server, wait for ACM to validate and issue the certificate, and then update your DNS to point to CloudFront. */ validationTokenHost?: pulumi.Input; } /** * A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution. */ interface DistributionTenantParameterArgs { /** * The parameter name. */ name?: pulumi.Input; /** * The parameter value. */ value?: pulumi.Input; } /** * The WAF web ACL customization specified for the distribution tenant. */ interface DistributionTenantWebAclCustomizationArgs { /** * The action for the WAF web ACL customization. You can specify ``override`` to specify a separate WAF web ACL for the distribution tenant. If you specify ``disable``, the distribution tenant won't have WAF web ACL protections and won't inherit from the multi-tenant distribution. */ action?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the WAF web ACL. */ arn?: pulumi.Input; } /** * A trust store configuration. */ interface DistributionTrustStoreConfigArgs { /** * The configuration to use to advertise trust store CA names. */ advertiseTrustStoreCaNames?: pulumi.Input; /** * The configuration to use to ignore certificate expiration. */ ignoreCertificateExpiry?: pulumi.Input; /** * The trust store ID. */ trustStoreId: pulumi.Input; } /** * A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. * If the distribution doesn't use ``Aliases`` (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``—set ``CloudFrontDefaultCertificate`` to ``true`` and leave all other fields empty. * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), use the fields in this type to specify the following settings: * + Which viewers the distribution accepts HTTPS connections from: only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication) (recommended), or all viewers including those that don't support SNI. * + To accept HTTPS connections from only viewers that support SNI, set ``SSLSupportMethod`` to ``sni-only``. This is recommended. Most browsers and clients support SNI. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) * + To accept HTTPS connections from all viewers, including those that don't support SNI, set ``SSLSupportMethod`` to ``vip``. This is not recommended, and results in additional monthly charges from CloudFront. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) * * + The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. To specify a minimum version, choose a value for ``MinimumProtocolVersion``. For more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) in the *Amazon CloudFront Developer Guide*. * + The location of the SSL/TLS certificate, [(ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html) (recommended) or [(IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html). You specify the location by setting a value in one of the following fields (not both): * + ``ACMCertificateArn`` (In CloudFormation, this field name is ``AcmCertificateArn``. Note the different capitalization.) * + ``IAMCertificateId`` (In CloudFormation, this field name is ``IamCertificateId``. Note the different capitalization.) * * * All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use ``ViewerProtocolPolicy`` in the ``CacheBehavior`` or ``DefaultCacheBehavior``. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, use ``CustomOriginConfig``. * For more information, see [Using HTTPS with CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html) and [Using Alternate Domain Names and HTTPS](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-alternate-domain-names.html) in the *Amazon CloudFront Developer Guide*. */ interface DistributionViewerCertificateArgs { /** * In CloudFormation, this field name is ``AcmCertificateArn``. Note the different capitalization. * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(ACM)](https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html), provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (``us-east-1``). * If you specify an ACM certificate ARN, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) */ acmCertificateArn?: pulumi.Input; /** * If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``, set this field to ``true``. * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), omit this field and specify values for the following fields: * + ``AcmCertificateArn`` or ``IamCertificateId`` (specify a value for one, not both) * + ``MinimumProtocolVersion`` * + ``SslSupportMethod`` */ cloudFrontDefaultCertificate?: pulumi.Input; /** * This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see [Unsupported features for SaaS Manager for Amazon CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-config-options.html#unsupported-saas) in the *Amazon CloudFront Developer Guide*. * In CloudFormation, this field name is ``IamCertificateId``. Note the different capitalization. * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in [(IAM)](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html), provide the ID of the IAM certificate. * If you specify an IAM certificate ID, you must also specify values for ``MinimumProtocolVersion`` and ``SSLSupportMethod``. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) */ iamCertificateId?: pulumi.Input; /** * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings: * + The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers. * + The ciphers that CloudFront can use to encrypt the content that it returns to viewers. * * For more information, see [Security Policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy) and [Supported Protocols and Ciphers Between Viewers and CloudFront](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers) in the *Amazon CloudFront Developer Guide*. * On the CloudFront console, this setting is called *Security Policy*. * When you're using SNI only (you set ``SSLSupportMethod`` to ``sni-only``), you must specify ``TLSv1`` or higher. (In CloudFormation, the field name is ``SslSupportMethod``. Note the different capitalization.) * If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net`` (you set ``CloudFrontDefaultCertificate`` to ``true``), CloudFront automatically sets the security policy to ``TLSv1`` regardless of the value that you set here. */ minimumProtocolVersion?: pulumi.Input; /** * In CloudFormation, this field name is ``SslSupportMethod``. Note the different capitalization. * If the distribution uses ``Aliases`` (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from. * + ``sni-only`` – The distribution accepts HTTPS connections from only viewers that support [server name indication (SNI)](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Server_Name_Indication). This is recommended. Most browsers and clients support SNI. * + ``vip`` – The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront. * + ``static-ip`` - Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the [Center](https://docs.aws.amazon.com/support/home). * * If the distribution uses the CloudFront domain name such as ``d111111abcdef8.cloudfront.net``, don't set a value for this field. */ sslSupportMethod?: pulumi.Input; } /** * A viewer mTLS configuration. */ interface DistributionViewerMtlsConfigArgs { /** * The viewer mTLS mode. */ mode?: pulumi.Input; /** * The trust store configuration associated with the viewer mTLS configuration. */ trustStoreConfig?: pulumi.Input; } /** * An Amazon CloudFront VPC origin configuration. */ interface DistributionVpcOriginConfigArgs { /** * Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 5 seconds. * For more information, see [Keep-alive timeout (custom origins only)](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginKeepaliveTimeout) in the *Amazon CloudFront Developer Guide*. */ originKeepaliveTimeout?: pulumi.Input; /** * Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known as the *origin response timeout*. The minimum timeout is 1 second, the maximum is 120 seconds, and the default (if you don't specify otherwise) is 30 seconds. * For more information, see [Response timeout](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginResponseTimeout) in the *Amazon CloudFront Developer Guide*. */ originReadTimeout?: pulumi.Input; /** * The account ID of the AWS-account that owns the VPC origin. */ ownerAccountId?: pulumi.Input; /** * The VPC origin ID. */ vpcOriginId: pulumi.Input; } /** * Contains configuration information about a CloudFront function. */ interface FunctionConfigArgs { /** * A comment to describe the function. */ comment: pulumi.Input; /** * The configuration for the key value store associations. */ keyValueStoreAssociations?: pulumi.Input[]>; /** * The function's runtime environment version. */ runtime: pulumi.Input; } /** * The key value store association. */ interface FunctionKeyValueStoreAssociationArgs { /** * The Amazon Resource Name (ARN) of the key value store association. */ keyValueStoreArn: pulumi.Input; } /** * Contains metadata about a CloudFront function. */ interface FunctionMetadataArgs { /** * The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function. */ functionArn?: pulumi.Input; } /** * A key group configuration. * A key group contains a list of public keys that you can use with [CloudFront signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html). */ interface KeyGroupConfigArgs { /** * A comment to describe the key group. The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * A list of the identifiers of the public keys in the key group. */ items: pulumi.Input[]>; /** * A name to identify the key group. */ name: pulumi.Input; } /** * The import source for the key value store. */ interface KeyValueStoreImportSourceArgs { /** * The Amazon Resource Name (ARN) of the import source for the key value store. */ sourceArn: pulumi.Input; /** * The source type of the import source for the key value store. */ sourceType: pulumi.Input; } /** * A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution. */ interface MonitoringSubscriptionArgs { /** * A subscription configuration for additional CloudWatch metrics. */ realtimeMetricsSubscriptionConfig?: pulumi.Input; } /** * A subscription configuration for additional CloudWatch metrics. */ interface MonitoringSubscriptionRealtimeMetricsSubscriptionConfigArgs { /** * A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFront distribution. */ realtimeMetricsSubscriptionStatus: pulumi.Input; } /** * Creates a new origin access control in CloudFront. After you create an origin access control, you can add it to an origin in a CloudFront distribution so that CloudFront sends authenticated (signed) requests to the origin. * This makes it possible to block public access to the origin, allowing viewers (users) to access the origin's content only through CloudFront. * For more information about using a CloudFront origin access control, see [Restricting access to an origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide*. */ interface OriginAccessControlConfigArgs { /** * A description of the origin access control. */ description?: pulumi.Input; /** * A name to identify the origin access control. You can specify up to 64 characters. */ name: pulumi.Input; /** * The type of origin that this origin access control is for. */ originAccessControlOriginType: pulumi.Input; /** * Specifies which requests CloudFront signs (adds authentication information to). Specify ``always`` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide*. * This field can have one of the following values: * + ``always`` – CloudFront signs all origin requests, overwriting the ``Authorization`` header from the viewer request if one exists. * + ``never`` – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control. * + ``no-override`` – If the viewer request doesn't contain the ``Authorization`` header, then CloudFront signs the origin request. If the viewer request contains the ``Authorization`` header, then CloudFront doesn't sign the origin request and instead passes along the ``Authorization`` header from the viewer request. *WARNING: To pass along the Authorization header from the viewer request, you must add the Authorization header to a cache policy for all cache behaviors that use origins associated with this origin access control.* */ signingBehavior: pulumi.Input; /** * The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is ``sigv4``. */ signingProtocol: pulumi.Input; } /** * An origin request policy configuration. * This configuration determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following: * + The request body and the URL path (without the domain name) from the viewer request. * + The headers that CloudFront automatically includes in every origin request, including ``Host``, ``User-Agent``, and ``X-Amz-Cf-Id``. * + All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront. * * CloudFront sends a request when it can't find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use ``CachePolicy``. */ interface OriginRequestPolicyConfigArgs { /** * A comment to describe the origin request policy. The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * The cookies from viewer requests to include in origin requests. */ cookiesConfig: pulumi.Input; /** * The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront. */ headersConfig: pulumi.Input; /** * A unique name to identify the origin request policy. */ name: pulumi.Input; /** * The URL query strings from viewer requests to include in origin requests. */ queryStringsConfig: pulumi.Input; } /** * An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin. */ interface OriginRequestPolicyCookiesConfigArgs { /** * Determines whether cookies in viewer requests are included in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No cookies in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any cookies that are listed in a ``CachePolicy``*are* included in origin requests. * + ``whitelist`` – Only the cookies in viewer requests that are listed in the ``CookieNames`` type are included in requests that CloudFront sends to the origin. * + ``all`` – All cookies in viewer requests are included in requests that CloudFront sends to the origin. * + ``allExcept`` – All cookies in viewer requests are included in requests that CloudFront sends to the origin, *except* for those listed in the ``CookieNames`` type, which are not included. */ cookieBehavior: pulumi.Input; /** * Contains a list of cookie names. */ cookies?: pulumi.Input[]>; } /** * An object that determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin. */ interface OriginRequestPolicyHeadersConfigArgs { /** * Determines whether any HTTP headers are included in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any headers that are listed in a ``CachePolicy``*are* included in origin requests. * + ``whitelist`` – Only the HTTP headers that are listed in the ``Headers`` type are included in requests that CloudFront sends to the origin. * + ``allViewer`` – All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. * + ``allViewerAndWhitelistCloudFront`` – All HTTP headers in viewer requests and the additional CloudFront headers that are listed in the ``Headers`` type are included in requests that CloudFront sends to the origin. The additional headers are added by CloudFront. * + ``allExcept`` – All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin, *except* for those listed in the ``Headers`` type, which are not included. */ headerBehavior: pulumi.Input; /** * Contains a list of HTTP header names. */ headers?: pulumi.Input[]>; } /** * An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin. */ interface OriginRequestPolicyQueryStringsConfigArgs { /** * Determines whether any URL query strings in viewer requests are included in requests that CloudFront sends to the origin. Valid values are: * + ``none`` – No query strings in viewer requests are included in requests that CloudFront sends to the origin. Even when this field is set to ``none``, any query strings that are listed in a ``CachePolicy``*are* included in origin requests. * + ``whitelist`` – Only the query strings in viewer requests that are listed in the ``QueryStringNames`` type are included in requests that CloudFront sends to the origin. * + ``all`` – All query strings in viewer requests are included in requests that CloudFront sends to the origin. * + ``allExcept`` – All query strings in viewer requests are included in requests that CloudFront sends to the origin, *except* for those listed in the ``QueryStringNames`` type, which are not included. */ queryStringBehavior: pulumi.Input; /** * Contains a list of query string names. */ queryStrings?: pulumi.Input[]>; } /** * Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html), or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html). * CloudFront supports signed URLs and signed cookies with RSA 2048 or ECDSA 256 key signatures. Field-level encryption is only compatible with RSA 2048 key signatures. */ interface PublicKeyConfigArgs { /** * A string included in the request to help make sure that the request can't be replayed. */ callerReference: pulumi.Input; /** * A comment to describe the public key. The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * The public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html), or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html). */ encodedKey: pulumi.Input; /** * A name to help identify the public key. */ name: pulumi.Input; } /** * Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration. */ interface RealtimeLogConfigEndPointArgs { /** * Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration. */ kinesisStreamConfig: pulumi.Input; /** * The type of data stream where you are sending real-time log data. The only valid value is ``Kinesis``. */ streamType: pulumi.Input; } /** * Contains information about the Amazon Kinesis data stream where you are sending real-time log data. */ interface RealtimeLogConfigKinesisStreamConfigArgs { /** * The Amazon Resource Name (ARN) of an IAMlong (IAM) role that CloudFront can use to send real-time log data to your Kinesis data stream. * For more information the IAM role, see [Real-time log configuration IAM role](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role) in the *Amazon CloudFront Developer Guide*. */ roleArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time log data. */ streamArn: pulumi.Input; } /** * A list of HTTP header names that CloudFront includes as values for the ``Access-Control-Allow-Headers`` HTTP response header. * For more information about the ``Access-Control-Allow-Headers`` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs. */ interface ResponseHeadersPolicyAccessControlAllowHeadersArgs { /** * The list of HTTP header names. You can specify ``*`` to allow all headers. */ items: pulumi.Input[]>; } /** * A list of HTTP methods that CloudFront includes as values for the ``Access-Control-Allow-Methods`` HTTP response header. * For more information about the ``Access-Control-Allow-Methods`` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs. */ interface ResponseHeadersPolicyAccessControlAllowMethodsArgs { /** * The list of HTTP methods. Valid values are: * + ``GET`` * + ``DELETE`` * + ``HEAD`` * + ``OPTIONS`` * + ``PATCH`` * + ``POST`` * + ``PUT`` * + ``ALL`` * * ``ALL`` is a special value that includes all of the listed HTTP methods. */ items: pulumi.Input[]>; } /** * A list of origins (domain names) that CloudFront can use as the value for the ``Access-Control-Allow-Origin`` HTTP response header. * For more information about the ``Access-Control-Allow-Origin`` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs. */ interface ResponseHeadersPolicyAccessControlAllowOriginsArgs { /** * The list of origins (domain names). You can specify ``*`` to allow all origins. */ items: pulumi.Input[]>; } /** * A list of HTTP headers that CloudFront includes as values for the ``Access-Control-Expose-Headers`` HTTP response header. * For more information about the ``Access-Control-Expose-Headers`` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs. */ interface ResponseHeadersPolicyAccessControlExposeHeadersArgs { /** * The list of HTTP headers. You can specify ``*`` to expose all headers. */ items: pulumi.Input[]>; } /** * A response headers policy configuration. * A response headers policy configuration contains metadata about the response headers policy, and configurations for sets of HTTP response headers. */ interface ResponseHeadersPolicyConfigArgs { /** * A comment to describe the response headers policy. * The comment cannot be longer than 128 characters. */ comment?: pulumi.Input; /** * A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). */ corsConfig?: pulumi.Input; /** * A configuration for a set of custom HTTP response headers. */ customHeadersConfig?: pulumi.Input; /** * A name to identify the response headers policy. * The name must be unique for response headers policies in this AWS-account. */ name: pulumi.Input; /** * A configuration for a set of HTTP headers to remove from the HTTP response. */ removeHeadersConfig?: pulumi.Input; /** * A configuration for a set of security-related HTTP response headers. */ securityHeadersConfig?: pulumi.Input; /** * A configuration for enabling the ``Server-Timing`` header in HTTP responses sent from CloudFront. */ serverTimingHeadersConfig?: pulumi.Input; } /** * The policy directives and their values that CloudFront includes as values for the ``Content-Security-Policy`` HTTP response header. * For more information about the ``Content-Security-Policy`` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs. */ interface ResponseHeadersPolicyContentSecurityPolicyArgs { /** * The policy directives and their values that CloudFront includes as values for the ``Content-Security-Policy`` HTTP response header. * For more information about the ``Content-Security-Policy`` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs. */ contentSecurityPolicy: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides the ``Content-Security-Policy`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } /** * Determines whether CloudFront includes the ``X-Content-Type-Options`` HTTP response header with its value set to ``nosniff``. * For more information about the ``X-Content-Type-Options`` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs. */ interface ResponseHeadersPolicyContentTypeOptionsArgs { /** * A Boolean that determines whether CloudFront overrides the ``X-Content-Type-Options`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } /** * A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy. * For more information about CORS, see [Cross-Origin Resource Sharing (CORS)](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/CORS) in the MDN Web Docs. */ interface ResponseHeadersPolicyCorsConfigArgs { /** * A Boolean that CloudFront uses as the value for the ``Access-Control-Allow-Credentials`` HTTP response header. * For more information about the ``Access-Control-Allow-Credentials`` HTTP response header, see [Access-Control-Allow-Credentials](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Credentials) in the MDN Web Docs. */ accessControlAllowCredentials: pulumi.Input; /** * A list of HTTP header names that CloudFront includes as values for the ``Access-Control-Allow-Headers`` HTTP response header. * For more information about the ``Access-Control-Allow-Headers`` HTTP response header, see [Access-Control-Allow-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Headers) in the MDN Web Docs. */ accessControlAllowHeaders: pulumi.Input; /** * A list of HTTP methods that CloudFront includes as values for the ``Access-Control-Allow-Methods`` HTTP response header. * For more information about the ``Access-Control-Allow-Methods`` HTTP response header, see [Access-Control-Allow-Methods](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Methods) in the MDN Web Docs. */ accessControlAllowMethods: pulumi.Input; /** * A list of origins (domain names) that CloudFront can use as the value for the ``Access-Control-Allow-Origin`` HTTP response header. * For more information about the ``Access-Control-Allow-Origin`` HTTP response header, see [Access-Control-Allow-Origin](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Allow-Origin) in the MDN Web Docs. */ accessControlAllowOrigins: pulumi.Input; /** * A list of HTTP headers that CloudFront includes as values for the ``Access-Control-Expose-Headers`` HTTP response header. * For more information about the ``Access-Control-Expose-Headers`` HTTP response header, see [Access-Control-Expose-Headers](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Expose-Headers) in the MDN Web Docs. */ accessControlExposeHeaders?: pulumi.Input; /** * A number that CloudFront uses as the value for the ``Access-Control-Max-Age`` HTTP response header. * For more information about the ``Access-Control-Max-Age`` HTTP response header, see [Access-Control-Max-Age](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Access-Control-Max-Age) in the MDN Web Docs. */ accessControlMaxAgeSec?: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy. */ originOverride: pulumi.Input; } /** * An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy. */ interface ResponseHeadersPolicyCustomHeaderArgs { /** * The HTTP response header name. */ header: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here. */ override: pulumi.Input; /** * The value for the HTTP response header. */ value: pulumi.Input; } /** * A list of HTTP response header names and their values. CloudFront includes these headers in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy. */ interface ResponseHeadersPolicyCustomHeadersConfigArgs { /** * The list of HTTP response headers and their values. */ items: pulumi.Input[]>; } /** * Determines whether CloudFront includes the ``X-Frame-Options`` HTTP response header and the header's value. * For more information about the ``X-Frame-Options`` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs. */ interface ResponseHeadersPolicyFrameOptionsArgs { /** * The value of the ``X-Frame-Options`` HTTP response header. Valid values are ``DENY`` and ``SAMEORIGIN``. * For more information about these values, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs. */ frameOption: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides the ``X-Frame-Options`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; } /** * Determines whether CloudFront includes the ``Referrer-Policy`` HTTP response header and the header's value. * For more information about the ``Referrer-Policy`` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs. */ interface ResponseHeadersPolicyReferrerPolicyArgs { /** * A Boolean that determines whether CloudFront overrides the ``Referrer-Policy`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * Determines whether CloudFront includes the ``Referrer-Policy`` HTTP response header and the header's value. * For more information about the ``Referrer-Policy`` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs. */ referrerPolicy: pulumi.Input; } /** * The name of an HTTP header that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to. */ interface ResponseHeadersPolicyRemoveHeaderArgs { /** * The HTTP header name. */ header: pulumi.Input; } /** * A list of HTTP header names that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to. */ interface ResponseHeadersPolicyRemoveHeadersConfigArgs { /** * The list of HTTP header names. */ items: pulumi.Input[]>; } /** * A configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy. */ interface ResponseHeadersPolicySecurityHeadersConfigArgs { /** * The policy directives and their values that CloudFront includes as values for the ``Content-Security-Policy`` HTTP response header. * For more information about the ``Content-Security-Policy`` HTTP response header, see [Content-Security-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Content-Security-Policy) in the MDN Web Docs. */ contentSecurityPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the ``X-Content-Type-Options`` HTTP response header with its value set to ``nosniff``. * For more information about the ``X-Content-Type-Options`` HTTP response header, see [X-Content-Type-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Content-Type-Options) in the MDN Web Docs. */ contentTypeOptions?: pulumi.Input; /** * Determines whether CloudFront includes the ``X-Frame-Options`` HTTP response header and the header's value. * For more information about the ``X-Frame-Options`` HTTP response header, see [X-Frame-Options](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-Frame-Options) in the MDN Web Docs. */ frameOptions?: pulumi.Input; /** * Determines whether CloudFront includes the ``Referrer-Policy`` HTTP response header and the header's value. * For more information about the ``Referrer-Policy`` HTTP response header, see [Referrer-Policy](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Referrer-Policy) in the MDN Web Docs. */ referrerPolicy?: pulumi.Input; /** * Determines whether CloudFront includes the ``Strict-Transport-Security`` HTTP response header and the header's value. * For more information about the ``Strict-Transport-Security`` HTTP response header, see [Security headers](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/understanding-response-headers-policies.html#understanding-response-headers-policies-security) in the *Amazon CloudFront Developer Guide* and [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs. */ strictTransportSecurity?: pulumi.Input; /** * Determines whether CloudFront includes the ``X-XSS-Protection`` HTTP response header and the header's value. * For more information about the ``X-XSS-Protection`` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs. */ xssProtection?: pulumi.Input; } /** * A configuration for enabling the ``Server-Timing`` header in HTTP responses sent from CloudFront. */ interface ResponseHeadersPolicyServerTimingHeadersConfigArgs { /** * A Boolean that determines whether CloudFront adds the ``Server-Timing`` header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy. */ enabled: pulumi.Input; /** * A number 0–100 (inclusive) that specifies the percentage of responses that you want CloudFront to add the ``Server-Timing`` header to. When you set the sampling rate to 100, CloudFront adds the ``Server-Timing`` header to the HTTP response for every request that matches the cache behavior that this response headers policy is attached to. When you set it to 50, CloudFront adds the header to 50% of the responses for requests that match the cache behavior. You can set the sampling rate to any number 0–100 with up to four decimal places. */ samplingRate?: pulumi.Input; } /** * Determines whether CloudFront includes the ``Strict-Transport-Security`` HTTP response header and the header's value. * For more information about the ``Strict-Transport-Security`` HTTP response header, see [Strict-Transport-Security](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/Strict-Transport-Security) in the MDN Web Docs. */ interface ResponseHeadersPolicyStrictTransportSecurityArgs { /** * A number that CloudFront uses as the value for the ``max-age`` directive in the ``Strict-Transport-Security`` HTTP response header. */ accessControlMaxAgeSec: pulumi.Input; /** * A Boolean that determines whether CloudFront includes the ``includeSubDomains`` directive in the ``Strict-Transport-Security`` HTTP response header. */ includeSubdomains?: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides the ``Strict-Transport-Security`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * A Boolean that determines whether CloudFront includes the ``preload`` directive in the ``Strict-Transport-Security`` HTTP response header. */ preload?: pulumi.Input; } /** * Determines whether CloudFront includes the ``X-XSS-Protection`` HTTP response header and the header's value. * For more information about the ``X-XSS-Protection`` HTTP response header, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs. */ interface ResponseHeadersPolicyXssProtectionArgs { /** * A Boolean that determines whether CloudFront includes the ``mode=block`` directive in the ``X-XSS-Protection`` header. * For more information about this directive, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs. */ modeBlock?: pulumi.Input; /** * A Boolean that determines whether CloudFront overrides the ``X-XSS-Protection`` HTTP response header received from the origin with the one specified in this response headers policy. */ override: pulumi.Input; /** * A Boolean that determines the value of the ``X-XSS-Protection`` HTTP response header. When this setting is ``true``, the value of the ``X-XSS-Protection`` header is ``1``. When this setting is ``false``, the value of the ``X-XSS-Protection`` header is ``0``. * For more information about these settings, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs. */ protection: pulumi.Input; /** * A reporting URI, which CloudFront uses as the value of the ``report`` directive in the ``X-XSS-Protection`` header. * You cannot specify a ``ReportUri`` when ``ModeBlock`` is ``true``. * For more information about using a reporting URL, see [X-XSS-Protection](https://docs.aws.amazon.com/https://developer.mozilla.org/en-US/docs/Web/HTTP/Headers/X-XSS-Protection) in the MDN Web Docs. */ reportUri?: pulumi.Input; } /** * The CA certificates bundle location in Amazon S3. */ interface TrustStoreCaCertificatesBundleS3LocationArgs { /** * The S3 bucket. */ bucket: pulumi.Input; /** * The location's key. */ key: pulumi.Input; /** * The location's Region. */ region: pulumi.Input; /** * The location's version. */ version?: pulumi.Input; } /** * A CA certificates bundle source. */ interface TrustStoreCaCertificatesBundleSourceArgs { /** * The CA certificates bundle location in Amazon S3. */ caCertificatesBundleS3Location: pulumi.Input; } /** * An Amazon CloudFront VPC origin endpoint configuration. */ interface VpcOriginEndpointConfigArgs { /** * The ARN of the CloudFront VPC origin endpoint configuration. */ arn: pulumi.Input; /** * The HTTP port for the CloudFront VPC origin endpoint configuration. The default value is ``80``. */ httpPort?: pulumi.Input; /** * The HTTPS port of the CloudFront VPC origin endpoint configuration. The default value is ``443``. */ httpsPort?: pulumi.Input; /** * The name of the CloudFront VPC origin endpoint configuration. */ name: pulumi.Input; /** * The origin protocol policy for the CloudFront VPC origin endpoint configuration. */ originProtocolPolicy?: pulumi.Input; /** * Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin over HTTPS. Valid values include ``SSLv3``, ``TLSv1``, ``TLSv1.1``, and ``TLSv1.2``. * For more information, see [Minimum Origin SSL Protocol](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DownloadDistValuesOrigin.html#DownloadDistValuesOriginSSLProtocols) in the *Amazon CloudFront Developer Guide*. */ originSslProtocols?: pulumi.Input[]>; } } export declare namespace cloudtrail { /** * The resource that receives events arriving from a channel. */ interface ChannelDestinationArgs { /** * The ARN of a resource that receives events from a channel. */ location: pulumi.Input; /** * The type of destination for events arriving from a channel. */ type: pulumi.Input; } /** * Configures the automatic refresh schedule for the dashboard. Includes the frequency unit (DAYS or HOURS) and value, as well as the status (ENABLED or DISABLED) of the refresh schedule. */ interface DashboardRefreshScheduleArgs { /** * The frequency at which you want the dashboard refreshed. */ frequency?: pulumi.Input; /** * The status of the schedule. Supported values are ENABLED and DISABLED. */ status?: pulumi.Input; /** * StartTime of the automatic schedule refresh. */ timeOfDay?: pulumi.Input; } /** * The frequency at which you want the dashboard refreshed. */ interface DashboardRefreshScheduleFrequencyPropertiesArgs { /** * The frequency unit. Supported values are HOURS and DAYS. */ unit: pulumi.Input; /** * The frequency value. */ value: pulumi.Input; } /** * The dashboard widget */ interface DashboardWidgetArgs { /** * The placeholder keys in the QueryStatement. For example: $StartTime$, $EndTime$, $Period$. */ queryParameters?: pulumi.Input[]>; /** * The SQL query statement on one or more event data stores. */ queryStatement: pulumi.Input; /** * The view properties of the widget. */ viewProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you. */ interface EventDataStoreAdvancedEventSelectorArgs { /** * Contains all selector statements in an advanced event selector. */ fieldSelectors: pulumi.Input[]>; /** * An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets". */ name?: pulumi.Input; } /** * A single selector statement in an advanced event selector. */ interface EventDataStoreAdvancedFieldSelectorArgs { /** * An operator that includes events that match the last few characters of the event record field specified as the value of Field. */ endsWith?: pulumi.Input[]>; /** * An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields. */ equals?: pulumi.Input[]>; /** * A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN. */ field: pulumi.Input; /** * An operator that excludes events that match the last few characters of the event record field specified as the value of Field. */ notEndsWith?: pulumi.Input[]>; /** * An operator that excludes events that match the exact value of the event record field specified as the value of Field. */ notEquals?: pulumi.Input[]>; /** * An operator that excludes events that match the first few characters of the event record field specified as the value of Field. */ notStartsWith?: pulumi.Input[]>; /** * An operator that includes events that match the first few characters of the event record field specified as the value of Field. */ startsWith?: pulumi.Input[]>; } /** * An object that contains information types to be included in CloudTrail enriched events. */ interface EventDataStoreContextKeySelectorArgs { /** * An operator that includes events that match the exact value of the event record field specified in Type. */ equals: pulumi.Input[]>; /** * Specifies the type of the event record field in ContextKeySelector. Valid values include RequestContext, TagContext. */ type: pulumi.Input; } /** * A string that contains Insights types that are logged on an event data store. */ interface EventDataStoreInsightSelectorArgs { /** * The type of Insights to log on an event data store. */ insightType?: pulumi.Input; } /** * Advanced event selectors let you create fine-grained selectors for the following AWS CloudTrail event record fields. They help you control costs by logging only those events that are important to you. */ interface TrailAdvancedEventSelectorArgs { /** * Contains all selector statements in an advanced event selector. */ fieldSelectors: pulumi.Input[]>; /** * An optional, descriptive name for an advanced event selector, such as "Log data events for only two S3 buckets". */ name?: pulumi.Input; } /** * A single selector statement in an advanced event selector. */ interface TrailAdvancedFieldSelectorArgs { /** * An operator that includes events that match the last few characters of the event record field specified as the value of Field. */ endsWith?: pulumi.Input[]>; /** * An operator that includes events that match the exact value of the event record field specified as the value of Field. This is the only valid operator that you can use with the readOnly, eventCategory, and resources.type fields. */ equals?: pulumi.Input[]>; /** * A field in an event record on which to filter events to be logged. Supported fields include readOnly, eventCategory, eventSource (for management events), eventName, resources.type, and resources.ARN. */ field: pulumi.Input; /** * An operator that excludes events that match the last few characters of the event record field specified as the value of Field. */ notEndsWith?: pulumi.Input[]>; /** * An operator that excludes events that match the exact value of the event record field specified as the value of Field. */ notEquals?: pulumi.Input[]>; /** * An operator that excludes events that match the first few characters of the event record field specified as the value of Field. */ notStartsWith?: pulumi.Input[]>; /** * An operator that includes events that match the first few characters of the event record field specified as the value of Field. */ startsWith?: pulumi.Input[]>; } /** * Configure to add aggregation rules to aggregate CloudTrail Events. */ interface TrailAggregationConfigurationArgs { /** * The category of events to be aggregated. */ eventCategory: pulumi.Input; /** * Contains all templates in an aggregation configuration. */ templates: pulumi.Input[]>; } /** * CloudTrail supports data event logging for Amazon S3 objects and AWS Lambda functions. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events. */ interface TrailDataResourceArgs { /** * The resource type in which you want to log data events. You can specify AWS::S3::Object or AWS::Lambda::Function resources. */ type: pulumi.Input; /** * An array of Amazon Resource Name (ARN) strings or partial ARN strings for the specified objects. */ values?: pulumi.Input[]>; } /** * The type of email sending events to publish to the event destination. */ interface TrailEventSelectorArgs { /** * CloudTrail supports data event logging for Amazon S3 objects in standard S3 buckets, AWS Lambda functions, and Amazon DynamoDB tables with basic event selectors. You can specify up to 250 resources for an individual event selector, but the total number of data resources cannot exceed 250 across all event selectors in a trail. This limit does not apply if you configure resource logging for all data events. * * For more information, see [Data Events](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/logging-data-events-with-cloudtrail.html) and [Limits in AWS CloudTrail](https://docs.aws.amazon.com/awscloudtrail/latest/userguide/WhatIsCloudTrail-Limits.html) in the *AWS CloudTrail User Guide* . * * > To log data events for all other resource types including objects stored in [directory buckets](https://docs.aws.amazon.com/AmazonS3/latest/userguide/directory-buckets-overview.html) , you must use [AdvancedEventSelectors](https://docs.aws.amazon.com/awscloudtrail/latest/APIReference/API_AdvancedEventSelector.html) . You must also use `AdvancedEventSelectors` if you want to filter on the `eventName` field. */ dataResources?: pulumi.Input[]>; /** * An optional list of service event sources from which you do not want management events to be logged on your trail. In this release, the list can be empty (disables the filter), or it can filter out AWS Key Management Service events by containing "kms.amazonaws.com". By default, ExcludeManagementEventSources is empty, and AWS KMS events are included in events that are logged to your trail. */ excludeManagementEventSources?: pulumi.Input[]>; /** * Specify if you want your event selector to include management events for your trail. */ includeManagementEvents?: pulumi.Input; /** * Specify if you want your trail to log read-only events, write-only events, or all. For example, the EC2 GetConsoleOutput is a read-only API operation and RunInstances is a write-only API operation. */ readWriteType?: pulumi.Input; } /** * A string that contains insight types that are logged on a trail. */ interface TrailInsightSelectorArgs { /** * The categories of events for which to log insights. By default, insights are logged for management events only. */ eventCategories?: pulumi.Input[]>; /** * The type of insight to log on a trail. */ insightType?: pulumi.Input; } } export declare namespace cloudwatch { /** * Dimension is an embedded property of the ``AWS::CloudWatch::Alarm`` type. Dimensions are name/value pairs that can be associated with a CW metric. You can specify a maximum of 30 dimensions for a given metric. */ interface AlarmDimensionArgs { /** * The name of the dimension, from 1–255 characters in length. This dimension name must have been included when the metric was published. */ name: pulumi.Input; /** * The value for the dimension, from 1–255 characters in length. */ value: pulumi.Input; } interface AlarmEvaluationCriteriaArgs { promQlCriteria?: pulumi.Input; } /** * The ``Metric`` property type represents a specific metric. ``Metric`` is a property of the [MetricStat](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricstat.html) property type. */ interface AlarmMetricArgs { /** * The metric dimensions that you want to be used for the metric that the alarm will watch. */ dimensions?: pulumi.Input[]>; /** * The name of the metric that you want the alarm to watch. This is a required field. */ metricName?: pulumi.Input; /** * The namespace of the metric that the alarm will watch. */ namespace?: pulumi.Input; } /** * The ``MetricDataQuery`` property type specifies the metric data to return, and whether this call is just retrieving a batch set of data for one metric, or is performing a math expression on metric data. * Any expression used must return a single time series. For more information, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *User Guide*. */ interface AlarmMetricDataQueryArgs { /** * The ID of the account where the metrics are located, if this is a cross-account alarm. */ accountId?: pulumi.Input; /** * The math expression to be performed on the returned data, if this object is performing a math expression. This expression can use the ``Id`` of the other metrics to refer to those metrics, and can also use the ``Id`` of other expressions to use the result of those expressions. For more information about metric math expressions, see [Metric Math Syntax and Functions](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/using-metric-math.html#metric-math-syntax) in the *User Guide*. * Within each MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both. */ expression?: pulumi.Input; /** * A short name used to tie this object to the results in the response. This name must be unique within a single call to ``GetMetricData``. If you are performing math expressions on this set of data, this name represents that data and can serve as a variable in the mathematical expression. The valid characters are letters, numbers, and underscore. The first character must be a lowercase letter. */ id: pulumi.Input; /** * A human-readable label for this metric or expression. This is especially useful if this is an expression, so that you know what the value represents. If the metric or expression is shown in a CW dashboard widget, the label is shown. If ``Label`` is omitted, CW generates a default. */ label?: pulumi.Input; /** * The metric to be returned, along with statistics, period, and units. Use this parameter only if this object is retrieving a metric and not performing a math expression on returned data. * Within one MetricDataQuery object, you must specify either ``Expression`` or ``MetricStat`` but not both. */ metricStat?: pulumi.Input; /** * The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` operation that includes a ``StorageResolution of 1 second``. */ period?: pulumi.Input; /** * This option indicates whether to return the timestamps and raw data values of this metric. * When you create an alarm based on a metric math expression, specify ``True`` for this value for only the one math expression that the alarm is based on. You must specify ``False`` for ``ReturnData`` for all the other metrics and expressions used in the alarm. * This field is required. */ returnData?: pulumi.Input; } /** * This structure defines the metric to be returned, along with the statistics, period, and units. * ``MetricStat`` is a property of the [MetricDataQuery](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudwatch-alarm-metricdataquery.html) property type. */ interface AlarmMetricStatArgs { /** * The metric to return, including the metric name, namespace, and dimensions. */ metric: pulumi.Input; /** * The granularity, in seconds, of the returned data points. For metrics with regular resolution, a period can be as short as one minute (60 seconds) and must be a multiple of 60. For high-resolution metrics that are collected at intervals of less than one minute, the period can be 1, 5, 10, 20, 30, 60, or any multiple of 60. High-resolution metrics are those metrics stored by a ``PutMetricData`` call that includes a ``StorageResolution`` of 1 second. * If the ``StartTime`` parameter specifies a time stamp that is greater than 3 hours ago, you must specify the period as follows or no data points in that time range is returned: * + Start time between 3 hours and 15 days ago - Use a multiple of 60 seconds (1 minute). * + Start time between 15 and 63 days ago - Use a multiple of 300 seconds (5 minutes). * + Start time greater than 63 days ago - Use a multiple of 3600 seconds (1 hour). */ period: pulumi.Input; /** * The statistic to return. It can include any CW statistic or extended statistic. For a list of valid values, see the table in [Statistics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Statistic) in the *User Guide*. */ stat: pulumi.Input; /** * The unit to use for the returned data points. * Valid values are: Seconds, Microseconds, Milliseconds, Bytes, Kilobytes, Megabytes, Gigabytes, Terabytes, Bits, Kilobits, Megabits, Gigabits, Terabits, Percent, Count, Bytes/Second, Kilobytes/Second, Megabytes/Second, Gigabytes/Second, Terabytes/Second, Bits/Second, Kilobits/Second, Megabits/Second, Gigabits/Second, Terabits/Second, Count/Second, or None. */ unit?: pulumi.Input; } interface AlarmPromQlCriteriaArgs { /** * The pending period for the alarm. */ pendingPeriod?: pulumi.Input; /** * The PromQL query string. */ query?: pulumi.Input; /** * The recovery period for the alarm. */ recoveryPeriod?: pulumi.Input; } /** * This structure defines the metrics that will be streamed. */ interface MetricStreamFilterArgs { /** * Only metrics with MetricNames matching these values will be streamed. Must be set together with Namespace. */ metricNames?: pulumi.Input[]>; /** * Only metrics with Namespace matching this value will be streamed. */ namespace: pulumi.Input; } /** * This structure specifies a list of additional statistics to stream, and the metrics to stream those additional statistics for. All metrics that match the combination of metric name and namespace will be streamed with the extended statistics, no matter their dimensions. */ interface MetricStreamStatisticsConfigurationArgs { /** * The additional statistics to stream for the metrics listed in IncludeMetrics. */ additionalStatistics: pulumi.Input[]>; /** * An array that defines the metrics that are to have additional statistics streamed. */ includeMetrics: pulumi.Input[]>; } /** * A structure that specifies the metric name and namespace for one metric that is going to have additional statistics included in the stream. */ interface MetricStreamStatisticsMetricArgs { /** * The name of the metric. */ metricName: pulumi.Input; /** * The namespace of the metric. */ namespace: pulumi.Input; } /** * Targets to be muted */ interface MuteTargetsPropertiesArgs { /** * The alarm names to be mute by the AlarmMuteRule */ alarmNames: pulumi.Input[]>; } /** * The rule for the mute */ interface RulePropertiesArgs { /** * Schedule for the mute to be active */ schedule: pulumi.Input; } /** * Schedule for the mute to be active */ interface RulePropertiesSchedulePropertiesArgs { /** * The duration of the schedule when it triggers */ duration: pulumi.Input; /** * The expression of the schedule */ expression: pulumi.Input; /** * The timezone of the schedule */ timezone?: pulumi.Input; } } export declare namespace codeartifact { interface PackageGroupOriginConfigurationArgs { /** * The origin configuration that is applied to the package group. */ restrictions: pulumi.Input; } interface PackageGroupRestrictionTypeArgs { repositories?: pulumi.Input[]>; restrictionMode: pulumi.Input; } interface PackageGroupRestrictionsArgs { /** * The external upstream restriction determines if new package versions can be ingested or retained from external connections. */ externalUpstream?: pulumi.Input; /** * The internal upstream restriction determines if new package versions can be ingested or retained from upstream repositories. */ internalUpstream?: pulumi.Input; /** * The publish restriction determines if new package versions can be published. */ publish?: pulumi.Input; } } export declare namespace codebuild { interface FleetComputeConfigurationArgs { /** * The amount of disk space of the instance type included in your fleet. */ disk?: pulumi.Input; /** * The EC2 instance type to be launched in your fleet. */ instanceType?: pulumi.Input; /** * The machine type of the instance type included in your fleet. */ machineType?: pulumi.Input; /** * The amount of memory of the instance type included in your fleet. */ memory?: pulumi.Input; /** * The number of vCPUs of the instance type included in your fleet. */ vCpu?: pulumi.Input; } interface FleetProxyConfigurationArgs { /** * The default behavior of outgoing traffic. */ defaultBehavior?: pulumi.Input; /** * An array of `FleetProxyRule` objects that represent the specified destination domains or IPs to allow or deny network access control to. */ orderedProxyRules?: pulumi.Input[]>; } interface FleetProxyRuleArgs { /** * The behavior of the proxy rule. */ effect?: pulumi.Input; /** * The destination of the proxy rule. */ entities?: pulumi.Input[]>; /** * The type of proxy rule. */ type?: pulumi.Input; } interface FleetScalingConfigurationInputArgs { /** * The maximum number of instances in the fleet when auto-scaling. */ maxCapacity?: pulumi.Input; /** * The scaling type for a compute fleet. */ scalingType?: pulumi.Input; /** * A list of `TargetTrackingScalingConfiguration` objects. */ targetTrackingScalingConfigs?: pulumi.Input[]>; } interface FleetTargetTrackingScalingConfigurationArgs { /** * The metric type to determine auto-scaling. */ metricType?: pulumi.Input; /** * The value of `metricType` when to start scaling. */ targetValue?: pulumi.Input; } interface FleetVpcConfigArgs { /** * A list of one or more security groups IDs in your Amazon VPC. */ securityGroupIds?: pulumi.Input[]>; /** * A list of one or more subnet IDs in your Amazon VPC. */ subnets?: pulumi.Input[]>; /** * The ID of the Amazon VPC. */ vpcId?: pulumi.Input; } } export declare namespace codeconnections { } export declare namespace codedeploy { interface DeploymentConfigMinimumHealthyHostsArgs { /** * The minimum healthy instance type: * * - HOST_COUNT: The minimum number of healthy instance as an absolute value. * - FLEET_PERCENT: The minimum number of healthy instance as a percentage of the total number of instance in the deployment. * * In an example of nine instance, if a HOST_COUNT of six is specified, deploy to up to three instances at a time. The deployment is successful if six or more instances are deployed to successfully. Otherwise, the deployment fails. If a FLEET_PERCENT of 40 is specified, deploy to up to five instance at a time. The deployment is successful if four or more instance are deployed to successfully. Otherwise, the deployment fails. * * > In a call to `GetDeploymentConfig` , CodeDeployDefault.OneAtATime returns a minimum healthy instance type of MOST_CONCURRENCY and a value of 1. This means a deployment to only one instance at a time. (You cannot set the type to MOST_CONCURRENCY, only to HOST_COUNT or FLEET_PERCENT.) In addition, with CodeDeployDefault.OneAtATime, AWS CodeDeploy attempts to ensure that all instances but one are kept in a healthy state during the deployment. Although this allows one instance at a time to be taken offline for a new deployment, it also means that if the deployment to the last instance fails, the overall deployment is still successful. * * For more information, see [AWS CodeDeploy Instance Health](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html) in the *AWS CodeDeploy User Guide* . */ type: pulumi.Input; /** * The minimum healthy instance value. */ value: pulumi.Input; } interface DeploymentConfigMinimumHealthyHostsPerZoneArgs { /** * The `type` associated with the `MinimumHealthyHostsPerZone` option. */ type: pulumi.Input; /** * The `value` associated with the `MinimumHealthyHostsPerZone` option. */ value: pulumi.Input; } interface DeploymentConfigTimeBasedCanaryArgs { /** * The number of minutes between the first and second traffic shifts of a `TimeBasedCanary` deployment. */ canaryInterval: pulumi.Input; /** * The percentage of traffic to shift in the first increment of a `TimeBasedCanary` deployment. */ canaryPercentage: pulumi.Input; } interface DeploymentConfigTimeBasedLinearArgs { /** * The number of minutes between each incremental traffic shift of a `TimeBasedLinear` deployment. */ linearInterval: pulumi.Input; /** * The percentage of traffic that is shifted at the start of each increment of a `TimeBasedLinear` deployment. */ linearPercentage: pulumi.Input; } interface DeploymentConfigTrafficRoutingConfigArgs { /** * A configuration that shifts traffic from one version of a Lambda function or ECS task set to another in two increments. The original and target Lambda function versions or ECS task sets are specified in the deployment's AppSpec file. */ timeBasedCanary?: pulumi.Input; /** * A configuration that shifts traffic from one version of a Lambda function or Amazon ECS task set to another in equal increments, with an equal number of minutes between each increment. The original and target Lambda function versions or Amazon ECS task sets are specified in the deployment's AppSpec file. */ timeBasedLinear?: pulumi.Input; /** * The type of traffic shifting ( `TimeBasedCanary` or `TimeBasedLinear` ) used by a deployment configuration. */ type: pulumi.Input; } interface DeploymentConfigZonalConfigArgs { /** * The period of time, in seconds, that CodeDeploy must wait after completing a deployment to the *first* Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the second Availability Zone. You might set this option if you want to allow extra bake time for the first Availability Zone. If you don't specify a value for `firstZoneMonitorDurationInSeconds` , then CodeDeploy uses the `monitorDurationInSeconds` value for the first Availability Zone. * * For more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* . */ firstZoneMonitorDurationInSeconds?: pulumi.Input; /** * The number or percentage of instances that must remain available per Availability Zone during a deployment. This option works in conjunction with the `MinimumHealthyHosts` option. For more information, see [About the minimum number of healthy hosts per Availability Zone](https://docs.aws.amazon.com//codedeploy/latest/userguide/instances-health.html#minimum-healthy-hosts-az) in the *CodeDeploy User Guide* . * * If you don't specify the `minimumHealthyHostsPerZone` option, then CodeDeploy uses a default value of `0` percent. * * For more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* . */ minimumHealthyHostsPerZone?: pulumi.Input; /** * The period of time, in seconds, that CodeDeploy must wait after completing a deployment to an Availability Zone. CodeDeploy will wait this amount of time before starting a deployment to the next Availability Zone. Consider adding a monitor duration to give the deployment some time to prove itself (or 'bake') in one Availability Zone before it is released in the next zone. If you don't specify a `monitorDurationInSeconds` , CodeDeploy starts deploying to the next Availability Zone immediately. * * For more information about the zonal configuration feature, see [zonal configuration](https://docs.aws.amazon.com/codedeploy/latest/userguide/deployment-configurations-create.html#zonal-config) in the *CodeDeploy User Guide* . */ monitorDurationInSeconds?: pulumi.Input; } /** * Specifies a CloudWatch alarm to use for an AWS CodeDeploy deployment group. */ interface DeploymentGroupAlarmArgs { /** * The name of the alarm. Maximum length is 255 characters. Each alarm name can be used only once in a list of alarms. */ name?: pulumi.Input; } /** * Configures CloudWatch alarms for an AWS CodeDeploy deployment group. */ interface DeploymentGroupAlarmConfigurationArgs { /** * A list of alarms configured for the deployment or deployment group. A maximum of 10 alarms can be added. */ alarms?: pulumi.Input[]>; /** * Indicates whether the alarm configuration is enabled. */ enabled?: pulumi.Input; /** * Indicates whether a deployment should continue if information about the current state of alarms cannot be retrieved from Amazon CloudWatch. The default value is false. */ ignorePollAlarmFailure?: pulumi.Input; } /** * Configures automatic rollback for an AWS CodeDeploy deployment group when a deployment is not completed successfully. */ interface DeploymentGroupAutoRollbackConfigurationArgs { /** * Indicates whether a defined automatic rollback configuration is currently enabled. */ enabled?: pulumi.Input; /** * The event type or types that trigger a rollback. */ events?: pulumi.Input[]>; } /** * Information about blue/green deployment options for a deployment group. */ interface DeploymentGroupBlueGreenDeploymentConfigurationArgs { /** * Information about the action to take when newly provisioned instances are ready to receive traffic in a blue/green deployment. */ deploymentReadyOption?: pulumi.Input; /** * Information about how instances are provisioned for a replacement environment in a blue/green deployment. */ greenFleetProvisioningOption?: pulumi.Input; /** * Information about whether to terminate instances in the original fleet during a blue/green deployment. */ terminateBlueInstancesOnDeploymentSuccess?: pulumi.Input; } /** * Information about whether instances in the original environment are terminated when a blue/green deployment is successful. BlueInstanceTerminationOption does not apply to Lambda deployments. */ interface DeploymentGroupBlueInstanceTerminationOptionArgs { /** * The action to take on instances in the original environment after a successful blue/green deployment. */ action?: pulumi.Input; /** * For an Amazon EC2 deployment, the number of minutes to wait after a successful blue/green deployment before terminating instances from the original environment. For an Amazon ECS deployment, the number of minutes before deleting the original (blue) task set. During an Amazon ECS deployment, CodeDeploy shifts traffic from the original (blue) task set to a replacement (green) task set. The maximum setting is 2880 minutes (2 days). */ terminationWaitTimeInMinutes?: pulumi.Input; } /** * Specifies an AWS CodeDeploy application revision to be deployed to instances in the deployment group. If you specify an application revision, your target revision is deployed as soon as the provisioning process is complete. */ interface DeploymentGroupDeploymentArgs { /** * A description of the deployment. */ description?: pulumi.Input; /** * If true, then if an ApplicationStop, BeforeBlockTraffic, or AfterBlockTraffic deployment lifecycle event to an instance fails, then the deployment continues to the next deployment lifecycle event. If false or not specified, then if a lifecycle event fails during a deployment to an instance, that deployment fails. If deployment to that instance is part of an overall deployment and the number of healthy hosts is not less than the minimum number of healthy hosts, then a deployment to the next instance is attempted. */ ignoreApplicationStopFailures?: pulumi.Input; /** * Information about the location of stored application artifacts and the service from which to retrieve them. */ revision: pulumi.Input; } /** * Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment. */ interface DeploymentGroupDeploymentReadyOptionArgs { /** * Information about when to reroute traffic from an original environment to a replacement environment in a blue/green deployment. CONTINUE_DEPLOYMENT: Register new instances with the load balancer immediately after the new application revision is installed on the instances in the replacement environment. STOP_DEPLOYMENT: Do not register new instances with a load balancer unless traffic rerouting is started using ContinueDeployment . If traffic rerouting is not started before the end of the specified wait period, the deployment status is changed to Stopped. */ actionOnTimeout?: pulumi.Input; /** * The number of minutes to wait before the status of a blue/green deployment is changed to Stopped if rerouting is not started manually. Applies only to the STOP_DEPLOYMENT option for actionOnTimeout. */ waitTimeInMinutes?: pulumi.Input; } /** * Information about the type of deployment, either in-place or blue/green, you want to run and whether to route deployment traffic behind a load balancer. */ interface DeploymentGroupDeploymentStyleArgs { /** * Indicates whether to route deployment traffic behind a load balancer. */ deploymentOption?: pulumi.Input; /** * Indicates whether to run an in-place or blue/green deployment. */ deploymentType?: pulumi.Input; } /** * Information about an Amazon EC2 tag filter. */ interface DeploymentGroupEc2TagFilterArgs { /** * The tag filter key. */ key?: pulumi.Input; /** * The tag filter type. */ type?: pulumi.Input; /** * The tag filter value. */ value?: pulumi.Input; } /** * Specifies information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same template as EC2TagFilters. */ interface DeploymentGroupEc2TagSetArgs { /** * The Amazon EC2 tags that are already applied to Amazon EC2 instances that you want to include in the deployment group. CodeDeploy includes all Amazon EC2 instances identified by any of the tags you specify in this deployment group. */ ec2TagSetList?: pulumi.Input[]>; } /** * The EC2TagSet property type specifies information about groups of tags applied to Amazon EC2 instances. The deployment group includes only Amazon EC2 instances identified by all the tag groups. Cannot be used in the same template as EC2TagFilters. */ interface DeploymentGroupEc2TagSetListObjectArgs { /** * A list that contains other lists of Amazon EC2 instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list. */ ec2TagGroup?: pulumi.Input[]>; } /** * Contains the service and cluster names used to identify an Amazon ECS deployment's target. */ interface DeploymentGroupEcsServiceArgs { /** * The name of the cluster that the Amazon ECS service is associated with. */ clusterName: pulumi.Input; /** * The name of the target Amazon ECS service. */ serviceName: pulumi.Input; } /** * The ELBInfo property type specifies information about the Elastic Load Balancing load balancer used for an CodeDeploy deployment group. If you specify the ELBInfo property, the DeploymentStyle.DeploymentOption property must be set to WITH_TRAFFIC_CONTROL for AWS CodeDeploy to route your traffic using the specified load balancers. */ interface DeploymentGroupElbInfoArgs { /** * For blue/green deployments, the name of the load balancer that is used to route traffic from original instances to replacement instances in a blue/green deployment. For in-place deployments, the name of the load balancer that instances are deregistered from so they are not serving traffic during a deployment, and then re-registered with after the deployment is complete. */ name?: pulumi.Input; } /** * Specifies the location of an application revision that is stored in GitHub. */ interface DeploymentGroupGitHubLocationArgs { /** * The SHA1 commit ID of the GitHub commit that represents the bundled artifacts for the application revision. */ commitId: pulumi.Input; /** * The GitHub account and repository pair that stores the application revision to be deployed. */ repository: pulumi.Input; } /** * Information about the instances that belong to the replacement environment in a blue/green deployment. */ interface DeploymentGroupGreenFleetProvisioningOptionArgs { /** * The method used to add instances to a replacement environment. */ action?: pulumi.Input; } /** * Specifies information about the load balancer or target group used for an AWS CodeDeploy deployment group. For AWS CloudFormation to use the properties specified in LoadBalancerInfo, the DeploymentStyle.DeploymentOption property must be set to WITH_TRAFFIC_CONTROL. */ interface DeploymentGroupLoadBalancerInfoArgs { /** * An array that contains information about the load balancers to use for load balancing in a deployment. If you're using Classic Load Balancers, specify those load balancers in this array. */ elbInfoList?: pulumi.Input[]>; /** * An array that contains information about the target groups to use for load balancing in a deployment. If you're using Application Load Balancers and Network Load Balancers, specify their associated target groups in this array. */ targetGroupInfoList?: pulumi.Input[]>; /** * The target group pair information. This is an array of TargeGroupPairInfo objects with a maximum size of one. */ targetGroupPairInfoList?: pulumi.Input[]>; } /** * Specifies a list containing other lists of on-premises instance tag groups. In order for an instance to be included in the deployment group, it must be identified by all the tag groups in the list. */ interface DeploymentGroupOnPremisesTagSetArgs { /** * A list that contains other lists of on-premises instance tag groups. For an instance to be included in the deployment group, it must be identified by all of the tag groups in the list. */ onPremisesTagSetList?: pulumi.Input[]>; } /** * Specifies lists of on-premises instance tag groups. In order for an instance to be included in the deployment group, it must be identified by all the tag groups in the list. */ interface DeploymentGroupOnPremisesTagSetListObjectArgs { /** * Information about groups of on-premises instance tags. */ onPremisesTagGroup?: pulumi.Input[]>; } /** * Defines the location of the CodeDeploy application revision to deploy. */ interface DeploymentGroupRevisionLocationArgs { /** * Information about the location of application artifacts stored in GitHub. */ gitHubLocation?: pulumi.Input; /** * The type of application revision. */ revisionType?: pulumi.Input; /** * Information about the location of a revision stored in Amazon S3. */ s3Location?: pulumi.Input; } /** * Information about the location of application artifacts stored in Amazon S3. */ interface DeploymentGroupS3LocationArgs { /** * The name of the Amazon S3 bucket where the application revision is stored. */ bucket: pulumi.Input; /** * The file type of the application revision. */ bundleType?: pulumi.Input; /** * The ETag of the Amazon S3 object that represents the bundled artifacts for the application revision. If the ETag is not specified as an input parameter, ETag validation of the object is skipped. */ eTag?: pulumi.Input; /** * The name of the Amazon S3 object that represents the bundled artifacts for the application revision. */ key: pulumi.Input; /** * A specific version of the Amazon S3 object that represents the bundled artifacts for the application revision. If the version is not specified, the system uses the most recent version by default. */ version?: pulumi.Input; } /** * Specifies which on-premises instances to associate with the deployment group. */ interface DeploymentGroupTagFilterArgs { /** * The on-premises instance tag filter key. */ key?: pulumi.Input; /** * The on-premises instance tag filter type */ type?: pulumi.Input; /** * The on-premises instance tag filter value. */ value?: pulumi.Input; } /** * Specifies information about a target group in Elastic Load Balancing to use in a deployment. Instances are registered as targets in a target group, and traffic is routed to the target group. The DeploymentStyle.DeploymentOption property must be set to WITH_TRAFFIC_CONTROL for CodeDeploy to route your traffic using the specified target groups. */ interface DeploymentGroupTargetGroupInfoArgs { /** * For blue/green deployments, the name of the target group that instances in the original environment are deregistered from, and instances in the replacement environment registered with. For in-place deployments, the name of the target group that instances are deregistered from, so they are not serving traffic during a deployment, and then re-registered with after the deployment completes. No duplicates allowed. */ name?: pulumi.Input; } /** * The TargetGroupInfo property type specifies information about a target group in Elastic Load Balancing to use in a deployment. Instances are registered as targets in a target group, and traffic is routed to the target group. The DeploymentStyle.DeploymentOption property must be set to WITH_TRAFFIC_CONTROL for CodeDeploy to route your traffic using the specified target groups. */ interface DeploymentGroupTargetGroupPairInfoArgs { /** * The path used by a load balancer to route production traffic when an Amazon ECS deployment is complete. */ prodTrafficRoute?: pulumi.Input; /** * One pair of target groups. One is associated with the original task set. The second is associated with the task set that serves traffic after the deployment is complete. */ targetGroups?: pulumi.Input[]>; /** * An optional path used by a load balancer to route test traffic after an Amazon ECS deployment. Validation can occur while test traffic is served during a deployment. */ testTrafficRoute?: pulumi.Input; } /** * Information about a listener. The listener contains the path used to route traffic that is received from the load balancer to a target group. */ interface DeploymentGroupTrafficRouteArgs { /** * The Amazon Resource Name (ARN) of one listener. The listener identifies the route between a target group and a load balancer. This is an array of strings with a maximum size of one. */ listenerArns?: pulumi.Input[]>; } /** * Information about notification triggers for the deployment group. */ interface DeploymentGroupTriggerConfigArgs { /** * The event type or types that trigger notifications. */ triggerEvents?: pulumi.Input[]>; /** * The name of the notification trigger. */ triggerName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic through which notifications about deployment or instance events are sent. */ triggerTargetArn?: pulumi.Input; } } export declare namespace codeguruprofiler { /** * The agent permissions attached to this profiling group. */ interface AgentPermissionsPropertiesArgs { /** * The principals for the agent permissions. */ principals: pulumi.Input[]>; } /** * Notification medium for users to get alerted for events that occur in application profile. We support SNS topic as a notification channel. */ interface ProfilingGroupChannelArgs { /** * The channel ID. */ channelId?: pulumi.Input; /** * The channel URI. */ channelUri: pulumi.Input; } } export declare namespace codegurureviewer { } export declare namespace codepipeline { /** * Returns information about the details of an artifact. */ interface CustomActionTypeArtifactDetailsArgs { /** * The maximum number of artifacts allowed for the action type. */ maximumCount: pulumi.Input; /** * The minimum number of artifacts allowed for the action type. */ minimumCount: pulumi.Input; } /** * The configuration properties for the custom action. */ interface CustomActionTypeConfigurationPropertiesArgs { /** * The description of the action configuration property that is displayed to users. */ description?: pulumi.Input; /** * Whether the configuration property is a key. */ key: pulumi.Input; /** * The name of the action configuration property. */ name: pulumi.Input; /** * Indicates that the property is used with PollForJobs. When creating a custom action, an action can have up to one queryable property. If it has one, that property must be both required and not secret.If you create a pipeline with a custom action type, and that custom action contains a queryable property, the value for that configuration property is subject to other restrictions. The value must be less than or equal to twenty (20) characters. The value can contain only alphanumeric characters, underscores, and hyphens. */ queryable?: pulumi.Input; /** * Whether the configuration property is a required value. */ required: pulumi.Input; /** * Whether the configuration property is secret. Secrets are hidden from all calls except for GetJobDetails, GetThirdPartyJobDetails, PollForJobs, and PollForThirdPartyJobs. */ secret: pulumi.Input; /** * The type of the configuration property. */ type?: pulumi.Input; } /** * Settings is a property of the AWS::CodePipeline::CustomActionType resource that provides URLs that users can access to view information about the CodePipeline custom action. */ interface CustomActionTypeSettingsArgs { /** * The URL returned to the AWS CodePipeline console that provides a deep link to the resources of the external system, such as the configuration page for an AWS CodeDeploy deployment group. This link is provided as part of the action display in the pipeline. */ entityUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the top-level landing page for the external system, such as the console page for AWS CodeDeploy. This link is shown on the pipeline view page in the AWS CodePipeline console and provides a link to the execution entity of the external action. */ executionUrlTemplate?: pulumi.Input; /** * The URL returned to the AWS CodePipeline console that contains a link to the page where customers can update or change the configuration of the external action. */ revisionUrlTemplate?: pulumi.Input; /** * The URL of a sign-up page where users can sign up for an external service and perform initial configuration of the action provided by that service. */ thirdPartyConfigurationUrl?: pulumi.Input; } /** * Represents information about an action declaration. */ interface PipelineActionDeclarationArgs { /** * Specifies the action type and the provider of the action. */ actionTypeId: pulumi.Input; /** * The shell commands to run with your compute action in CodePipeline. */ commands?: pulumi.Input[]>; /** * The action's configuration. These are key-value pairs that specify input values for an action. */ configuration?: any; /** * The list of environment variables that are input to a compute based action. */ environmentVariables?: pulumi.Input[]>; /** * The name or ID of the artifact consumed by the action, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of input artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* . * * > For a CodeBuild action with multiple input artifacts, one of your input sources must be designated the PrimarySource. For more information, see the [CodeBuild action reference page](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference-CodeBuild.html) in the *AWS CodePipeline User Guide* . */ inputArtifacts?: pulumi.Input[]>; /** * The action declaration's name. */ name: pulumi.Input; /** * The variable namespace associated with the action. All variables produced as output by this action fall under this namespace. */ namespace?: pulumi.Input; /** * The name or ID of the result of the action declaration, such as a test or build artifact. While the field is not a required parameter, most actions have an action configuration that requires a specified quantity of output artifacts. To refer to the action configuration specification by action provider, see the [Action structure reference](https://docs.aws.amazon.com/codepipeline/latest/userguide/action-reference.html) in the *AWS CodePipeline User Guide* . */ outputArtifacts?: pulumi.Input[]>; /** * The list of variables that are to be exported from the compute action. */ outputVariables?: pulumi.Input[]>; /** * The action declaration's AWS Region, such as us-east-1. */ region?: pulumi.Input; /** * The ARN of the IAM service role that performs the declared action. This is assumed through the roleArn for the pipeline. */ roleArn?: pulumi.Input; /** * The order in which actions are run. */ runOrder?: pulumi.Input; /** * A timeout duration in minutes that can be applied against the ActionType’s default timeout value specified in Quotas for AWS CodePipeline. This attribute is available only to the manual approval ActionType. */ timeoutInMinutes?: pulumi.Input; } /** * Represents information about an action type. */ interface PipelineActionTypeIdArgs { /** * A category defines what kind of action can be taken in the stage, and constrains the provider type for the action. Valid categories are limited to one of the values below. */ category: pulumi.Input; /** * The creator of the action being called. There are three valid values for the Owner field in the action category section within your pipeline structure: AWS, ThirdParty, and Custom. */ owner: pulumi.Input; /** * The provider of the service being called by the action. Valid providers are determined by the action category. For example, an action in the Deploy category type might have a provider of CodeDeploy, which would be specified as CodeDeploy. */ provider: pulumi.Input; /** * A string that describes the action version. */ version: pulumi.Input; } /** * The S3 bucket where artifacts for the pipeline are stored. */ interface PipelineArtifactStoreArgs { /** * The encryption key used to encrypt the data in the artifact store, such as an AWS Key Management Service ( AWS KMS) key. If this is undefined, the default key for Amazon S3 is used. To see an example artifact store encryption key field, see the example structure here: [AWS::CodePipeline::Pipeline](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-codepipeline-pipeline.html) . */ encryptionKey?: pulumi.Input; /** * The S3 bucket used for storing the artifacts for a pipeline. You can specify the name of an S3 bucket but not a folder in the bucket. A folder to contain the pipeline artifacts is created for you based on the name of the pipeline. You can use any S3 bucket in the same AWS Region as the pipeline to store your pipeline artifacts. */ location: pulumi.Input; /** * The type of the artifact store, such as S3. */ type: pulumi.Input; } /** * A mapping of artifactStore objects and their corresponding AWS Regions. There must be an artifact store for the pipeline Region and for each cross-region action in the pipeline. */ interface PipelineArtifactStoreMapArgs { /** * Represents information about the S3 bucket where artifacts are stored for the pipeline. * * > You must include either `artifactStore` or `artifactStores` in your pipeline, but you cannot use both. If you create a cross-region action in your pipeline, you must use `artifactStores` . */ artifactStore: pulumi.Input; /** * The action declaration's AWS Region, such as us-east-1. */ region: pulumi.Input; } /** * The configuration that specifies the rules to run before stage starts. */ interface PipelineBeforeEntryConditionsArgs { /** * The conditions that are configured as entry conditions. */ conditions?: pulumi.Input[]>; } /** * Reserved for future use. */ interface PipelineBlockerDeclarationArgs { /** * Reserved for future use. */ name: pulumi.Input; /** * Reserved for future use. */ type: pulumi.Input; } /** * Represents information about condition. */ interface PipelineConditionArgs { /** * The specified result for when the failure conditions are met, such as rolling back the stage */ result?: pulumi.Input; /** * The rules that make up the condition. */ rules?: pulumi.Input[]>; } /** * Represents information about the key used to encrypt data in the artifact store, such as an AWS Key Management Service (AWS KMS) key */ interface PipelineEncryptionKeyArgs { /** * The ID used to identify the key. For an AWS KMS key, you can use the key ID, the key ARN, or the alias ARN. */ id: pulumi.Input; /** * The type of encryption key, such as an AWS KMS key. When creating or updating a pipeline, the value must be set to 'KMS'. */ type: pulumi.Input; } /** * Represents information about the environment variable of an action. */ interface PipelineEnvironmentVariableArgs { /** * The name of the environment variable. */ name: pulumi.Input; /** * The type of the environment variable. */ type?: pulumi.Input; /** * The value of the environment variable. */ value: pulumi.Input; } /** * The configuration that specifies the result, such as rollback, to occur upon stage failure */ interface PipelineFailureConditionsArgs { /** * The conditions that are configured as failure conditions. For more information about conditions, see [Stage conditions](https://docs.aws.amazon.com/codepipeline/latest/userguide/stage-conditions.html) and [How do stage conditions work?](https://docs.aws.amazon.com/codepipeline/latest/userguide/concepts-how-it-works-conditions.html) . */ conditions?: pulumi.Input[]>; /** * The specified result for when the failure conditions are met, such as rolling back the stage */ result?: pulumi.Input; /** * The configuration that specifies the retry configuration for a stage */ retryConfiguration?: pulumi.Input; } /** * The configuration that specifies the retry configuration for a stage */ interface PipelineFailureConditionsRetryConfigurationPropertiesArgs { /** * The specified retry mode type for the given stage. FAILED_ACTIONS will retry only the failed actions. ALL_ACTIONS will retry both failed and successful */ retryMode?: pulumi.Input; } /** * The Git repository branches specified as filter criteria to start the pipeline. */ interface PipelineGitBranchFilterCriteriaArgs { /** * The list of patterns of Git branches that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * The list of patterns of Git branches that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } /** * A type of trigger configuration for Git-based source actions. */ interface PipelineGitConfigurationArgs { /** * The field where the repository event that will start the pipeline is specified as pull requests. */ pullRequest?: pulumi.Input[]>; /** * The field where the repository event that will start the pipeline, such as pushing Git tags, is specified with details. */ push?: pulumi.Input[]>; /** * The name of the pipeline source action where the trigger configuration, such as Git tags, is specified. The trigger configuration will start the pipeline upon the specified change only. */ sourceActionName: pulumi.Input; } /** * The Git repository file paths specified as filter criteria to start the pipeline. */ interface PipelineGitFilePathFilterCriteriaArgs { /** * The list of patterns of Git repository file paths that, when a commit is pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * The list of patterns of Git repository file paths that, when a commit is pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } /** * The event criteria for the pull request trigger configuration, such as the lists of branches or file paths to include and exclude. */ interface PipelineGitPullRequestFilterArgs { /** * The field that specifies to filter on branches for the pull request trigger configuration. */ branches?: pulumi.Input; /** * The field that specifies which pull request events to filter on (opened, updated, closed) for the trigger configuration. */ events?: pulumi.Input[]>; /** * The field that specifies to filter on file paths for the pull request trigger configuration. */ filePaths?: pulumi.Input; } /** * The event criteria that specify when a specified repository event will start the pipeline for the specified trigger configuration, such as the lists of Git tags to include and exclude. */ interface PipelineGitPushFilterArgs { /** * The field that specifies to filter on branches for the push trigger configuration. */ branches?: pulumi.Input; /** * The field that specifies to filter on file paths for the push trigger configuration. */ filePaths?: pulumi.Input; /** * The field that contains the details for the Git tags trigger configuration. */ tags?: pulumi.Input; } /** * The Git tags specified as filter criteria for whether a Git tag repository event will start the pipeline. */ interface PipelineGitTagFilterCriteriaArgs { /** * The list of patterns of Git tags that, when pushed, are to be excluded from starting the pipeline. */ excludes?: pulumi.Input[]>; /** * The list of patterns of Git tags that, when pushed, are to be included as criteria that starts the pipeline. */ includes?: pulumi.Input[]>; } /** * Represents information about an artifact to be worked on, such as a test or build artifact. */ interface PipelineInputArtifactArgs { /** * The name of the artifact to be worked on (for example, "My App"). */ name: pulumi.Input; } /** * Represents information about the output of an action. */ interface PipelineOutputArtifactArgs { /** * The files that you want to associate with the output artifact that will be exported from the compute action. */ files?: pulumi.Input[]>; /** * The name of the output of an artifact, such as "My App". */ name: pulumi.Input; } /** * Represents information about condition. */ interface PipelineRuleDeclarationArgs { /** * The shell commands to run with your compute action in CodePipeline. */ commands?: pulumi.Input[]>; /** * The rule's configuration. These are key-value pairs that specify input values for a rule. */ configuration?: any; /** * The input artifacts fields for the rule, such as specifying an input file for the rule. */ inputArtifacts?: pulumi.Input[]>; /** * The rule declaration's name. */ name?: pulumi.Input; /** * The rule declaration's AWS Region, such as us-east-1. */ region?: pulumi.Input; /** * The ARN of the IAM service role that performs the declared rule. This is assumed through the roleArn for the pipeline. */ roleArn?: pulumi.Input; /** * The ID for the rule type, which is made up of the combined values for category, owner, provider, and version. */ ruleTypeId?: pulumi.Input; } /** * Represents information about a rule type. */ interface PipelineRuleTypeIdArgs { /** * A category for the provider type for the rule. */ category?: pulumi.Input; /** * The creator of the rule being called. Only AWS is supported. */ owner?: pulumi.Input; /** * The provider of the service being called by the rule. */ provider?: pulumi.Input; /** * A string that describes the rule version. */ version?: pulumi.Input; } /** * Represents information about a stage and its definition. */ interface PipelineStageDeclarationArgs { /** * The actions included in a stage. */ actions: pulumi.Input[]>; /** * The method to use before stage runs. */ beforeEntry?: pulumi.Input; /** * Reserved for future use. */ blockers?: pulumi.Input[]>; /** * The name of the stage. */ name: pulumi.Input; /** * The method to use when a stage has not completed successfully */ onFailure?: pulumi.Input; /** * The method to use when a stage has completed successfully */ onSuccess?: pulumi.Input; } /** * The name of the pipeline in which you want to disable the flow of artifacts from one stage to another. */ interface PipelineStageTransitionArgs { /** * The reason given to the user that a stage is disabled, such as waiting for manual approval or manual tests. This message is displayed in the pipeline console UI. */ reason: pulumi.Input; /** * The name of the stage where you want to disable the inbound or outbound transition of artifacts. */ stageName: pulumi.Input; } /** * The configuration that specifies the result, such as rollback, to occur upon stage failure */ interface PipelineSuccessConditionsArgs { /** * The conditions that are success conditions. */ conditions?: pulumi.Input[]>; } /** * Represents information about the specified trigger configuration, such as the filter criteria and the source stage for the action that contains the trigger. */ interface PipelineTriggerDeclarationArgs { /** * Provides the filter criteria and the source stage for the repository event that starts the pipeline, such as Git tags. */ gitConfiguration?: pulumi.Input; /** * The source provider for the event, such as connections configured for a repository with Git tags, for the specified trigger configuration. */ providerType: pulumi.Input; } /** * A variable declared at the pipeline level. */ interface PipelineVariableDeclarationArgs { /** * The value of a pipeline-level variable. */ defaultValue?: pulumi.Input; /** * The description of a pipeline-level variable. It's used to add additional context about the variable, and not being used at time when pipeline executes. */ description?: pulumi.Input; /** * The name of a pipeline-level variable. */ name: pulumi.Input; } /** * Properties that configure the authentication applied to incoming webhook trigger requests */ interface WebhookAuthConfigurationArgs { /** * The property used to configure acceptance of webhooks in an IP address range. For IP, only the AllowedIPRange property must be set. This property must be set to a valid CIDR range. */ allowedIpRange?: pulumi.Input; /** * The property used to configure GitHub authentication. For GITHUB_HMAC, only the SecretToken property must be set. */ secretToken?: pulumi.Input; } /** * A list of rules applied to the body/payload sent in the POST request to a webhook URL. All defined rules must pass for the request to be accepted and the pipeline started. */ interface WebhookFilterRuleArgs { /** * A JsonPath expression that is applied to the body/payload of the webhook. The value selected by the JsonPath expression must match the value specified in the MatchEquals field. Otherwise, the request is ignored. */ jsonPath: pulumi.Input; /** * The value selected by the JsonPath expression must match what is supplied in the MatchEquals field. Otherwise, the request is ignored. */ matchEquals?: pulumi.Input; } } export declare namespace codestarconnections { } export declare namespace codestarnotifications { interface NotificationRuleTargetArgs { /** * The Amazon Resource Name (ARN) of the topic or client. */ targetAddress: pulumi.Input; /** * The target type. Can be an Amazon Simple Notification Service topic or client. * * - Amazon Simple Notification Service topics are specified as `SNS` . * - clients are specified as `AWSChatbotSlack` . * - clients for Microsoft Teams are specified as `AWSChatbotMicrosoftTeams` . */ targetType: pulumi.Input; } } export declare namespace cognito { interface IdentityPoolCognitoIdentityProviderArgs { /** * The client ID for the Amazon Cognito user pool. */ clientId: pulumi.Input; /** * The provider name for an Amazon Cognito user pool. For example: `cognito-idp.us-east-2.amazonaws.com/us-east-2_123456789` . */ providerName: pulumi.Input; /** * TRUE if server-side token validation is enabled for the identity provider’s token. * * After you set the `ServerSideTokenCheck` to TRUE for an identity pool, that identity pool checks with the integrated user pools to make sure the user has not been globally signed out or deleted before the identity pool provides an OIDC token or AWS credentials for the user. * * If the user is signed out or deleted, the identity pool returns a 400 Not Authorized error. */ serverSideTokenCheck?: pulumi.Input; } interface IdentityPoolCognitoStreamsArgs { /** * The Amazon Resource Name (ARN) of the role Amazon Cognito can assume to publish to the stream. This role must grant access to Amazon Cognito (cognito-sync) to invoke `PutRecord` on your Amazon Cognito stream. */ roleArn?: pulumi.Input; /** * The name of the Amazon Cognito stream to receive updates. This stream must be in the developer's account and in the same Region as the identity pool. */ streamName?: pulumi.Input; /** * Status of the Amazon Cognito streams. Valid values are: `ENABLED` or `DISABLED` . */ streamingStatus?: pulumi.Input; } interface IdentityPoolPushSyncArgs { /** * The ARNs of the Amazon SNS platform applications that could be used by clients. */ applicationArns?: pulumi.Input[]>; /** * An IAM role configured to allow Amazon Cognito to call Amazon SNS on behalf of the developer. */ roleArn?: pulumi.Input; } interface IdentityPoolRoleAttachmentMappingRuleArgs { claim: pulumi.Input; matchType: pulumi.Input; roleArn: pulumi.Input; value: pulumi.Input; } interface IdentityPoolRoleAttachmentRoleMappingArgs { ambiguousRoleResolution?: pulumi.Input; identityProvider?: pulumi.Input; rulesConfiguration?: pulumi.Input; type: pulumi.Input; } interface IdentityPoolRoleAttachmentRulesConfigurationTypeArgs { rules: pulumi.Input[]>; } interface LogDeliveryConfigurationCloudWatchLogsConfigurationArgs { logGroupArn?: pulumi.Input; } interface LogDeliveryConfigurationFirehoseConfigurationArgs { streamArn?: pulumi.Input; } interface LogDeliveryConfigurationLogConfigurationArgs { cloudWatchLogsConfiguration?: pulumi.Input; eventSource?: pulumi.Input; firehoseConfiguration?: pulumi.Input; logLevel?: pulumi.Input; s3Configuration?: pulumi.Input; } interface LogDeliveryConfigurationS3ConfigurationArgs { bucketArn?: pulumi.Input; } interface ManagedLoginBrandingAssetTypeArgs { bytes?: pulumi.Input; category: pulumi.Input; colorMode: pulumi.Input; extension: pulumi.Input; resourceId?: pulumi.Input; } interface UserPoolAccountRecoverySettingArgs { /** * The list of options and priorities for user message delivery in forgot-password operations. Sets or displays user pool preferences for email or SMS message priority, whether users should fall back to a second delivery method, and whether passwords should only be reset by administrators. */ recoveryMechanisms?: pulumi.Input[]>; } interface UserPoolAddOnsArgs { /** * Threat protection configuration options for additional authentication types in your user pool, including custom authentication. */ advancedSecurityAdditionalFlows?: pulumi.Input; /** * The operating mode of threat protection for standard authentication types in your user pool, including username-password and secure remote password (SRP) authentication. */ advancedSecurityMode?: pulumi.Input; } interface UserPoolAdminCreateUserConfigArgs { /** * The setting for allowing self-service sign-up. When `true` , only administrators can create new user profiles. When `false` , users can register themselves and create a new user profile with the `SignUp` operation. */ allowAdminCreateUserOnly?: pulumi.Input; /** * The template for the welcome message to new users. This template must include the `{####}` temporary password placeholder if you are creating users with passwords. If your users don't have passwords, you can omit the placeholder. * * See also [Customizing User Invitation Messages](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pool-settings-message-customizations.html#cognito-user-pool-settings-user-invitation-message-customization) . */ inviteMessageTemplate?: pulumi.Input; /** * This parameter is no longer in use. * * The password expiration limit in days for administrator-created users. When this time expires, the user can't sign in with their temporary password. To reset the account after that time limit, you must call `AdminCreateUser` again, specifying `RESEND` for the `MessageAction` parameter. * * The default value for this parameter is 7. */ unusedAccountValidityDays?: pulumi.Input; } interface UserPoolAdvancedSecurityAdditionalFlowsArgs { /** * The operating mode of threat protection in custom authentication with [Custom authentication challenge Lambda triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) . */ customAuthMode?: pulumi.Input; } interface UserPoolClientAnalyticsConfigurationArgs { /** * The Amazon Resource Name (ARN) of an Amazon Pinpoint project that you want to connect to your user pool app client. Amazon Cognito publishes events to the Amazon Pinpoint project that `ApplicationArn` declares. You can also configure your application to pass an endpoint ID in the `AnalyticsMetadata` parameter of sign-in operations. The endpoint ID is information about the destination for push notifications */ applicationArn?: pulumi.Input; /** * Your Amazon Pinpoint project ID. */ applicationId?: pulumi.Input; /** * The [external ID](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) of the role that Amazon Cognito assumes to send analytics data to Amazon Pinpoint. */ externalId?: pulumi.Input; /** * The ARN of an AWS Identity and Access Management role that has the permissions required for Amazon Cognito to publish events to Amazon Pinpoint analytics. */ roleArn?: pulumi.Input; /** * If `UserDataShared` is `true` , Amazon Cognito includes user data in the events that it publishes to Amazon Pinpoint analytics. */ userDataShared?: pulumi.Input; } interface UserPoolClientRefreshTokenRotationArgs { /** * The state of refresh token rotation for the current app client. */ feature?: pulumi.Input; /** * When you request a token refresh with `GetTokensFromRefreshToken` , the original refresh token that you're rotating out can remain valid for a period of time of up to 60 seconds. This allows for client-side retries. When `RetryGracePeriodSeconds` is `0` , the grace period is disabled and a successful request immediately invalidates the submitted refresh token. */ retryGracePeriodSeconds?: pulumi.Input; } interface UserPoolClientTokenValidityUnitsArgs { /** * A time unit for the value that you set in the `AccessTokenValidity` parameter. The default `AccessTokenValidity` time unit is `hours` . `AccessTokenValidity` duration can range from five minutes to one day. */ accessToken?: pulumi.Input; /** * A time unit for the value that you set in the `IdTokenValidity` parameter. The default `IdTokenValidity` time unit is `hours` . `IdTokenValidity` duration can range from five minutes to one day. */ idToken?: pulumi.Input; /** * A time unit for the value that you set in the `RefreshTokenValidity` parameter. The default `RefreshTokenValidity` time unit is `days` . `RefreshTokenValidity` duration can range from 60 minutes to 10 years. */ refreshToken?: pulumi.Input; } interface UserPoolCustomEmailSenderArgs { /** * The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger. */ lambdaArn?: pulumi.Input; /** * The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features. * * You must use a `LambdaVersion` of `V1_0` with a custom sender function. */ lambdaVersion?: pulumi.Input; } interface UserPoolCustomSmsSenderArgs { /** * The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger. */ lambdaArn?: pulumi.Input; /** * The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features. * * You must use a `LambdaVersion` of `V1_0` with a custom sender function. */ lambdaVersion?: pulumi.Input; } interface UserPoolDeviceConfigurationArgs { /** * When true, a remembered device can sign in with device authentication instead of SMS and time-based one-time password (TOTP) factors for multi-factor authentication (MFA). * * > Whether or not `ChallengeRequiredOnNewDevice` is true, users who sign in with devices that have not been confirmed or remembered must still provide a second factor in a user pool that requires MFA. */ challengeRequiredOnNewDevice?: pulumi.Input; /** * When true, Amazon Cognito doesn't automatically remember a user's device when your app sends a `ConfirmDevice` API request. In your app, create a prompt for your user to choose whether they want to remember their device. Return the user's choice in an `UpdateDeviceStatus` API request. * * When `DeviceOnlyRememberedOnUserPrompt` is `false` , Amazon Cognito immediately remembers devices that you register in a `ConfirmDevice` API request. */ deviceOnlyRememberedOnUserPrompt?: pulumi.Input; } interface UserPoolDomainCustomDomainConfigTypeArgs { /** * The Amazon Resource Name (ARN) of an Certificate Manager SSL certificate. You use this certificate for the subdomain of your custom domain. */ certificateArn?: pulumi.Input; } interface UserPoolEmailConfigurationArgs { /** * The set of configuration rules that can be applied to emails sent using Amazon Simple Email Service. A configuration set is applied to an email by including a reference to the configuration set in the headers of the email. Once applied, all of the rules in that configuration set are applied to the email. Configuration sets can be used to apply the following types of rules to emails: * * - **Event publishing** - Amazon Simple Email Service can track the number of send, delivery, open, click, bounce, and complaint events for each email sent. Use event publishing to send information about these events to other AWS services such as and Amazon CloudWatch * - **IP pool management** - When leasing dedicated IP addresses with Amazon Simple Email Service, you can create groups of IP addresses, called dedicated IP pools. You can then associate the dedicated IP pools with configuration sets. */ configurationSet?: pulumi.Input; /** * Specifies whether Amazon Cognito uses its built-in functionality to send your users email messages, or uses your Amazon Simple Email Service email configuration. Specify one of the following values: * * - **COGNITO_DEFAULT** - When Amazon Cognito emails your users, it uses its built-in email functionality. When you use the default option, Amazon Cognito allows only a limited number of emails each day for your user pool. For typical production environments, the default email limit is less than the required delivery volume. To achieve a higher delivery volume, specify DEVELOPER to use your Amazon SES email configuration. * * To look up the email delivery limit for the default option, see [Limits](https://docs.aws.amazon.com/cognito/latest/developerguide/limits.html) in the *Amazon Cognito Developer Guide* . * * The default FROM address is `no-reply@verificationemail.com` . To customize the FROM address, provide the Amazon Resource Name (ARN) of an Amazon SES verified email address for the `SourceArn` parameter. * - **DEVELOPER** - When Amazon Cognito emails your users, it uses your Amazon SES configuration. Amazon Cognito calls Amazon SES on your behalf to send email from your verified email address. When you use this option, the email delivery limits are the same limits that apply to your Amazon SES verified email address in your AWS account . * * If you use this option, provide the ARN of an Amazon SES verified email address for the `SourceArn` parameter. * * Before Amazon Cognito can email your users, it requires additional permissions to call Amazon SES on your behalf. When you update your user pool with this option, Amazon Cognito creates a *service-linked role* , which is a type of role in your AWS account . This role contains the permissions that allow you to access Amazon SES and send email messages from your email address. For more information about the service-linked role that Amazon Cognito creates, see [Using Service-Linked Roles for Amazon Cognito](https://docs.aws.amazon.com/cognito/latest/developerguide/using-service-linked-roles.html) in the *Amazon Cognito Developer Guide* . */ emailSendingAccount?: pulumi.Input; /** * Either the sender’s email address or the sender’s name with their email address. For example, `testuser@example.com` or `Test User ` . This address appears before the body of the email. */ from?: pulumi.Input; /** * The destination to which the receiver of the email should reply. */ replyToEmailAddress?: pulumi.Input; /** * The ARN of a verified email address or an address from a verified domain in Amazon SES. You can set a `SourceArn` email from a verified domain only with an API request. You can set a verified email address, but not an address in a verified domain, in the Amazon Cognito console. Amazon Cognito uses the email address that you provide in one of the following ways, depending on the value that you specify for the `EmailSendingAccount` parameter: * * - If you specify `COGNITO_DEFAULT` , Amazon Cognito uses this address as the custom FROM address when it emails your users using its built-in email account. * - If you specify `DEVELOPER` , Amazon Cognito emails your users with this address by calling Amazon SES on your behalf. * * The Region value of the `SourceArn` parameter must indicate a supported AWS Region of your user pool. Typically, the Region in the `SourceArn` and the user pool Region are the same. For more information, see [Amazon SES email configuration regions](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-email.html#user-pool-email-developer-region-mapping) in the [Amazon Cognito Developer Guide](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-identity-pools.html) . */ sourceArn?: pulumi.Input; } interface UserPoolInboundFederationArgs { lambdaArn?: pulumi.Input; lambdaVersion?: pulumi.Input; } interface UserPoolInviteMessageTemplateArgs { /** * The message template for email messages. EmailMessage is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER. */ emailMessage?: pulumi.Input; /** * The subject line for email messages. EmailSubject is allowed only if [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is DEVELOPER. */ emailSubject?: pulumi.Input; /** * The message template for SMS messages. */ smsMessage?: pulumi.Input; } interface UserPoolLambdaConfigArgs { /** * The configuration of a create auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) . */ createAuthChallenge?: pulumi.Input; /** * The configuration of a custom email sender Lambda trigger. This trigger routes all email notifications from a user pool to a Lambda function that delivers the message using custom logic. */ customEmailSender?: pulumi.Input; /** * A custom message Lambda trigger. This trigger is an opportunity to customize all SMS and email messages from your user pool. When a custom message trigger is active, your user pool routes all messages to a Lambda function that returns a runtime-customized message subject and body for your user pool to deliver to a user. */ customMessage?: pulumi.Input; /** * The configuration of a custom SMS sender Lambda trigger. This trigger routes all SMS notifications from a user pool to a Lambda function that delivers the message using custom logic. */ customSmsSender?: pulumi.Input; /** * The configuration of a define auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) . */ defineAuthChallenge?: pulumi.Input; inboundFederation?: pulumi.Input; /** * The ARN of an [KMS key](https://docs.aws.amazon.com//kms/latest/developerguide/concepts.html#master_keys) . Amazon Cognito uses the key to encrypt codes and temporary passwords sent to custom sender Lambda triggers. */ kmsKeyId?: pulumi.Input; /** * The configuration of a [post authentication Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-authentication.html) in a user pool. This trigger can take custom actions after a user signs in. */ postAuthentication?: pulumi.Input; /** * The configuration of a [post confirmation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-post-confirmation.html) in a user pool. This trigger can take custom actions after a user confirms their user account and their email address or phone number. */ postConfirmation?: pulumi.Input; /** * The configuration of a [pre authentication trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-authentication.html) in a user pool. This trigger can evaluate and modify user sign-in events. */ preAuthentication?: pulumi.Input; /** * The configuration of a [pre sign-up Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-sign-up.html) in a user pool. This trigger evaluates new users and can bypass confirmation, [link a federated user profile](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-identity-federation-consolidate-users.html) , or block sign-up requests. */ preSignUp?: pulumi.Input; /** * The legacy configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. * * Set this parameter for legacy purposes. If you also set an ARN in `PreTokenGenerationConfig` , its value must be identical to `PreTokenGeneration` . For new instances of pre token generation triggers, set the `LambdaArn` of `PreTokenGenerationConfig` . */ preTokenGeneration?: pulumi.Input; /** * The detailed configuration of a [pre token generation Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-pre-token-generation.html) in a user pool. If you also set an ARN in `PreTokenGeneration` , its value must be identical to `PreTokenGenerationConfig` . */ preTokenGenerationConfig?: pulumi.Input; /** * The configuration of a [migrate user Lambda trigger](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-migrate-user.html) in a user pool. This trigger can create user profiles when users sign in or attempt to reset their password with credentials that don't exist yet. */ userMigration?: pulumi.Input; /** * The configuration of a verify auth challenge Lambda trigger, one of three triggers in the sequence of the [custom authentication challenge triggers](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-lambda-challenge.html) . */ verifyAuthChallengeResponse?: pulumi.Input; } interface UserPoolNumberAttributeConstraintsArgs { /** * The maximum length of a number attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer. */ maxValue?: pulumi.Input; /** * The minimum value of an attribute that is of the number data type. */ minValue?: pulumi.Input; } interface UserPoolPasswordPolicyArgs { /** * The minimum length of the password in the policy that you have set. This value can't be less than 6. */ minimumLength?: pulumi.Input; /** * The number of previous passwords that you want Amazon Cognito to restrict each user from reusing. Users can't set a password that matches any of `n` previous passwords, where `n` is the value of `PasswordHistorySize` . */ passwordHistorySize?: pulumi.Input; /** * The requirement in a password policy that users must include at least one lowercase letter in their password. */ requireLowercase?: pulumi.Input; /** * The requirement in a password policy that users must include at least one number in their password. */ requireNumbers?: pulumi.Input; /** * The requirement in a password policy that users must include at least one symbol in their password. */ requireSymbols?: pulumi.Input; /** * The requirement in a password policy that users must include at least one uppercase letter in their password. */ requireUppercase?: pulumi.Input; /** * The number of days a temporary password is valid in the password policy. If the user doesn't sign in during this time, an administrator must reset their password. Defaults to `7` . If you submit a value of `0` , Amazon Cognito treats it as a null value and sets `TemporaryPasswordValidityDays` to its default value. * * > When you set `TemporaryPasswordValidityDays` for a user pool, you can no longer set a value for the legacy `UnusedAccountValidityDays` parameter in that user pool. */ temporaryPasswordValidityDays?: pulumi.Input; } interface UserPoolPoliciesArgs { /** * The password policy settings for a user pool, including complexity, history, and length requirements. */ passwordPolicy?: pulumi.Input; /** * The policy for allowed types of authentication in a user pool. To activate this setting, your user pool must be in the [Essentials tier](https://docs.aws.amazon.com/cognito/latest/developerguide/feature-plans-features-essentials.html) or higher. */ signInPolicy?: pulumi.Input; } interface UserPoolPreTokenGenerationConfigArgs { /** * The Amazon Resource Name (ARN) of the function that you want to assign to your Lambda trigger. * * This parameter and the `PreTokenGeneration` property of `LambdaConfig` have the same value. For new instances of pre token generation triggers, set `LambdaArn` . */ lambdaArn?: pulumi.Input; /** * The user pool trigger version of the request that Amazon Cognito sends to your Lambda function. Higher-numbered versions add fields that support new features. */ lambdaVersion?: pulumi.Input; } interface UserPoolRecoveryOptionArgs { /** * The recovery method that this object sets a recovery option for. */ name?: pulumi.Input; /** * Your priority preference for using the specified attribute in account recovery. The highest priority is `1` . */ priority?: pulumi.Input; } interface UserPoolResourceServerResourceServerScopeTypeArgs { /** * A friendly description of a custom scope. */ scopeDescription: pulumi.Input; /** * The name of the scope. Amazon Cognito renders custom scopes in the format `resourceServerIdentifier/ScopeName` . For example, if this parameter is `exampleScope` in the resource server with the identifier `exampleResourceServer` , you request and receive the scope `exampleResourceServer/exampleScope` . */ scopeName: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentAccountTakeoverActionTypeArgs { /** * The action to take for the attempted account takeover action for the associated risk level. Valid values are as follows: * * - `BLOCK` : Block the request. * - `MFA_IF_CONFIGURED` : Present an MFA challenge if possible. MFA is possible if the user pool has active MFA methods that the user can set up. For example, if the user pool only supports SMS message MFA but the user doesn't have a phone number attribute, MFA setup isn't possible. If MFA setup isn't possible, allow the request. * - `MFA_REQUIRED` : Present an MFA challenge if possible. Block the request if a user hasn't set up MFA. To sign in with required MFA, users must have an email address or phone number attribute, or a registered TOTP factor. * - `NO_ACTION` : Take no action. Permit sign-in. */ eventAction: pulumi.Input; /** * Determines whether Amazon Cognito sends a user a notification message when your user pools assesses a user's session at the associated risk level. */ notify: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentAccountTakeoverActionsTypeArgs { /** * The action that you assign to a high-risk assessment by threat protection. */ highAction?: pulumi.Input; /** * The action that you assign to a low-risk assessment by threat protection. */ lowAction?: pulumi.Input; /** * The action that you assign to a medium-risk assessment by threat protection. */ mediumAction?: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentAccountTakeoverRiskConfigurationTypeArgs { /** * A list of account-takeover actions for each level of risk that Amazon Cognito might assess with threat protection. */ actions: pulumi.Input; /** * The settings for composing and sending an email message when threat protection assesses a risk level with adaptive authentication. When you choose to notify users in `AccountTakeoverRiskConfiguration` , Amazon Cognito sends an email message using the method and template that you set with this data type. */ notifyConfiguration?: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentCompromisedCredentialsActionsTypeArgs { /** * The action that Amazon Cognito takes when it detects compromised credentials. */ eventAction: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentCompromisedCredentialsRiskConfigurationTypeArgs { /** * Settings for the actions that you want your user pool to take when Amazon Cognito detects compromised credentials. */ actions: pulumi.Input; /** * Settings for the sign-in activity where you want to configure compromised-credentials actions. Defaults to all events. */ eventFilter?: pulumi.Input[]>; } interface UserPoolRiskConfigurationAttachmentNotifyConfigurationTypeArgs { /** * The template for the email message that your user pool sends when a detected risk event is blocked. */ blockEmail?: pulumi.Input; /** * The email address that sends the email message. The address must be either individually verified with Amazon Simple Email Service, or from a domain that has been verified with Amazon SES. */ from?: pulumi.Input; /** * The template for the email message that your user pool sends when MFA is challenged in response to a detected risk. */ mfaEmail?: pulumi.Input; /** * The template for the email message that your user pool sends when no action is taken in response to a detected risk. */ noActionEmail?: pulumi.Input; /** * The reply-to email address of an email template. Can be an email address in the format `admin@example.com` or `Administrator ` . */ replyTo?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the identity that is associated with the sending authorization policy. This identity permits Amazon Cognito to send for the email address specified in the `From` parameter. */ sourceArn: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentNotifyEmailTypeArgs { /** * The body of an email notification formatted in HTML. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively. */ htmlBody?: pulumi.Input; /** * The subject of the threat protection email notification. */ subject: pulumi.Input; /** * The body of an email notification formatted in plaintext. Choose an `HtmlBody` or a `TextBody` to send an HTML-formatted or plaintext message, respectively. */ textBody?: pulumi.Input; } interface UserPoolRiskConfigurationAttachmentRiskExceptionConfigurationTypeArgs { /** * An always-block IP address list. Overrides the risk decision and always blocks authentication requests. This parameter is displayed and set in CIDR notation. */ blockedIpRangeList?: pulumi.Input[]>; /** * An always-allow IP address list. Risk detection isn't performed on the IP addresses in this range list. This parameter is displayed and set in CIDR notation. */ skippedIpRangeList?: pulumi.Input[]>; } interface UserPoolSchemaAttributeArgs { /** * The data format of the values for your attribute. When you choose an `AttributeDataType` , Amazon Cognito validates the input against the data type. A custom attribute value in your user's ID token is always a string, for example `"custom:isMember" : "true"` or `"custom:YearsAsMember" : "12"` . */ attributeDataType?: pulumi.Input; /** * > You should use [WriteAttributes](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_UserPoolClientType.html#CognitoUserPools-Type-UserPoolClientType-WriteAttributes) in the user pool client to control how attributes can be mutated for new use cases instead of using `DeveloperOnlyAttribute` . * * Specifies whether the attribute type is developer only. This attribute can only be modified by an administrator. Users won't be able to modify this attribute using their access token. For example, `DeveloperOnlyAttribute` can be modified using AdminUpdateUserAttributes but can't be updated using UpdateUserAttributes. */ developerOnlyAttribute?: pulumi.Input; /** * Specifies whether the value of the attribute can be changed. * * Any user pool attribute whose value you map from an IdP attribute must be mutable, with a parameter value of `true` . Amazon Cognito updates mapped attributes when users sign in to your application through an IdP. If an attribute is immutable, Amazon Cognito throws an error when it attempts to update the attribute. For more information, see [Specifying Identity Provider Attribute Mappings for Your User Pool](https://docs.aws.amazon.com/cognito/latest/developerguide/cognito-user-pools-specifying-attribute-mapping.html) . */ mutable?: pulumi.Input; /** * The name of your user pool attribute. When you create or update a user pool, adding a schema attribute creates a custom or developer-only attribute. When you add an attribute with a `Name` value of `MyAttribute` , Amazon Cognito creates the custom attribute `custom:MyAttribute` . When `DeveloperOnlyAttribute` is `true` , Amazon Cognito creates your attribute as `dev:MyAttribute` . In an operation that describes a user pool, Amazon Cognito returns this value as `value` for standard attributes, `custom:value` for custom attributes, and `dev:value` for developer-only attributes.. */ name?: pulumi.Input; /** * Specifies the constraints for an attribute of the number type. */ numberAttributeConstraints?: pulumi.Input; /** * Specifies whether a user pool attribute is required. If the attribute is required and the user doesn't provide a value, registration or sign-in will fail. */ required?: pulumi.Input; /** * Specifies the constraints for an attribute of the string type. */ stringAttributeConstraints?: pulumi.Input; } interface UserPoolSignInPolicyArgs { /** * The sign-in methods that a user pool supports as the first factor. You can permit users to start authentication with a standard username and password, or with other one-time password and hardware factors. * * Supports values of `EMAIL_OTP` , `SMS_OTP` , `WEB_AUTHN` and `PASSWORD` , */ allowedFirstAuthFactors?: pulumi.Input[]>; } interface UserPoolSmsConfigurationArgs { /** * The external ID provides additional security for your IAM role. You can use an `ExternalId` with the IAM role that you use with Amazon SNS to send SMS messages for your user pool. If you provide an `ExternalId` , your Amazon Cognito user pool includes it in the request to assume your IAM role. You can configure the role trust policy to require that Amazon Cognito, and any principal, provide the `ExternalID` . If you use the Amazon Cognito Management Console to create a role for SMS multi-factor authentication (MFA), Amazon Cognito creates a role with the required permissions and a trust policy that demonstrates use of the `ExternalId` . * * For more information about the `ExternalId` of a role, see [How to use an external ID when granting access to your AWS resources to a third party](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html) . */ externalId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon SNS caller. This is the ARN of the IAM role in your AWS account that Amazon Cognito will use to send SMS messages. SMS messages are subject to a [spending limit](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-settings-email-phone-verification.html) . */ snsCallerArn?: pulumi.Input; /** * The AWS Region to use with Amazon SNS integration. You can choose the same Region as your user pool, or a supported *Legacy Amazon SNS alternate Region* . * * Amazon Cognito resources in the Asia Pacific (Seoul) AWS Region must use your Amazon SNS configuration in the Asia Pacific (Tokyo) Region. For more information, see [SMS message settings for Amazon Cognito user pools](https://docs.aws.amazon.com/cognito/latest/developerguide/user-pool-sms-settings.html) . */ snsRegion?: pulumi.Input; } interface UserPoolStringAttributeConstraintsArgs { /** * The maximum length of a string attribute value. Must be a number less than or equal to `2^1023` , represented as a string with a length of 131072 characters or fewer. */ maxLength?: pulumi.Input; /** * The minimum length of a string attribute value. */ minLength?: pulumi.Input; } interface UserPoolUserAttributeTypeArgs { /** * The name of the attribute. */ name?: pulumi.Input; /** * The value of the attribute. */ value?: pulumi.Input; } interface UserPoolUserAttributeUpdateSettingsArgs { /** * Requires that your user verifies their email address, phone number, or both before Amazon Cognito updates the value of that attribute. When you update a user attribute that has this option activated, Amazon Cognito sends a verification message to the new phone number or email address. Amazon Cognito doesn’t change the value of the attribute until your user responds to the verification message and confirms the new value. * * When `AttributesRequireVerificationBeforeUpdate` is false, your user pool doesn't require that your users verify attribute changes before Amazon Cognito updates them. In a user pool where `AttributesRequireVerificationBeforeUpdate` is false, API operations that change attribute values can immediately update a user’s `email` or `phone_number` attribute. */ attributesRequireVerificationBeforeUpdate: pulumi.Input[]>; } interface UserPoolUsernameConfigurationArgs { /** * Specifies whether user name case sensitivity will be applied for all users in the user pool through Amazon Cognito APIs. For most use cases, set case sensitivity to `False` (case insensitive) as a best practice. When usernames and email addresses are case insensitive, users can sign in as the same user when they enter a different capitalization of their user name. * * Valid values include: * * - **true** - Enables case sensitivity for all username input. When this option is set to `true` , users must sign in using the exact capitalization of their given username, such as "UserName". This is the default value. * - **false** - Enables case insensitivity for all username input. For example, when this option is set to `false` , users can sign in using `username` , `USERNAME` , or `UserName` . This option also enables both `preferred_username` and `email` alias to be case insensitive, in addition to the `username` attribute. */ caseSensitive?: pulumi.Input; } interface UserPoolVerificationMessageTemplateArgs { /** * The configuration of verification emails to contain a clickable link or a verification code. * * For link, your template body must contain link text in the format `{##Click here##}` . "Click here" in the example is a customizable string. For code, your template body must contain a code placeholder in the format `{####}` . */ defaultEmailOption?: pulumi.Input; /** * The template for email messages that Amazon Cognito sends to your users. You can set an `EmailMessage` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration. */ emailMessage?: pulumi.Input; /** * The email message template for sending a confirmation link to the user. You can set an `EmailMessageByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration. */ emailMessageByLink?: pulumi.Input; /** * The subject line for the email message template. You can set an `EmailSubject` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration. */ emailSubject?: pulumi.Input; /** * The subject line for the email message template for sending a confirmation link to the user. You can set an `EmailSubjectByLink` template only if the value of [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` . When your [EmailSendingAccount](https://docs.aws.amazon.com/cognito-user-identity-pools/latest/APIReference/API_EmailConfigurationType.html#CognitoUserPools-Type-EmailConfigurationType-EmailSendingAccount) is `DEVELOPER` , your user pool sends email messages with your own Amazon SES configuration. */ emailSubjectByLink?: pulumi.Input; /** * The template for SMS messages that Amazon Cognito sends to your users. */ smsMessage?: pulumi.Input; } } export declare namespace comprehend { interface DocumentClassifierAugmentedManifestsListItemArgs { /** * The JSON attribute that contains the annotations for your training documents. The number of attribute names that you specify depends on whether your augmented manifest file is the output of a single labeling job or a chained labeling job. * * If your file is the output of a single labeling job, specify the LabelAttributeName key that was used when the job was created in Ground Truth. * * If your file is the output of a chained labeling job, specify the LabelAttributeName key for one or more jobs in the chain. Each LabelAttributeName key provides the annotations from an individual job. */ attributeNames: pulumi.Input[]>; /** * The Amazon S3 location of the augmented manifest file. */ s3Uri: pulumi.Input; /** * The purpose of the data you've provided in the augmented manifest. You can either train or test this data. If you don't specify, the default is train. * * TRAIN - all of the documents in the manifest will be used for training. If no test documents are provided, Amazon Comprehend will automatically reserve a portion of the training documents for testing. * * TEST - all of the documents in the manifest will be used for testing. */ split?: pulumi.Input; } interface DocumentClassifierDocumentReaderConfigArgs { /** * This field defines the Amazon Textract API operation that Amazon Comprehend uses to extract text from PDF files and image files. Enter one of the following values: * * - `TEXTRACT_DETECT_DOCUMENT_TEXT` - The Amazon Comprehend service uses the `DetectDocumentText` API operation. * - `TEXTRACT_ANALYZE_DOCUMENT` - The Amazon Comprehend service uses the `AnalyzeDocument` API operation. */ documentReadAction: pulumi.Input; /** * Determines the text extraction actions for PDF files. Enter one of the following values: * * - `SERVICE_DEFAULT` - use the Amazon Comprehend service defaults for PDF files. * - `FORCE_DOCUMENT_READ_ACTION` - Amazon Comprehend uses the Textract API specified by DocumentReadAction for all PDF files, including digital PDF files. */ documentReadMode?: pulumi.Input; /** * Specifies the type of Amazon Textract features to apply. If you chose `TEXTRACT_ANALYZE_DOCUMENT` as the read action, you must specify one or both of the following values: * * - `TABLES` - Returns additional information about any tables that are detected in the input document. * - `FORMS` - Returns additional information about any forms that are detected in the input document. */ featureTypes?: pulumi.Input[]>; } interface DocumentClassifierDocumentsArgs { /** * The S3 URI location of the training documents specified in the S3Uri CSV file. */ s3Uri: pulumi.Input; /** * The S3 URI location of the test documents included in the TestS3Uri CSV file. This field is not required if you do not specify a test CSV file. */ testS3Uri?: pulumi.Input; } interface DocumentClassifierInputDataConfigArgs { /** * A list of augmented manifest files that provide training data for your custom model. An augmented manifest file is a labeled dataset that is produced by Amazon SageMaker Ground Truth. * * This parameter is required if you set `DataFormat` to `AUGMENTED_MANIFEST` . */ augmentedManifests?: pulumi.Input[]>; /** * The format of your training data: * * - `COMPREHEND_CSV` : A two-column CSV file, where labels are provided in the first column, and documents are provided in the second. If you use this value, you must provide the `S3Uri` parameter in your request. * - `AUGMENTED_MANIFEST` : A labeled dataset that is produced by Amazon SageMaker Ground Truth. This file is in JSON lines format. Each line is a complete JSON object that contains a training document and its associated labels. * * If you use this value, you must provide the `AugmentedManifests` parameter in your request. * * If you don't specify a value, Amazon Comprehend uses `COMPREHEND_CSV` as the default. */ dataFormat?: pulumi.Input; documentReaderConfig?: pulumi.Input; /** * The type of input documents for training the model. Provide plain-text documents to create a plain-text model, and provide semi-structured documents to create a native document model. */ documentType?: pulumi.Input; /** * The S3 location of the training documents. This parameter is required in a request to create a native document model. */ documents?: pulumi.Input; /** * Indicates the delimiter used to separate each label for training a multi-label classifier. The default delimiter between labels is a pipe (|). You can use a different character as a delimiter (if it's an allowed character) by specifying it under Delimiter for labels. If the training documents use a delimiter other than the default or the delimiter you specify, the labels on that line will be combined to make a single unique label, such as LABELLABELLABEL. */ labelDelimiter?: pulumi.Input; /** * The Amazon S3 URI for the input data. The S3 bucket must be in the same Region as the API endpoint that you are calling. The URI can point to a single input file or it can provide the prefix for a collection of input files. * * For example, if you use the URI `S3://bucketName/prefix` , if the prefix is a single file, Amazon Comprehend uses that file as input. If more than one file begins with the prefix, Amazon Comprehend uses all of them as input. * * This parameter is required if you set `DataFormat` to `COMPREHEND_CSV` . */ s3Uri?: pulumi.Input; /** * This specifies the Amazon S3 location that contains the test annotations for the document classifier. The URI must be in the same AWS Region as the API endpoint that you are calling. */ testS3Uri?: pulumi.Input; } interface DocumentClassifierOutputDataConfigArgs { /** * ID for the AWS Key Management Service (KMS) key that Amazon Comprehend uses to encrypt the output results from an analysis job. The KmsKeyId can be one of the following formats: * * - KMS Key ID: `"1234abcd-12ab-34cd-56ef-1234567890ab"` * - Amazon Resource Name (ARN) of a KMS Key: `"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"` * - KMS Key Alias: `"alias/ExampleAlias"` * - ARN of a KMS Key Alias: `"arn:aws:kms:us-west-2:111122223333:alias/ExampleAlias"` */ kmsKeyId?: pulumi.Input; /** * When you use the `OutputDataConfig` object while creating a custom classifier, you specify the Amazon S3 location where you want to write the confusion matrix and other output files. The URI must be in the same Region as the API endpoint that you are calling. The location is used as the prefix for the actual location of this output file. * * When the custom classifier job is finished, the service creates the output file in a directory specific to the job. The `S3Uri` field contains the location of the output file, called `output.tar.gz` . It is a compressed archive that contains the confusion matrix. */ s3Uri?: pulumi.Input; } interface DocumentClassifierVpcConfigArgs { /** * The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you’ll be accessing on the VPC. This ID number is preceded by "sg-", for instance: "sg-03b388029b0a285ea". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) . */ securityGroupIds: pulumi.Input[]>; /** * The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC’s Region. This ID number is preceded by "subnet-", for instance: "subnet-04ccf456919e69055". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) . */ subnets: pulumi.Input[]>; } interface FlywheelDataSecurityConfigArgs { /** * ID for the AWS key that Amazon Comprehend uses to encrypt the data in the data lake. */ dataLakeKmsKeyId?: pulumi.Input; /** * ID for the AWS key that Amazon Comprehend uses to encrypt trained custom models. The ModelKmsKeyId can be either of the following formats: * * - KMS Key ID: `"1234abcd-12ab-34cd-56ef-1234567890ab"` * - Amazon Resource Name (ARN) of a KMS Key: `"arn:aws:kms:us-west-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab"` */ modelKmsKeyId?: pulumi.Input; /** * ID for the AWS key that Amazon Comprehend uses to encrypt the volume. */ volumeKmsKeyId?: pulumi.Input; /** * Configuration parameters for an optional private Virtual Private Cloud (VPC) containing the resources you are using for the job. For more information, see [Amazon VPC](https://docs.aws.amazon.com/vpc/latest/userguide/what-is-amazon-vpc.html) . */ vpcConfig?: pulumi.Input; } interface FlywheelDocumentClassificationConfigArgs { /** * One or more labels to associate with the custom classifier. */ labels?: pulumi.Input[]>; /** * Classification mode indicates whether the documents are `MULTI_CLASS` or `MULTI_LABEL` . */ mode: pulumi.Input; } interface FlywheelEntityRecognitionConfigArgs { /** * Up to 25 entity types that the model is trained to recognize. */ entityTypes?: pulumi.Input[]>; } interface FlywheelEntityTypesListItemArgs { /** * An entity type within a labeled training dataset that Amazon Comprehend uses to train a custom entity recognizer. * * Entity types must not contain the following invalid characters: \n (line break), \\n (escaped line break, \r (carriage return), \\r (escaped carriage return), \t (tab), \\t (escaped tab), and , (comma). */ type: pulumi.Input; } interface FlywheelTaskConfigArgs { /** * Configuration required for a document classification model. */ documentClassificationConfig?: pulumi.Input; /** * Configuration required for an entity recognition model. */ entityRecognitionConfig?: pulumi.Input; /** * Language code for the language that the model supports. */ languageCode: pulumi.Input; } interface FlywheelVpcConfigArgs { /** * The ID number for a security group on an instance of your private VPC. Security groups on your VPC function serve as a virtual firewall to control inbound and outbound traffic and provides security for the resources that you’ll be accessing on the VPC. This ID number is preceded by "sg-", for instance: "sg-03b388029b0a285ea". For more information, see [Security Groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) . */ securityGroupIds: pulumi.Input[]>; /** * The ID for each subnet being used in your private VPC. This subnet is a subset of the a range of IPv4 addresses used by the VPC and is specific to a given availability zone in the VPC’s Region. This ID number is preceded by "subnet-", for instance: "subnet-04ccf456919e69055". For more information, see [VPCs and Subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) . */ subnets: pulumi.Input[]>; } } export declare namespace computeoptimizer { interface AutomationRuleCriteriaArgs { ebsVolumeSizeInGib?: pulumi.Input[]>; ebsVolumeType?: pulumi.Input[]>; estimatedMonthlySavings?: pulumi.Input[]>; lookBackPeriodInDays?: pulumi.Input[]>; region?: pulumi.Input[]>; resourceArn?: pulumi.Input[]>; resourceTag?: pulumi.Input[]>; restartNeeded?: pulumi.Input[]>; } interface AutomationRuleDoubleCriteriaConditionArgs { comparison?: pulumi.Input; values?: pulumi.Input[]>; } interface AutomationRuleIntegerCriteriaConditionArgs { comparison?: pulumi.Input; values?: pulumi.Input[]>; } interface AutomationRuleOrganizationConfigurationArgs { /** * List of account IDs where the organization rule applies */ accountIds?: pulumi.Input[]>; /** * When the rule should be applied relative to account rules */ ruleApplyOrder?: pulumi.Input; } interface AutomationRuleResourceTagsCriteriaConditionArgs { comparison?: pulumi.Input; key?: pulumi.Input; values?: pulumi.Input[]>; } interface AutomationRuleScheduleArgs { /** * Execution window duration in minutes */ executionWindowInMinutes?: pulumi.Input; /** * Schedule expression (e.g., cron or rate expression) */ scheduleExpression?: pulumi.Input; /** * IANA timezone identifier */ scheduleExpressionTimezone?: pulumi.Input; } interface AutomationRuleStringCriteriaConditionArgs { comparison?: pulumi.Input; values?: pulumi.Input[]>; } } export declare namespace config { } export declare namespace configuration { /** * Indicates whether an AWS resource or CC rule is compliant and provides the number of contributors that affect the compliance. */ interface CompliancePropertiesArgs { /** * Compliance type determined by the Config rule */ type?: pulumi.Input; } /** * Provides the CustomPolicyDetails, the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources. */ interface ConfigRuleCustomPolicyDetailsArgs { /** * The boolean expression for enabling debug logging for your CC Custom Policy rule. The default value is ``false``. */ enableDebugLogDelivery?: pulumi.Input; /** * The runtime system for your CC Custom Policy rule. Guard is a policy-as-code language that allows you to write policies that are enforced by CC Custom Policy rules. For more information about Guard, see the [Guard GitHub Repository](https://docs.aws.amazon.com/https://github.com/aws-cloudformation/cloudformation-guard). */ policyRuntime?: pulumi.Input; /** * The policy definition containing the logic for your CC Custom Policy rule. */ policyText?: pulumi.Input; } /** * The configuration object for CC rule evaluation mode. The supported valid values are Detective or Proactive. */ interface ConfigRuleEvaluationModeConfigurationArgs { /** * The mode of an evaluation. The valid values are Detective or Proactive. */ mode?: pulumi.Input; } /** * Defines which resources trigger an evaluation for an CC rule. The scope can include one or more resource types, a combination of a tag key and value, or a combination of one resource type and one resource ID. Specify a scope to constrain which resources trigger an evaluation for a rule. Otherwise, evaluations for the rule are triggered when any resource in your recording group changes in configuration. */ interface ConfigRuleScopeArgs { /** * The ID of the only AWS resource that you want to trigger an evaluation for the rule. If you specify a resource ID, you must specify one resource type for ``ComplianceResourceTypes``. */ complianceResourceId?: pulumi.Input; /** * The resource types of only those AWS resources that you want to trigger an evaluation for the rule. You can only specify one type if you also specify a resource ID for ``ComplianceResourceId``. */ complianceResourceTypes?: pulumi.Input[]>; /** * The tag key that is applied to only those AWS resources that you want to trigger an evaluation for the rule. */ tagKey?: pulumi.Input; /** * The tag value applied to only those AWS resources that you want to trigger an evaluation for the rule. If you specify a value for ``TagValue``, you must also specify a value for ``TagKey``. */ tagValue?: pulumi.Input; } /** * Provides the CustomPolicyDetails, the rule owner (```` for managed rules, ``CUSTOM_POLICY`` for Custom Policy rules, and ``CUSTOM_LAMBDA`` for Custom Lambda rules), the rule identifier, and the events that cause the evaluation of your AWS resources. */ interface ConfigRuleSourceArgs { /** * Provides the runtime system, policy definition, and whether debug logging is enabled. Required when owner is set to ``CUSTOM_POLICY``. */ customPolicyDetails?: pulumi.Input; /** * Indicates whether AWS or the customer owns and manages the CC rule. * CC Managed Rules are predefined rules owned by AWS. For more information, see [Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_use-managed-rules.html) in the *developer guide*. * CC Custom Rules are rules that you can develop either with Guard (``CUSTOM_POLICY``) or LAMlong (``CUSTOM_LAMBDA``). For more information, see [Custom Rules](https://docs.aws.amazon.com/config/latest/developerguide/evaluate-config_develop-rules.html) in the *developer guide*. */ owner: pulumi.Input; /** * Provides the source and the message types that cause CC to evaluate your AWS resources against a rule. It also provides the frequency with which you want CC to run evaluations for the rule if the trigger type is periodic. * If the owner is set to ``CUSTOM_POLICY``, the only acceptable values for the CC rule trigger message type are ``ConfigurationItemChangeNotification`` and ``OversizedConfigurationItemChangeNotification``. */ sourceDetails?: pulumi.Input[]>; /** * For CC Managed rules, a predefined identifier from a list. For example, ``IAM_PASSWORD_POLICY`` is a managed rule. To reference a managed rule, see [List of Managed Rules](https://docs.aws.amazon.com/config/latest/developerguide/managed-rules-by-aws-config.html). * For CC Custom Lambda rules, the identifier is the Amazon Resource Name (ARN) of the rule's LAMlong function, such as ``arn:aws:lambda:us-east-2:123456789012:function:custom_rule_name``. * For CC Custom Policy rules, this field will be ignored. */ sourceIdentifier?: pulumi.Input; } /** * Provides the source and the message types that trigger CC to evaluate your AWS resources against a rule. It also provides the frequency with which you want CC to run evaluations for the rule if the trigger type is periodic. You can specify the parameter values for ``SourceDetail`` only for custom rules. */ interface ConfigRuleSourceDetailArgs { /** * The source of the event, such as an AWS service, that triggers CC to evaluate your AWS resources. */ eventSource: pulumi.Input; /** * The frequency at which you want CC to run evaluations for a custom rule with a periodic trigger. If you specify a value for ``MaximumExecutionFrequency``, then ``MessageType`` must use the ``ScheduledNotification`` value. * By default, rules with a periodic trigger are evaluated every 24 hours. To change the frequency, specify a valid value for the ``MaximumExecutionFrequency`` parameter. * Based on the valid value you choose, CC runs evaluations once for each valid value. For example, if you choose ``Three_Hours``, CC runs evaluations once every three hours. In this case, ``Three_Hours`` is the frequency of this rule. */ maximumExecutionFrequency?: pulumi.Input; /** * The type of notification that triggers CC to run an evaluation for a rule. You can specify the following notification types: * + ``ConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers a configuration item as a result of a resource change. * + ``OversizedConfigurationItemChangeNotification`` - Triggers an evaluation when CC delivers an oversized configuration item. CC may generate this notification type when a resource changes and the notification exceeds the maximum size allowed by Amazon SNS. * + ``ScheduledNotification`` - Triggers a periodic evaluation at the frequency specified for ``MaximumExecutionFrequency``. * + ``ConfigurationSnapshotDeliveryCompleted`` - Triggers a periodic evaluation when CC delivers a configuration snapshot. * * If you want your custom rule to be triggered by configuration changes, specify two SourceDetail objects, one for ``ConfigurationItemChangeNotification`` and one for ``OversizedConfigurationItemChangeNotification``. */ messageType: pulumi.Input; } interface ConfigurationAggregatorAccountAggregationSourceArgs { /** * The 12-digit account ID of the account being aggregated. */ accountIds: pulumi.Input[]>; /** * If true, aggregate existing AWS Config regions and future regions. */ allAwsRegions?: pulumi.Input; /** * The source regions being aggregated. */ awsRegions?: pulumi.Input[]>; } interface ConfigurationAggregatorOrganizationAggregationSourceArgs { /** * If true, aggregate existing AWS Config regions and future regions. */ allAwsRegions?: pulumi.Input; /** * The source regions being aggregated. */ awsRegions?: pulumi.Input[]>; /** * ARN of the IAM role used to retrieve AWS Organizations details associated with the aggregator account. */ roleArn: pulumi.Input; } /** * Input parameters in the form of key-value pairs for the conformance pack. */ interface ConformancePackInputParameterArgs { /** * One part of a key-value pair. */ parameterName: pulumi.Input; /** * Another part of the key-value pair. */ parameterValue: pulumi.Input; } /** * Input parameters in the form of key-value pairs for the conformance pack. */ interface OrganizationConformancePackConformancePackInputParameterArgs { /** * One part of a key-value pair. */ parameterName: pulumi.Input; /** * One part of a key-value pair. */ parameterValue: pulumi.Input; } /** * The TemplateSSMDocumentDetails object contains the name of the SSM document and the version of the SSM document. */ interface TemplateSsmDocumentDetailsPropertiesArgs { /** * The name or Amazon Resource Name (ARN) of the SSM document to use to create a conformance pack. If you use the document name, AWS Config checks only your account and AWS Region for the SSM document. */ documentName?: pulumi.Input; /** * The version of the SSM document to use to create a conformance pack. By default, AWS Config uses the latest version. * * > This field is optional. */ documentVersion?: pulumi.Input; } } export declare namespace connect { /** * Custom metadata associated to a Predefined attribute that controls how the attribute behaves when used by upstream services. */ interface AttributeConfigurationPropertiesArgs { /** * Enables customers to enforce strict validation on the specific values that this predefined attribute can hold. */ enableValueValidationOnAssociation?: pulumi.Input; /** * Allows the predefined attribute to show up and be managed in the Amazon Connect UI. */ isReadOnly?: pulumi.Input; } /** * The constraints for the task template */ interface ConstraintsPropertiesArgs { /** * Lists the fields that are invisible to agents. */ invisibleFields?: pulumi.Input[]>; /** * Lists the fields that are read-only to agents, and cannot be edited. */ readOnlyFields?: pulumi.Input[]>; /** * Lists the fields that are required to be filled by agents. */ requiredFields?: pulumi.Input[]>; } interface DataTableRecordPropertiesArgs { primaryValues?: pulumi.Input[]>; values: pulumi.Input[]>; } interface DataTableRecordValueArgs { attributeId?: pulumi.Input; attributeValue?: pulumi.Input; } /** * Configuration for an email address alias */ interface EmailAddressAliasConfigurationArgs { /** * The identifier of the email address alias */ emailAddressArn: pulumi.Input; } /** * Configuration information about automated evaluations. */ interface EvaluationFormAutoEvaluationConfigurationArgs { enabled?: pulumi.Input; } /** * Information about automatic fail configuration for an evaluation form. */ interface EvaluationFormAutomaticFailConfigurationArgs { /** * The referenceId of the target section for auto failure. */ targetSection?: pulumi.Input; } /** * An item at the root level. All items must be sections. */ interface EvaluationFormBaseItemArgs { /** * A subsection or inner section of an item. */ section: pulumi.Input; } /** * Configuration settings for evaluation reviews. */ interface EvaluationFormEvaluationReviewConfigurationArgs { /** * Number of days during which a request for review can be submitted for evaluations created from this form. */ eligibilityDays?: pulumi.Input; /** * List of recipients who should be notified when a review is requested. */ reviewNotificationRecipients: pulumi.Input[]>; } /** * Information about a recipient who should be notified when an evaluation review is requested. */ interface EvaluationFormEvaluationReviewNotificationRecipientArgs { /** * The type of notification recipient. */ type: pulumi.Input; /** * The value associated with the notification recipient type. */ value: pulumi.Input; } /** * The value information for an evaluation review notification recipient. */ interface EvaluationFormEvaluationReviewNotificationRecipientValueArgs { /** * The user identifier for the notification recipient. */ userId?: pulumi.Input; } /** * Items that are part of the evaluation form. The total number of sections and questions must not exceed 100 each. Questions must be contained in a section. */ interface EvaluationFormItemArgs { /** * The information of the question. */ question?: pulumi.Input; /** * The information of the section. */ section?: pulumi.Input; } /** * A condition for item enablement. */ interface EvaluationFormItemEnablementConditionArgs { /** * Operands of the enablement condition. */ operands: pulumi.Input[]>; /** * The operator to be used to be applied to operands if more than one provided. */ operator?: pulumi.Input; } /** * An operand of the enablement condition. */ interface EvaluationFormItemEnablementConditionOperandArgs { /** * An expression of the enablement condition. */ expression?: pulumi.Input; } /** * An item enablement configuration. */ interface EvaluationFormItemEnablementConfigurationArgs { /** * An enablement action that if condition is satisfied. */ action: pulumi.Input; /** * A condition for item enablement configuration. */ condition: pulumi.Input; /** * An enablement action that if condition is not satisfied. */ defaultAction?: pulumi.Input; } /** * An expression that defines a basic building block of conditional enablement. */ interface EvaluationFormItemEnablementExpressionArgs { /** * A comparator to be used against list of values. */ comparator: pulumi.Input; /** * A source item of enablement expression. */ source: pulumi.Input; /** * A list of values from source item. */ values: pulumi.Input[]>; } /** * An enablement expression source item. */ interface EvaluationFormItemEnablementSourceArgs { /** * A referenceId of the source item. */ refId?: pulumi.Input; /** * A type of source item. */ type: pulumi.Input; } /** * An enablement expression source value. */ interface EvaluationFormItemEnablementSourceValueArgs { /** * A referenceId of the source value. */ refId?: pulumi.Input; /** * A type of source item value. */ type?: pulumi.Input; } /** * Language configuration for an evaluation form. */ interface EvaluationFormLanguageConfigurationArgs { /** * The language for the evaluation form. */ formLanguage?: pulumi.Input; } /** * Automation configuration for multi-select questions. */ interface EvaluationFormMultiSelectQuestionAutomationArgs { answerSource?: pulumi.Input; /** * Reference IDs of default options. */ defaultOptionRefIds?: pulumi.Input[]>; /** * Automation options for the multi-select question. */ options: pulumi.Input[]>; } /** * An automation option for a multi-select question. */ interface EvaluationFormMultiSelectQuestionAutomationOptionArgs { /** * Rule category configuration for this automation option. */ ruleCategory: pulumi.Input; } /** * An option for a multi-select question in an evaluation form. */ interface EvaluationFormMultiSelectQuestionOptionArgs { /** * Reference identifier for this option. */ refId: pulumi.Input; /** * Display text for this option. */ text: pulumi.Input; } /** * Properties for a multi-select question in an evaluation form. */ interface EvaluationFormMultiSelectQuestionPropertiesArgs { /** * Automation configuration for this multi-select question. */ automation?: pulumi.Input; /** * Display format for the multi-select question. */ displayAs?: pulumi.Input; /** * Options available for this multi-select question. */ options: pulumi.Input[]>; } /** * Automation rule for multi-select questions based on rule categories. */ interface EvaluationFormMultiSelectQuestionRuleCategoryAutomationArgs { /** * The category name for this automation rule. */ category: pulumi.Input; /** * The condition for this automation rule. */ condition: pulumi.Input; /** * Reference IDs of options for this automation rule. */ optionRefIds: pulumi.Input[]>; } /** * Information about the automation configuration in numeric questions. */ interface EvaluationFormNumericQuestionAutomationArgs { /** * A source of automation answer for numeric question. */ answerSource?: pulumi.Input; /** * The property value of the automation. */ propertyValue?: pulumi.Input; } /** * Information about the option range used for scoring in numeric questions. */ interface EvaluationFormNumericQuestionOptionArgs { /** * The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0. */ automaticFail?: pulumi.Input; /** * A configuration for automatic fail. */ automaticFailConfiguration?: pulumi.Input; /** * The maximum answer value of the range option. */ maxValue: pulumi.Input; /** * The minimum answer value of the range option. */ minValue: pulumi.Input; /** * The score assigned to answer values within the range option. * *Minimum*: 0 * *Maximum*: 10 */ score?: pulumi.Input; } /** * Information about properties for a numeric question in an evaluation form. */ interface EvaluationFormNumericQuestionPropertiesArgs { /** * The automation properties of the numeric question. */ automation?: pulumi.Input; /** * The maximum answer value. */ maxValue: pulumi.Input; /** * The minimum answer value. */ minValue: pulumi.Input; /** * The scoring options of the numeric question. */ options?: pulumi.Input[]>; } /** * Information about the property value used in automation of a numeric questions. */ interface EvaluationFormNumericQuestionPropertyValueAutomationArgs { /** * The property label of the automation. */ label: pulumi.Input; } /** * Information about a question from an evaluation form. */ interface EvaluationFormQuestionArgs { /** * A question conditional enablement. */ enablement?: pulumi.Input; /** * The instructions of the section. * *Length Constraints*: Minimum length of 0. Maximum length of 1024. */ instructions?: pulumi.Input; /** * The flag to enable not applicable answers to the question. */ notApplicableEnabled?: pulumi.Input; /** * The type of the question. * *Allowed values*: ``NUMERIC`` | ``SINGLESELECT`` | ``TEXT`` */ questionType: pulumi.Input; /** * The properties of the type of question. Text questions do not have to define question type properties. */ questionTypeProperties?: pulumi.Input; /** * The identifier of the question. An identifier must be unique within the evaluation form. * *Length Constraints*: Minimum length of 1. Maximum length of 40. */ refId: pulumi.Input; /** * The title of the question. * *Length Constraints*: Minimum length of 1. Maximum length of 350. */ title: pulumi.Input; /** * The scoring weight of the section. * *Minimum*: 0 * *Maximum*: 100 */ weight?: pulumi.Input; } /** * A question automation answer. */ interface EvaluationFormQuestionAutomationAnswerSourceArgs { /** * The automation answer source type. */ sourceType: pulumi.Input; } /** * Information about properties for a question in an evaluation form. The question type properties must be either for a numeric question or a single select question. */ interface EvaluationFormQuestionTypePropertiesArgs { /** * Properties for multi-select question types. */ multiSelect?: pulumi.Input; /** * The properties of the numeric question. */ numeric?: pulumi.Input; /** * The properties of the numeric question. */ singleSelect?: pulumi.Input; /** * The properties of the text question. */ text?: pulumi.Input; } /** * A scoring strategy of the evaluation form. */ interface EvaluationFormScoringStrategyArgs { /** * The scoring mode of the evaluation form. * *Allowed values*: ``QUESTION_ONLY`` | ``SECTION_ONLY`` */ mode: pulumi.Input; /** * The scoring status of the evaluation form. * *Allowed values*: ``ENABLED`` | ``DISABLED`` */ status: pulumi.Input; } /** * Information about a section from an evaluation form. A section can contain sections and/or questions. Evaluation forms can only contain sections and subsections (two level nesting). */ interface EvaluationFormSectionArgs { /** * The instructions of the section. */ instructions?: pulumi.Input; /** * The items of the section. * *Minimum*: 1 */ items?: pulumi.Input[]>; /** * The identifier of the section. An identifier must be unique within the evaluation form. * *Length Constraints*: Minimum length of 1. Maximum length of 40. */ refId: pulumi.Input; /** * The title of the section. * *Length Constraints*: Minimum length of 1. Maximum length of 128. */ title: pulumi.Input; /** * The scoring weight of the section. * *Minimum*: 0 * *Maximum*: 100 */ weight?: pulumi.Input; } /** * Information about the automation configuration in single select questions. Automation options are evaluated in order, and the first matched option is applied. If no automation option matches, and there is a default option, then the default option is applied. */ interface EvaluationFormSingleSelectQuestionAutomationArgs { /** * Automation answer source. */ answerSource?: pulumi.Input; /** * The identifier of the default answer option, when none of the automation options match the criteria. * *Length Constraints*: Minimum length of 1. Maximum length of 40. */ defaultOptionRefId?: pulumi.Input; /** * The automation options of the single select question. * *Minimum*: 1 * *Maximum*: 20 */ options: pulumi.Input[]>; } /** * The automation options of the single select question. */ interface EvaluationFormSingleSelectQuestionAutomationOptionArgs { /** * The automation option based on a rule category for the single select question. */ ruleCategory: pulumi.Input; } /** * Information about the automation configuration in single select questions. */ interface EvaluationFormSingleSelectQuestionOptionArgs { /** * The flag to mark the option as automatic fail. If an automatic fail answer is provided, the overall evaluation gets a score of 0. */ automaticFail?: pulumi.Input; /** * Whether automatic fail is configured on a single select question. */ automaticFailConfiguration?: pulumi.Input; /** * The identifier of the answer option. An identifier must be unique within the question. * *Length Constraints*: Minimum length of 1. Maximum length of 40. */ refId: pulumi.Input; /** * The score assigned to the answer option. * *Minimum*: 0 * *Maximum*: 10 */ score?: pulumi.Input; /** * The title of the answer option. * *Length Constraints*: Minimum length of 1. Maximum length of 128. */ text: pulumi.Input; } /** * Information about the options in single select questions. */ interface EvaluationFormSingleSelectQuestionPropertiesArgs { /** * The display mode of the single select question. */ automation?: pulumi.Input; /** * The display mode of the single select question. * *Allowed values*: ``DROPDOWN`` | ``RADIO`` */ displayAs?: pulumi.Input; /** * The answer options of the single select question. * *Minimum*: 2 * *Maximum*: 256 */ options: pulumi.Input[]>; } /** * Information about the automation option based on a rule category for a single select question. * *Length Constraints*: Minimum length of 1. Maximum length of 50. */ interface EvaluationFormSingleSelectQuestionRuleCategoryAutomationArgs { /** * The category name, as defined in Rules. * *Minimum*: 1 * *Maximum*: 50 */ category: pulumi.Input; /** * The condition to apply for the automation option. If the condition is PRESENT, then the option is applied when the contact data includes the category. Similarly, if the condition is NOT_PRESENT, then the option is applied when the contact data does not include the category. * *Allowed values*: ``PRESENT`` | ``NOT_PRESENT`` * *Maximum*: 50 */ condition: pulumi.Input; /** * The identifier of the answer option. An identifier must be unique within the question. * *Length Constraints*: Minimum length of 1. Maximum length of 40. */ optionRefId: pulumi.Input; } /** * Configuration that specifies the target for an evaluation form. */ interface EvaluationFormTargetConfigurationArgs { /** * The contact interaction type for this evaluation form. */ contactInteractionType: pulumi.Input; } /** * Information about the automation configuration in text questions. */ interface EvaluationFormTextQuestionAutomationArgs { /** * Automation answer source. */ answerSource?: pulumi.Input; } /** * Information about properties for a text question in an evaluation form. */ interface EvaluationFormTextQuestionPropertiesArgs { /** * The automation properties of the text question. */ automation?: pulumi.Input; } /** * Defines the external invocation configuration of the flow module resource */ interface ExternalInvocationConfigurationPropertiesArgs { /** * Enable external invocation. */ enabled: pulumi.Input; } interface FontFamilyArgs { /** * The default font family to use in the workspace theme. */ default?: pulumi.Input; } /** * The granular access control configuration for the security profile, including data table permissions. */ interface GranularAccessControlConfigurationPropertiesArgs { /** * The access control configuration for data tables. */ dataTableAccessControlConfiguration?: pulumi.Input; } /** * Contains information about the hours of operation. */ interface HoursOfOperationConfigArgs { /** * The day that the hours of operation applies to. */ day: pulumi.Input; /** * The end time that your contact center closes. */ endTime: pulumi.Input; /** * The start time that your contact center opens. */ startTime: pulumi.Input; } /** * Overrides attached to the hours of operation. */ interface HoursOfOperationOverrideArgs { /** * The date from which the hours of operation override would be effective. */ effectiveFrom: pulumi.Input; /** * The date until the hours of operation override is effective. */ effectiveTill: pulumi.Input; /** * The identifier for the hours of operation override. */ hoursOfOperationOverrideId?: pulumi.Input; overrideConfig: pulumi.Input[]>; overrideDescription?: pulumi.Input; overrideName: pulumi.Input; overrideType?: pulumi.Input; recurrenceConfig?: pulumi.Input; } /** * Contains information about the hours of operation override. */ interface HoursOfOperationOverrideConfigArgs { /** * The day that the hours of operation override applies to. */ day: pulumi.Input; /** * The new end time that your contact center closes for the overriden days. */ endTime: pulumi.Input; /** * The new start time that your contact center opens for the overriden days. */ startTime: pulumi.Input; } /** * The start time or end time for an an hours of operation override. */ interface HoursOfOperationOverrideTimeSliceArgs { /** * The hours. */ hours: pulumi.Input; /** * The minutes. */ minutes: pulumi.Input; } /** * Configuration for recurring hours of operation overrides. */ interface HoursOfOperationRecurrenceConfigArgs { recurrencePattern: pulumi.Input; } /** * Pattern for recurring hours of operation overrides. */ interface HoursOfOperationRecurrencePatternArgs { byMonth?: pulumi.Input[]>; byMonthDay?: pulumi.Input[]>; byWeekdayOccurrence?: pulumi.Input[]>; frequency?: pulumi.Input; interval?: pulumi.Input; } /** * The start time or end time for an hours of operation. */ interface HoursOfOperationTimeSliceArgs { /** * The hours. */ hours: pulumi.Input; /** * The minutes. */ minutes: pulumi.Input; } /** * Identifier for hours of operation. */ interface HoursOfOperationsIdentifierArgs { /** * The identifier for the hours of operation. */ id: pulumi.Input; /** * The name of the hours of operation. */ name?: pulumi.Input; } interface InstanceAttributesArgs { autoResolveBestVoices?: pulumi.Input; contactLens?: pulumi.Input; contactflowLogs?: pulumi.Input; earlyMedia?: pulumi.Input; enhancedChatMonitoring?: pulumi.Input; enhancedContactMonitoring?: pulumi.Input; highVolumeOutBound?: pulumi.Input; inboundCalls: pulumi.Input; messageStreaming?: pulumi.Input; multiPartyChatConference?: pulumi.Input; multiPartyConference?: pulumi.Input; outboundCalls: pulumi.Input; useCustomTtsVoices?: pulumi.Input; } interface InstanceStorageConfigEncryptionConfigArgs { /** * The type of encryption. */ encryptionType: pulumi.Input; /** * The full ARN of the encryption key. * * > Be sure to provide the full ARN of the encryption key, not just the ID. * > * > Amazon Connect supports only KMS keys with the default key spec of [`SYMMETRIC_DEFAULT`](https://docs.aws.amazon.com/kms/latest/developerguide/asymmetric-key-specs.html#key-spec-symmetric-default) . */ keyId: pulumi.Input; } interface InstanceStorageConfigKinesisFirehoseConfigArgs { /** * The Amazon Resource Name (ARN) of the delivery stream. */ firehoseArn: pulumi.Input; } interface InstanceStorageConfigKinesisStreamConfigArgs { /** * The Amazon Resource Name (ARN) of the data stream. */ streamArn: pulumi.Input; } interface InstanceStorageConfigKinesisVideoStreamConfigArgs { /** * The encryption configuration. */ encryptionConfig: pulumi.Input; /** * The prefix of the video stream. */ prefix: pulumi.Input; /** * The number of hours data is retained in the stream. Kinesis Video Streams retains the data in a data store that is associated with the stream. * * The default value is 0, indicating that the stream does not persist data. */ retentionPeriodHours: pulumi.Input; } interface InstanceStorageConfigS3ConfigArgs { /** * The S3 bucket name. */ bucketName: pulumi.Input; /** * The S3 bucket prefix. */ bucketPrefix: pulumi.Input; /** * The Amazon S3 encryption configuration. */ encryptionConfig?: pulumi.Input; } /** * The content of a notification */ interface NotificationContentArgs { deDe?: pulumi.Input; enUs?: pulumi.Input; esEs?: pulumi.Input; frFr?: pulumi.Input; idId?: pulumi.Input; itIt?: pulumi.Input; jaJp?: pulumi.Input; koKr?: pulumi.Input; ptBr?: pulumi.Input; zhCn?: pulumi.Input; zhTw?: pulumi.Input; } /** * An email address configuration for the queue */ interface QueueEmailAddressArgs { /** * The Amazon Resource Name (ARN) of the email address */ emailAddressArn: pulumi.Input; } /** * The outbound caller ID name, number, and outbound whisper flow. */ interface QueueOutboundCallerConfigArgs { /** * The caller ID name. */ outboundCallerIdName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the outbound caller ID number. * * > Only use the phone number ARN format that doesn't contain `instance` in the path, for example, `arn:aws:connect:us-east-1:1234567890:phone-number/uuid` . This is the same ARN format that is returned when you create a phone number using CloudFormation , or when you call the [ListPhoneNumbersV2](https://docs.aws.amazon.com/connect/latest/APIReference/API_ListPhoneNumbersV2.html) API. */ outboundCallerIdNumberArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the outbound flow. */ outboundFlowArn?: pulumi.Input; } /** * The outbound email address ID. */ interface QueueOutboundEmailConfigArgs { /** * The identifier of the email address. */ outboundEmailAddressId?: pulumi.Input; } /** * Configuration settings for the quick connect. */ interface QuickConnectConfigArgs { /** * The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER. */ phoneConfig?: pulumi.Input; /** * The queue configuration. This is required only if QuickConnectType is QUEUE. */ queueConfig?: pulumi.Input; /** * The type of quick connect. In the Amazon Connect console, when you create a quick connect, you are prompted to assign one of the following types: Agent (USER), External (PHONE_NUMBER), or Queue (QUEUE). */ quickConnectType: pulumi.Input; /** * The user configuration. This is required only if QuickConnectType is USER. */ userConfig?: pulumi.Input; } /** * The phone configuration. This is required only if QuickConnectType is PHONE_NUMBER. */ interface QuickConnectPhoneNumberQuickConnectConfigArgs { /** * The phone number in E.164 format. */ phoneNumber: pulumi.Input; } /** * The queue configuration. This is required only if QuickConnectType is QUEUE. */ interface QuickConnectQueueQuickConnectConfigArgs { /** * The Amazon Resource Name (ARN) of the flow. */ contactFlowArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of the queue. */ queueArn: pulumi.Input; } /** * The user configuration. This is required only if QuickConnectType is USER. */ interface QuickConnectUserQuickConnectConfigArgs { /** * The Amazon Resource Name (ARN) of the flow. */ contactFlowArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of the user. */ userArn: pulumi.Input; } /** * Defines the cross-channel routing behavior that allows an agent working on a contact in one channel to be offered a contact from a different channel. */ interface RoutingProfileCrossChannelBehaviorArgs { /** * Specifies the other channels that can be routed to an agent handling their current channel. */ behaviorType: pulumi.Input; } /** * Contains information about the manual assignment queue and channel */ interface RoutingProfileManualAssignmentQueueConfigArgs { /** * Contains information about a queue resource. */ queueReference: pulumi.Input; } /** * Contains information about which channels are supported, and how many contacts an agent can have on a channel simultaneously. */ interface RoutingProfileMediaConcurrencyArgs { /** * The channels that agents can handle in the Contact Control Panel (CCP). */ channel: pulumi.Input; /** * The number of contacts an agent can have on a channel simultaneously. * * Valid Range for `VOICE` : Minimum value of 1. Maximum value of 1. * * Valid Range for `CHAT` : Minimum value of 1. Maximum value of 10. * * Valid Range for `TASK` : Minimum value of 1. Maximum value of 10. */ concurrency: pulumi.Input; /** * Defines the cross-channel routing behavior for each channel that is enabled for this Routing Profile. For example, this allows you to offer an agent a different contact from another channel when they are currently working with a contact from a Voice channel. */ crossChannelBehavior?: pulumi.Input; } /** * Contains information about the queue and channel for which priority and delay can be set. */ interface RoutingProfileQueueConfigArgs { /** * The delay, in seconds, a contact should be in the queue before they are routed to an available agent. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) in the *Amazon Connect Administrator Guide* . */ delay: pulumi.Input; /** * The order in which contacts are to be handled for the queue. For more information, see [Queues: priority and delay](https://docs.aws.amazon.com/connect/latest/adminguide/concepts-routing-profiles-priority.html) . */ priority: pulumi.Input; /** * Contains information about a queue resource. */ queueReference: pulumi.Input; } /** * Contains the channel and queue identifier for a routing profile. */ interface RoutingProfileQueueReferenceArgs { /** * The channels agents can handle in the Contact Control Panel (CCP) for this routing profile. */ channel: pulumi.Input; /** * The Amazon Resource Name (ARN) of the queue. */ queueArn: pulumi.Input; } /** * A list of actions to be run when the rule is triggered. */ interface RuleActionsArgs { /** * Information about the contact category action. The syntax can be empty, for example, ``{}``. */ assignContactCategoryActions?: pulumi.Input[]>; createCaseActions?: pulumi.Input[]>; endAssociatedTasksActions?: pulumi.Input[]>; /** * Information about the EV action. */ eventBridgeActions?: pulumi.Input[]>; /** * Information about the send notification action. */ sendNotificationActions?: pulumi.Input[]>; submitAutoEvaluationActions?: pulumi.Input[]>; /** * Information about the task action. This field is required if ``TriggerEventSource`` is one of the following values: ``OnZendeskTicketCreate`` | ``OnZendeskTicketStatusUpdate`` | ``OnSalesforceCaseCreate`` */ taskActions?: pulumi.Input[]>; updateCaseActions?: pulumi.Input[]>; } /** * The definition for assigning contact category action. */ interface RuleAssignContactCategoryActionArgs { } interface RuleCreateCaseActionArgs { fields: pulumi.Input[]>; templateId: pulumi.Input; } /** * The definition for ending associated task action. */ interface RuleEndAssociatedTasksActionArgs { } /** * The EV action definition. */ interface RuleEventBridgeActionArgs { /** * The name. */ name: pulumi.Input; } interface RuleFieldArgs { id: pulumi.Input; value: pulumi.Input; } /** * Object for case field values. */ interface RuleFieldValueArgs { booleanValue?: pulumi.Input; doubleValue?: pulumi.Input; emptyValue?: any; stringValue?: pulumi.Input; } /** * The type of notification recipient. */ interface RuleNotificationRecipientTypeArgs { /** * The Amazon Resource Name (ARN) of the user account. */ userArns?: pulumi.Input[]>; /** * The tags used to organize, track, or control access for this resource. For example, { "tags": {"key1":"value1", "key2":"value2"} }. CON users with the specified tags will be notified. */ userTags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Information about the reference when the ``referenceType`` is ``URL``. Otherwise, null. (Supports variable injection in the ``Value`` field.) */ interface RuleReferenceArgs { /** * The type of the reference. ``DATE`` must be of type Epoch timestamp. * *Allowed values*: ``URL`` | ``ATTACHMENT`` | ``NUMBER`` | ``STRING`` | ``DATE`` | ``EMAIL`` */ type: pulumi.Input; /** * A valid value for the reference. For example, for a URL reference, a formatted URL that is displayed to an agent in the Contact Control Panel (CCP). */ value: pulumi.Input; } /** * Information about the send notification action. */ interface RuleSendNotificationActionArgs { /** * Notification content. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Administrators Guide*. */ content: pulumi.Input; /** * Content type format. * *Allowed value*: ``PLAIN_TEXT`` */ contentType: pulumi.Input; /** * Notification delivery method. * *Allowed value*: ``EMAIL`` */ deliveryMethod: pulumi.Input; /** * Notification recipient. */ recipient: pulumi.Input; /** * The subject of the email if the delivery method is ``EMAIL``. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Administrators Guide*. */ subject?: pulumi.Input; } interface RuleSubmitAutoEvaluationActionArgs { evaluationFormArn: pulumi.Input; } /** * Information about the task action. This field is required if ``TriggerEventSource`` is one of the following values: ``OnZendeskTicketCreate`` | ``OnZendeskTicketStatusUpdate`` | ``OnSalesforceCaseCreate`` */ interface RuleTaskActionArgs { /** * The Amazon Resource Name (ARN) of the flow. */ contactFlowArn: pulumi.Input; /** * The description. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Administrators Guide*. */ description?: pulumi.Input; /** * The name. Supports variable injection. For more information, see [JSONPath reference](https://docs.aws.amazon.com/connect/latest/adminguide/contact-lens-variable-injection.html) in the *Administrators Guide*. */ name: pulumi.Input; /** * Information about the reference when the ``referenceType`` is ``URL``. Otherwise, null. ``URL`` is the only accepted type. (Supports variable injection in the ``Value`` field.) */ references?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The name of the event source. */ interface RuleTriggerEventSourceArgs { /** * The name of the event source. */ eventSourceName: pulumi.Input; /** * The Amazon Resource Name (ARN) of the integration association. ``IntegrationAssociationArn`` is required if ``TriggerEventSource`` is one of the following values: ``OnZendeskTicketCreate`` | ``OnZendeskTicketStatusUpdate`` | ``OnSalesforceCaseCreate`` */ integrationAssociationArn?: pulumi.Input; } interface RuleUpdateCaseActionArgs { fields: pulumi.Input[]>; } /** * A third-party application's metadata. */ interface SecurityProfileApplicationArgs { /** * The permissions that the agent is granted on the application */ applicationPermissions: pulumi.Input[]>; /** * Namespace of the application that you want to give access to. */ namespace: pulumi.Input; /** * The type of the application. */ type?: pulumi.Input; } /** * Defines the access control configuration for data tables. */ interface SecurityProfileDataTableAccessControlConfigurationArgs { /** * The configuration's primary attribute access control configuration. */ primaryAttributeAccessControlConfiguration?: pulumi.Input; } /** * A first-party application's metadata. */ interface SecurityProfileFlowModuleArgs { /** * The identifier of the application that you want to give access to. */ flowModuleId: pulumi.Input; /** * The type of the first-party application */ type: pulumi.Input; } /** * Contains the configuration for record-based access control. */ interface SecurityProfilePrimaryAttributeAccessControlConfigurationItemArgs { /** * An array of PrimaryAttributeValue objects. */ primaryAttributeValues: pulumi.Input[]>; } /** * An object defining the access control for a specific attribute and its values. */ interface SecurityProfilePrimaryAttributeValueArgs { /** * Specifies the type of access granted. Currently, only "ALLOW" is supported */ accessType: pulumi.Input; /** * The name of the primary attribute. */ attributeName: pulumi.Input; /** * An array of allowed primary values for the specified primary attribute. */ values: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface SecurityProfileTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * the default value for the task template's field */ interface TaskTemplateDefaultFieldValueArgs { /** * Default value for the field. */ defaultValue: pulumi.Input; /** * Identifier of a field. */ id: pulumi.Input; } /** * A task template field object. */ interface TaskTemplateFieldArgs { /** * The description of the task template's field */ description?: pulumi.Input; /** * The unique identifier for the field. */ id: pulumi.Input; /** * list of field options to be used with single select */ singleSelectOptions?: pulumi.Input[]>; /** * Indicates the type of field. Following are the valid field types: `NAME` `DESCRIPTION` | `SCHEDULED_TIME` | `QUICK_CONNECT` | `URL` | `NUMBER` | `TEXT` | `TEXT_AREA` | `DATE_TIME` | `BOOLEAN` | `SINGLE_SELECT` | `EMAIL` */ type: pulumi.Input; } /** * the identifier (name) for the task template field */ interface TaskTemplateFieldIdentifierArgs { /** * The name of the task template field */ name: pulumi.Input; } /** * Invisible field info */ interface TaskTemplateInvisibleFieldInfoArgs { id: pulumi.Input; } /** * ReadOnly field info */ interface TaskTemplateReadOnlyFieldInfoArgs { id: pulumi.Input; } /** * Required field info */ interface TaskTemplateRequiredFieldInfoArgs { id: pulumi.Input; } /** * After Contact Work configuration. */ interface UserAfterContactWorkConfigArgs { afterContactWorkTimeLimit?: pulumi.Input; } /** * After Contact Work configuration per channel. */ interface UserAfterContactWorkConfigPerChannelArgs { afterContactWorkConfig: pulumi.Input; agentFirstCallbackAfterContactWorkConfig?: pulumi.Input; channel: pulumi.Input; } /** * Auto-accept configuration per channel. */ interface UserAutoAcceptConfigArgs { agentFirstCallbackAutoAccept?: pulumi.Input; autoAccept: pulumi.Input; channel: pulumi.Input; } /** * Information about level five. */ interface UserHierarchyStructureLevelFiveArgs { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ hierarchyLevelArn?: pulumi.Input; /** * The identifier of the hierarchy level. */ hierarchyLevelId?: pulumi.Input; /** * The name of the hierarchy level. */ name: pulumi.Input; } /** * Information about level four. */ interface UserHierarchyStructureLevelFourArgs { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ hierarchyLevelArn?: pulumi.Input; /** * The identifier of the hierarchy level. */ hierarchyLevelId?: pulumi.Input; /** * The name of the hierarchy level. */ name: pulumi.Input; } /** * Information about level one. */ interface UserHierarchyStructureLevelOneArgs { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ hierarchyLevelArn?: pulumi.Input; /** * The identifier of the hierarchy level. */ hierarchyLevelId?: pulumi.Input; /** * The name of the hierarchy level. */ name: pulumi.Input; } /** * Information about level three. */ interface UserHierarchyStructureLevelThreeArgs { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ hierarchyLevelArn?: pulumi.Input; hierarchyLevelId?: pulumi.Input; /** * The name of the hierarchy level. */ name: pulumi.Input; } /** * Information about level two. */ interface UserHierarchyStructureLevelTwoArgs { /** * The Amazon Resource Name (ARN) of the hierarchy level. */ hierarchyLevelArn?: pulumi.Input; /** * The identifier of the hierarchy level. */ hierarchyLevelId?: pulumi.Input; /** * The name of the hierarchy level. */ name: pulumi.Input; } /** * Information about the hierarchy structure. */ interface UserHierarchyStructurePropertiesArgs { levelFive?: pulumi.Input; /** * The update for level four. */ levelFour?: pulumi.Input; /** * The update for level one. */ levelOne?: pulumi.Input; /** * The update for level three. */ levelThree?: pulumi.Input; /** * The update for level two. */ levelTwo?: pulumi.Input; } /** * Contains information about the identity of a user. */ interface UserIdentityInfoArgs { /** * The email address. If you are using SAML for identity management and include this parameter, an error is returned. */ email?: pulumi.Input; /** * The first name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted. */ firstName?: pulumi.Input; /** * The last name. This is required if you are using Amazon Connect or SAML for identity management. Inputs must be in Unicode Normalization Form C (NFC). Text containing characters in a non-NFC form (for example, decomposed characters or combining marks) are not accepted. */ lastName?: pulumi.Input; /** * The user's mobile number. */ mobile?: pulumi.Input; /** * The user's secondary email address. If you provide a secondary email, the user receives email notifications -- other than password reset notifications -- to this email address instead of to their primary email address. * * *Pattern* : `(?=^.{0,265}$)[a-zA-Z0-9._%+-]+@[a-zA-Z0-9.-]+\.[a-zA-Z]{2,63}` */ secondaryEmail?: pulumi.Input; } /** * Persistent Connection configuration per channel. */ interface UserPersistentConnectionConfigArgs { channel: pulumi.Input; persistentConnection: pulumi.Input; } /** * Contains information about the phone configuration settings for a user. */ interface UserPhoneConfigArgs { /** * The After Call Work (ACW) timeout setting, in seconds. This parameter has a minimum value of 0 and a maximum value of 2,000,000 seconds (24 days). Enter 0 if you don't want to allocate a specific amount of ACW time. It essentially means an indefinite amount of time. When the conversation ends, ACW starts; the agent must choose Close contact to end ACW. * * > When returned by a `SearchUsers` call, `AfterContactWorkTimeLimit` is returned in milliseconds. */ afterContactWorkTimeLimit?: pulumi.Input; /** * The Auto accept setting. */ autoAccept?: pulumi.Input; /** * The phone number for the user's desk phone. */ deskPhoneNumber?: pulumi.Input; /** * The persistent connection setting for the user. */ persistentConnection?: pulumi.Input; /** * The phone type. */ phoneType?: pulumi.Input; } /** * Phone Number configuration per channel. */ interface UserPhoneNumberConfigArgs { channel: pulumi.Input; phoneNumber?: pulumi.Input; phoneType: pulumi.Input; } /** * Proficiency of a user. */ interface UserProficiencyArgs { /** * The name of user’s proficiency. You must use a predefined attribute name that is present in the Amazon Connect instance. */ attributeName: pulumi.Input; /** * The value of user’s proficiency. You must use a predefined attribute value that is present in the Amazon Connect instance. */ attributeValue: pulumi.Input; /** * The level of the proficiency. The valid values are 1, 2, 3, 4 and 5. */ level: pulumi.Input; } /** * Voice Enhancement configuration per channel. */ interface UserVoiceEnhancementConfigArgs { channel: pulumi.Input; voiceEnhancementMode: pulumi.Input; } /** * The validation rules applied to values of this attribute. Based on JSON Schema Draft 2020-12 with additional Connect-specific validations for data integrity. */ interface ValidationPropertiesArgs { /** * Defines enumeration constraints for attribute values. Can specify a list of allowed values and whether custom values are permitted beyond the enumerated list. */ enum?: pulumi.Input; /** * The largest exclusive numeric value for NUMBER value type. Can be provided alongside Maximum where both operate independently. Must be greater than ExclusiveMinimum and Minimum. Applies to NUMBER and values within NUMBER_LIST. */ exclusiveMaximum?: pulumi.Input; /** * The smallest exclusive numeric value for NUMBER value type. Can be provided alongside Minimum where both operate independently. Must be less than ExclusiveMaximum and Maximum. Applies to NUMBER and values within NUMBER_LIST. */ exclusiveMinimum?: pulumi.Input; /** * The maximum number of characters a text value can contain. Applies to TEXT value type and values within a TEXT_LIST. Must be greater than or equal to MinLength. */ maxLength?: pulumi.Input; /** * The maximum number of values in a list. Must be an integer greater than or equal to 0 and greater than or equal to MinValues. Applies to all list types. */ maxValues?: pulumi.Input; /** * The largest inclusive numeric value for NUMBER value type. Can be provided alongside ExclusiveMaximum where both operate independently. Must be greater than or equal to Minimum and greater than ExclusiveMinimum. Applies to NUMBER and values within NUMBER_LIST. */ maximum?: pulumi.Input; /** * The minimum number of characters a text value can contain. Applies to TEXT value type and values within a TEXT_LIST. Must be less than or equal to MaxLength. */ minLength?: pulumi.Input; /** * The minimum number of values in a list. Must be an integer greater than or equal to 0 and less than or equal to MaxValues. Applies to all list types. */ minValues?: pulumi.Input; /** * The smallest inclusive numeric value for NUMBER value type. Cannot be provided when ExclusiveMinimum is also provided. Must be less than or equal to Maximum and less than ExclusiveMaximum. Applies to NUMBER and values within NUMBER_LIST. */ minimum?: pulumi.Input; /** * Specifies that numeric values must be multiples of this number. Must be greater than 0. The result of dividing a value by this multiple must result in an integer. Applies to NUMBER and values within NUMBER_LIST. */ multipleOf?: pulumi.Input; } /** * Defines enumeration constraints for attribute values. Can specify a list of allowed values and whether custom values are permitted beyond the enumerated list. */ interface ValidationPropertiesEnumPropertiesArgs { strict?: pulumi.Input; values?: pulumi.Input[]>; } /** * The values of a predefined attribute. */ interface ValuesPropertiesArgs { /** * Predefined attribute values of type string list. */ stringList?: pulumi.Input[]>; } interface WorkspaceMediaItemArgs { /** * The source URL or data for the media asset. */ source?: pulumi.Input; /** * The type of media. Valid values are: `IMAGE_LOGO_FAVICON` and `IMAGE_LOGO_HORIZONTAL` . */ type: pulumi.Input; } interface WorkspacePageArgs { /** * The input data for the page. */ inputData?: pulumi.Input; /** * The page identifier. */ page: pulumi.Input; /** * The Amazon Resource Name (ARN) of the resource associated with the page. */ resourceArn: pulumi.Input; /** * The slug for the page. */ slug?: pulumi.Input; } interface WorkspacePaletteCanvasArgs { /** * The background color for active elements. */ activeBackground?: pulumi.Input; /** * The background color for container elements. */ containerBackground?: pulumi.Input; /** * The background color for page elements. */ pageBackground?: pulumi.Input; } interface WorkspacePaletteHeaderArgs { /** * The background color of the header. */ background?: pulumi.Input; /** * Whether to invert the colors of action buttons in the header. */ invertActionsColors?: pulumi.Input; /** * The text color in the header. */ text?: pulumi.Input; /** * The text color when hovering over header elements. */ textHover?: pulumi.Input; } interface WorkspacePaletteNavigationArgs { /** * The background color of the navigation area. */ background?: pulumi.Input; /** * Whether to invert the colors of action buttons in the navigation area. */ invertActionsColors?: pulumi.Input; /** * The text color in the navigation area. */ text?: pulumi.Input; /** * The text color for active navigation items. */ textActive?: pulumi.Input; /** * The background color for active navigation items. */ textBackgroundActive?: pulumi.Input; /** * The background color when hovering over navigation text. */ textBackgroundHover?: pulumi.Input; /** * The text color when hovering over navigation items. */ textHover?: pulumi.Input; } interface WorkspacePalettePrimaryArgs { /** * The primary color used for active states. */ active?: pulumi.Input; /** * The text color that contrasts with the primary color for readability. */ contrastText?: pulumi.Input; /** * The default primary color used throughout the workspace. */ default?: pulumi.Input; } /** * The theme configuration for the Connect workspace */ interface WorkspaceThemeArgs { /** * The theme configuration for dark mode. */ dark?: pulumi.Input; /** * The theme configuration for light mode. */ light?: pulumi.Input; } interface WorkspaceThemeConfigArgs { /** * The color palette configuration for the workspace theme. */ palette?: pulumi.Input; /** * The typography configuration for the workspace theme. */ typography?: pulumi.Input; } interface WorkspaceThemePaletteArgs { /** * The color configuration for the canvas area. */ canvas?: pulumi.Input; /** * The color configuration for the header area. */ header?: pulumi.Input; /** * The color configuration for the navigation area. */ navigation?: pulumi.Input; /** * The primary color configuration used throughout the workspace. */ primary?: pulumi.Input; } interface WorkspaceThemeTypographyArgs { /** * The font family configuration for text in the workspace. */ fontFamily?: pulumi.Input; } } export declare namespace connectcampaigns { /** * Agentless Dialer config */ interface CampaignAgentlessDialerConfigArgs { /** * Allocates dialing capacity for this campaign between multiple active campaigns. */ dialingCapacity?: pulumi.Input; } /** * The configuration used for answering machine detection during outbound calls */ interface CampaignAnswerMachineDetectionConfigArgs { /** * Enables detection of prompts (e.g., beep after after a voicemail greeting) */ awaitAnswerMachinePrompt?: pulumi.Input; /** * Flag to decided whether outbound calls should have answering machine detection enabled or not */ enableAnswerMachineDetection: pulumi.Input; } /** * The possible types of dialer config parameters */ interface CampaignDialerConfigArgs { /** * The configuration of the agentless dialer. */ agentlessDialerConfig?: pulumi.Input; /** * The configuration of the predictive dialer. */ predictiveDialerConfig?: pulumi.Input; /** * The configuration of the progressive dialer. */ progressiveDialerConfig?: pulumi.Input; } /** * The configuration used for outbound calls. */ interface CampaignOutboundCallConfigArgs { /** * Whether answering machine detection has been enabled. */ answerMachineDetectionConfig?: pulumi.Input; /** * The identifier of the contact flow for the outbound call. */ connectContactFlowArn: pulumi.Input; /** * The queue for the call. If you specify a queue, the phone displayed for caller ID is the phone number specified in the queue. If you do not specify a queue, the queue defined in the contact flow is used. If you do not specify a queue, you must specify a source phone number. */ connectQueueArn?: pulumi.Input; /** * The phone number associated with the Amazon Connect instance, in E.164 format. If you do not specify a source phone number, you must specify a queue. */ connectSourcePhoneNumber?: pulumi.Input; } /** * Predictive Dialer config */ interface CampaignPredictiveDialerConfigArgs { /** * The bandwidth allocation of a queue resource. */ bandwidthAllocation: pulumi.Input; /** * Allocates dialing capacity for this campaign between multiple active campaigns. */ dialingCapacity?: pulumi.Input; } /** * Progressive Dialer config */ interface CampaignProgressiveDialerConfigArgs { /** * The bandwidth allocation of a queue resource. */ bandwidthAllocation: pulumi.Input; /** * Allocates dialing capacity for this campaign between multiple active campaigns. */ dialingCapacity?: pulumi.Input; } } export declare namespace connectcampaignsv2 { /** * Agentless config */ interface CampaignAgentlessConfigArgs { } /** * The configuration used for answering machine detection during outbound calls */ interface CampaignAnswerMachineDetectionConfigArgs { /** * Enables detection of prompts (e.g., beep after after a voicemail greeting) */ awaitAnswerMachinePrompt?: pulumi.Input; /** * Flag to decided whether outbound calls should have answering machine detection enabled or not */ enableAnswerMachineDetection: pulumi.Input; } /** * The possible types of channel subtype config parameters */ interface CampaignChannelSubtypeConfigArgs { /** * The configuration of the email channel subtype. */ email?: pulumi.Input; /** * The configuration of the SMS channel subtype. */ sms?: pulumi.Input; /** * The configuration of the telephony channel subtype. */ telephony?: pulumi.Input; /** * The configuration of the WhatsApp channel subtype. */ whatsApp?: pulumi.Input; } /** * Communication Limit */ interface CampaignCommunicationLimitArgs { frequency: pulumi.Input; maxCountPerRecipient: pulumi.Input; unit: pulumi.Input; } /** * Communication limits */ interface CampaignCommunicationLimitsArgs { /** * The list of CommunicationLimits. */ communicationLimitList?: pulumi.Input[]>; } /** * Communication limits config */ interface CampaignCommunicationLimitsConfigArgs { /** * The CommunicationLimits that apply to all channel subtypes defined in an outbound campaign. */ allChannelsSubtypes?: pulumi.Input; /** * Opt-in or Opt-out from instance-level limits. */ instanceLimitsHandling?: pulumi.Input; } /** * Campaign communication time config */ interface CampaignCommunicationTimeConfigArgs { /** * The communication time configuration for the email channel subtype. */ email?: pulumi.Input; /** * The local timezone configuration. */ localTimeZoneConfig: pulumi.Input; /** * The communication time configuration for the SMS channel subtype. */ sms?: pulumi.Input; /** * The communication time configuration for the telephony channel subtype. */ telephony?: pulumi.Input; /** * The communication time configuration for the WhatsApp channel subtype. */ whatsApp?: pulumi.Input; } /** * Daily Hour */ interface CampaignDailyHourArgs { key?: pulumi.Input; value?: pulumi.Input[]>; } /** * Email Channel Subtype config */ interface CampaignEmailChannelSubtypeConfigArgs { /** * The allocation of email capacity between multiple running outbound campaigns. */ capacity?: pulumi.Input; /** * The default email outbound configuration of an outbound campaign. */ defaultOutboundConfig: pulumi.Input; /** * The outbound mode for email of an outbound campaign. */ outboundMode: pulumi.Input; } /** * Default Email outbound config */ interface CampaignEmailOutboundConfigArgs { /** * The Amazon Connect source email address. */ connectSourceEmailAddress: pulumi.Input; /** * The display name for the Amazon Connect source email address. */ sourceEmailAddressDisplayName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Q in Connect template. */ wisdomTemplateArn: pulumi.Input; } /** * Email Outbound Mode */ interface CampaignEmailOutboundModeArgs { /** * The agentless outbound mode configuration for email. */ agentlessConfig?: pulumi.Input; } /** * Entry limits config for a campaign */ interface CampaignEntryLimitsConfigArgs { /** * Maximum number of entries per participant. 0 indicates unlimited entries. */ maxEntryCount: pulumi.Input; /** * Minimum time interval between entries for the same participant in ISO 8601 duration format */ minEntryInterval: pulumi.Input; } /** * The event trigger of the campaign */ interface CampaignEventTriggerArgs { /** * The Amazon Resource Name (ARN) of the Customer Profiles domain. */ customerProfilesDomainArn?: pulumi.Input; } /** * Local time zone config */ interface CampaignLocalTimeZoneConfigArgs { /** * The timezone to use for all recipients. */ defaultTimeZone?: pulumi.Input; /** * Detects methods for the recipient's timezone. */ localTimeZoneDetection?: pulumi.Input[]>; } /** * Open Hours config */ interface CampaignOpenHoursArgs { /** * The daily hours configuration. */ dailyHours: pulumi.Input[]>; } /** * Predictive config */ interface CampaignPredictiveConfigArgs { /** * Bandwidth allocation for the predictive outbound mode. */ bandwidthAllocation: pulumi.Input; } /** * Preview config */ interface CampaignPreviewConfigArgs { /** * Agent actions for the preview outbound mode. */ agentActions?: pulumi.Input[]>; /** * Bandwidth allocation for the preview outbound mode. */ bandwidthAllocation: pulumi.Input; /** * Countdown timer configuration for preview outbound mode. */ timeoutConfig: pulumi.Input; } /** * Progressive config */ interface CampaignProgressiveConfigArgs { /** * Bandwidth allocation for the progressive outbound mode. */ bandwidthAllocation: pulumi.Input; } /** * Restricted period */ interface CampaignRestrictedPeriodArgs { endDate: pulumi.Input; /** * The name of a restricted period */ name?: pulumi.Input; startDate: pulumi.Input; } /** * Restricted period config */ interface CampaignRestrictedPeriodsArgs { /** * The restricted period list. */ restrictedPeriodList?: pulumi.Input[]>; } /** * Campaign schedule */ interface CampaignScheduleArgs { /** * The end time of the schedule in UTC. */ endTime: pulumi.Input; /** * The refresh frequency of the campaign. */ refreshFrequency?: pulumi.Input; /** * The start time of the schedule in UTC. */ startTime: pulumi.Input; } /** * SMS Channel Subtype config */ interface CampaignSmsChannelSubtypeConfigArgs { /** * The allocation of SMS capacity between multiple running outbound campaigns. */ capacity?: pulumi.Input; /** * The default SMS outbound configuration of an outbound campaign. */ defaultOutboundConfig: pulumi.Input; /** * The outbound mode of SMS for an outbound campaign. */ outboundMode: pulumi.Input; } /** * Default SMS outbound config */ interface CampaignSmsOutboundConfigArgs { /** * The Amazon Resource Name (ARN) of the Amazon Connect source SMS phone number. */ connectSourcePhoneNumberArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Q in Connect template. */ wisdomTemplateArn: pulumi.Input; } /** * SMS Outbound Mode */ interface CampaignSmsOutboundModeArgs { /** * Contains agentless outbound mode configuration. */ agentlessConfig?: pulumi.Input; } /** * The possible source of the campaign */ interface CampaignSourceArgs { /** * The Amazon Resource Name (ARN) of the Customer Profiles segment. */ customerProfilesSegmentArn?: pulumi.Input; /** * The event trigger of the campaign. */ eventTrigger?: pulumi.Input; } /** * Telephony Channel Subtype config */ interface CampaignTelephonyChannelSubtypeConfigArgs { /** * The allocation of telephony capacity between multiple running outbound campaigns. */ capacity?: pulumi.Input; /** * The identifier of the Amazon Connect queue associated with telephony outbound requests of an outbound campaign. */ connectQueueId?: pulumi.Input; /** * The default telephony outbound configuration of an outbound campaign. */ defaultOutboundConfig: pulumi.Input; /** * The outbound mode of telephony for an outbound campaign. */ outboundMode: pulumi.Input; } /** * Default Telephone Outbound config */ interface CampaignTelephonyOutboundConfigArgs { /** * The answering machine detection configuration. */ answerMachineDetectionConfig?: pulumi.Input; /** * The identifier of the published Amazon Connect contact flow. */ connectContactFlowId: pulumi.Input; /** * The Amazon Connect source phone number. */ connectSourcePhoneNumber?: pulumi.Input; /** * The ring timeout configuration for outbound calls. Specifies how long to wait for the call to be answered before timing out. */ ringTimeout?: pulumi.Input; } /** * Telephony Outbound Mode */ interface CampaignTelephonyOutboundModeArgs { /** * The agentless outbound mode configuration for telephony. */ agentlessConfig?: pulumi.Input; /** * Contains predictive outbound mode configuration. */ predictiveConfig?: pulumi.Input; /** * Contains preview outbound mode configuration. */ previewConfig?: pulumi.Input; /** * Contains progressive telephony outbound mode configuration. */ progressiveConfig?: pulumi.Input; } /** * Time range in 24 hour format */ interface CampaignTimeRangeArgs { endTime: pulumi.Input; startTime: pulumi.Input; } /** * Time window config */ interface CampaignTimeWindowArgs { /** * The open hours configuration. */ openHours: pulumi.Input; /** * The restricted periods configuration. */ restrictedPeriods?: pulumi.Input; } /** * Timeout Config for preview contacts */ interface CampaignTimeoutConfigArgs { /** * Duration in seconds for the countdown timer. */ durationInSeconds?: pulumi.Input; } /** * WhatsApp Channel Subtype config */ interface CampaignWhatsAppChannelSubtypeConfigArgs { /** * The allocation of WhatsApp capacity between multiple running outbound campaigns. */ capacity?: pulumi.Input; /** * The default WhatsApp outbound configuration of an outbound campaign. */ defaultOutboundConfig: pulumi.Input; /** * The outbound mode for WhatsApp of an outbound campaign. */ outboundMode: pulumi.Input; } /** * Default WhatsApp outbound config */ interface CampaignWhatsAppOutboundConfigArgs { /** * The Amazon Resource Name (ARN) of the Amazon Connect source WhatsApp phone number. */ connectSourcePhoneNumberArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Q in Connect template. */ wisdomTemplateArn: pulumi.Input; } /** * WhatsApp Outbound Mode */ interface CampaignWhatsAppOutboundModeArgs { agentlessConfig?: pulumi.Input; } } export declare namespace controltower { interface EnabledBaselineParameterArgs { key?: pulumi.Input; value?: pulumi.Input[] | boolean>; } interface EnabledControlParameterArgs { /** * The key of a key/value pair. It is of type `string` . */ key: pulumi.Input; /** * The value of a key/value pair. It can be of type `array` , `string` , `number` , `object` , or `boolean` . [Note: The *Type* field that follows may show a single type such as Number, which is only one possible type.] */ value: pulumi.Input[] | string | number | any | boolean>; } } export declare namespace customerprofiles { /** * Mathematical expression and a list of attribute items specified in that expression. */ interface CalculatedAttributeDefinitionAttributeDetailsArgs { /** * Mathematical expression and a list of attribute items specified in that expression. */ attributes: pulumi.Input[]>; /** * Mathematical expression that is performed on attribute items provided in the attribute list. Each element in the expression should follow the structure of \"{ObjectTypeName.AttributeName}\". */ expression: pulumi.Input; } /** * The details of a single attribute item specified in the mathematical expression. */ interface CalculatedAttributeDefinitionAttributeItemArgs { name: pulumi.Input; } /** * The conditions including range, object count, and threshold for the calculated attribute. */ interface CalculatedAttributeDefinitionConditionsArgs { /** * The number of profile objects used for the calculated attribute. */ objectCount?: pulumi.Input; /** * The relative time period over which data is included in the aggregation. */ range?: pulumi.Input; /** * The threshold for the calculated attribute. */ threshold?: pulumi.Input; } /** * The relative time period over which data is included in the aggregation. */ interface CalculatedAttributeDefinitionRangeArgs { /** * The format the timestamp field in your JSON object is specified. This value should be one of EPOCHMILLI or ISO_8601. E.g. if your object type is MyType and source JSON is {"generatedAt": {"timestamp": "2001-07-04T12:08:56.235Z"}}, then TimestampFormat should be "ISO_8601". */ timestampFormat?: pulumi.Input; /** * An expression specifying the field in your JSON object from which the date should be parsed. The expression should follow the structure of \"{ObjectTypeName.}\". E.g. if your object type is MyType and source JSON is {"generatedAt": {"timestamp": "1737587945945"}}, then TimestampSource should be "{MyType.generatedAt.timestamp}". */ timestampSource?: pulumi.Input; /** * The unit of time. */ unit: pulumi.Input; /** * The amount of time of the specified unit. */ value?: pulumi.Input; /** * A structure letting customers specify a relative time window over which over which data is included in the Calculated Attribute. Use positive numbers to indicate that the endpoint is in the past, and negative numbers to indicate it is in the future. ValueRange overrides Value. */ valueRange?: pulumi.Input; } /** * The threshold for the calculated attribute. */ interface CalculatedAttributeDefinitionThresholdArgs { /** * The operator of the threshold. */ operator: pulumi.Input; /** * The value of the threshold. */ value: pulumi.Input; } /** * A structure specifying the endpoints of the relative time period over which data is included in the aggregation. */ interface CalculatedAttributeDefinitionValueRangeArgs { /** * The ending point for this range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future. */ end: pulumi.Input; /** * The starting point for this range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future. */ start: pulumi.Input; } /** * Configures information about the AttributeTypesSelector where the rule-based identity resolution uses to match profiles. */ interface DomainAttributeTypesSelectorArgs { /** * The Address type. You can choose from Address, BusinessAddress, MaillingAddress, and ShippingAddress. You only can use the Address type in the MatchingRule. For example, if you want to match profile based on BusinessAddress.City or MaillingAddress.City, you need to choose the BusinessAddress and the MaillingAddress to represent the Address type and specify the Address.City on the matching rule. */ address?: pulumi.Input[]>; /** * Configures the AttributeMatchingModel, you can either choose ONE_TO_ONE or MANY_TO_MANY. */ attributeMatchingModel: pulumi.Input; /** * The Email type. You can choose from EmailAddress, BusinessEmailAddress and PersonalEmailAddress. You only can use the EmailAddress type in the MatchingRule. For example, if you want to match profile based on PersonalEmailAddress or BusinessEmailAddress, you need to choose the PersonalEmailAddress and the BusinessEmailAddress to represent the EmailAddress type and only specify the EmailAddress on the matching rule. */ emailAddress?: pulumi.Input[]>; /** * The PhoneNumber type. You can choose from PhoneNumber, HomePhoneNumber, and MobilePhoneNumber. You only can use the PhoneNumber type in the MatchingRule. For example, if you want to match a profile based on Phone or HomePhone, you need to choose the Phone and the HomePhone to represent the PhoneNumber type and only specify the PhoneNumber on the matching rule. */ phoneNumber?: pulumi.Input[]>; } /** * Configuration information about the auto-merging process. */ interface DomainAutoMergingArgs { /** * Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used. */ conflictResolution?: pulumi.Input; /** * A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged. */ consolidation?: pulumi.Input; /** * The flag that enables the auto-merging of duplicate profiles. */ enabled: pulumi.Input; /** * A number between 0 and 1 that represents the minimum confidence score required for profiles within a matching group to be merged during the auto-merge process. A higher score means higher similarity required to merge profiles. */ minAllowedConfidenceScoreForMerging?: pulumi.Input; } /** * How the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same FirstName and LastName (and that is the matching criteria), which EmailAddress should be used? */ interface DomainConflictResolutionArgs { /** * How the auto-merging process should resolve conflicts between different profiles. */ conflictResolvingModel: pulumi.Input; /** * The ObjectType name that is used to resolve profile merging conflicts when choosing SOURCE as the ConflictResolvingModel. */ sourceName?: pulumi.Input; } /** * A list of matching attributes that represent matching criteria. If two profiles meet at least one of the requirements in the matching attributes list, they will be merged. */ interface DomainConsolidationArgs { /** * A list of matching criteria. */ matchingAttributesList: pulumi.Input[]>[]>; } /** * Configuration and status of the data store for the domain. */ interface DomainDataStoreArgs { /** * Whether the data store is enabled. */ enabled?: pulumi.Input; readiness?: pulumi.Input; } /** * Configuration information for exporting Identity Resolution results, for example, to an S3 bucket. */ interface DomainExportingConfigArgs { s3Exporting?: pulumi.Input; } /** * The day and time when do you want to start the Identity Resolution Job every week. */ interface DomainJobScheduleArgs { /** * The day when the Identity Resolution Job should run every week. */ dayOfTheWeek: pulumi.Input; /** * The time when the Identity Resolution Job should run every week. */ time: pulumi.Input; } /** * The process of matching duplicate profiles. If Matching = true, Amazon Connect Customer Profiles starts a weekly batch process called Identity Resolution Job. If you do not specify a date and time for Identity Resolution Job to run, by default it runs every Saturday at 12AM UTC to detect duplicate profiles in your domains. After the Identity Resolution Job completes, use the GetMatches API to return and review the results. Or, if you have configured ExportingConfig in the MatchingRequest, you can download the results from S3. */ interface DomainMatchingArgs { /** * Configuration information about the auto-merging process. */ autoMerging?: pulumi.Input; /** * The flag that enables the matching process of duplicate profiles. */ enabled: pulumi.Input; /** * The S3 location where Identity Resolution Jobs write result files. */ exportingConfig?: pulumi.Input; /** * The day and time when do you want to start the Identity Resolution Job every week. */ jobSchedule?: pulumi.Input; } /** * Specifies how does the rule-based matching process should match profiles. */ interface DomainMatchingRuleArgs { /** * A single rule level of the `MatchRules` . Configures how the rule-based matching process should match profiles. */ rule: pulumi.Input[]>; } /** * Progress information for data store setup. */ interface DomainReadinessArgs { /** * A message describing the current progress. */ message?: pulumi.Input; /** * The percentage of progress completed. */ progressPercentage?: pulumi.Input; } /** * The process of matching duplicate profiles using the Rule-Based matching. If RuleBasedMatching = true, Amazon Connect Customer Profiles will start to match and merge your profiles according to your configuration in the RuleBasedMatchingRequest. You can use the ListRuleBasedMatches and GetSimilarProfiles API to return and review the results. Also, if you have configured ExportingConfig in the RuleBasedMatchingRequest, you can download the results from S3. */ interface DomainRuleBasedMatchingArgs { /** * Configures information about the `AttributeTypesSelector` where the rule-based identity resolution uses to match profiles. */ attributeTypesSelector?: pulumi.Input; /** * Determines how the auto-merging process should resolve conflicts between different profiles. For example, if Profile A and Profile B have the same `FirstName` and `LastName` , `ConflictResolution` specifies which `EmailAddress` should be used. */ conflictResolution?: pulumi.Input; /** * The flag that enables the rule-based matching process of duplicate profiles. */ enabled: pulumi.Input; /** * The S3 location where Identity Resolution Jobs write result files. */ exportingConfig?: pulumi.Input; /** * Configures how the rule-based matching process should match profiles. You can have up to 15 MatchingRule in the MatchingRules. */ matchingRules?: pulumi.Input[]>; /** * Indicates the maximum allowed rule level for matching. */ maxAllowedRuleLevelForMatching?: pulumi.Input; /** * Indicates the maximum allowed rule level for merging. */ maxAllowedRuleLevelForMerging?: pulumi.Input; /** * The status of rule-based matching rule. */ status?: pulumi.Input; } /** * The S3 location where Identity Resolution Jobs write result files. */ interface DomainS3ExportingConfigArgs { /** * The name of the S3 bucket where Identity Resolution Jobs write result files. */ s3BucketName: pulumi.Input; /** * The S3 key name of the location where Identity Resolution Jobs write result files. */ s3KeyName?: pulumi.Input; } /** * Specifies the circumstances under which the event should trigger the destination. */ interface EventTriggerConditionArgs { eventTriggerDimensions: pulumi.Input[]>; logicalOperator: pulumi.Input; } /** * A specific event dimension to be assessed. */ interface EventTriggerDimensionArgs { objectAttributes: pulumi.Input[]>; } /** * Defines limits controlling whether an event triggers the destination, based on ingestion latency and the number of invocations per profile over specific time periods. */ interface EventTriggerLimitsArgs { /** * Specifies that an event will only trigger the destination if it is processed within a certain latency period. */ eventExpiration?: pulumi.Input; /** * A list of time periods during which the limits apply. */ periods?: pulumi.Input[]>; } /** * The criteria that a specific object attribute must meet to trigger the destination. */ interface EventTriggerObjectAttributeArgs { /** * The operator used to compare an attribute against a list of values. */ comparisonOperator: pulumi.Input; /** * A field defined within an object type. */ fieldName?: pulumi.Input; /** * An attribute contained within a source object. */ source?: pulumi.Input; /** * A list of attribute values used for comparison. */ values: pulumi.Input[]>; } /** * Defines a limit and the time period during which it is enforced. */ interface EventTriggerPeriodArgs { /** * The maximum allowed number of destination invocations per profile. */ maxInvocationsPerProfile?: pulumi.Input; /** * The unit of time. */ unit: pulumi.Input; /** * If set to true, there is no limit on the number of destination invocations per profile. The default is false. */ unlimited?: pulumi.Input; /** * The amount of time of the specified unit. */ value: pulumi.Input; } interface IntegrationConnectorOperatorArgs { /** * The operation to be performed on the provided Marketo source fields. */ marketo?: pulumi.Input; /** * The operation to be performed on the provided Amazon S3 source fields. */ s3?: pulumi.Input; /** * The operation to be performed on the provided Salesforce source fields. */ salesforce?: pulumi.Input; /** * The operation to be performed on the provided ServiceNow source fields. */ serviceNow?: pulumi.Input; /** * The operation to be performed on the provided Zendesk source fields. */ zendesk?: pulumi.Input; } interface IntegrationFlowDefinitionArgs { /** * A description of the flow you want to create. */ description?: pulumi.Input; /** * The specified name of the flow. Use underscores (_) or hyphens (-) only. Spaces are not allowed. */ flowName: pulumi.Input; /** * The Amazon Resource Name (ARN) of the AWS Key Management Service (KMS) key you provide for encryption. */ kmsArn: pulumi.Input; /** * The configuration that controls how Customer Profiles retrieves data from the source. */ sourceFlowConfig: pulumi.Input; /** * A list of tasks that Customer Profiles performs while transferring the data in the flow run. */ tasks: pulumi.Input[]>; /** * The trigger settings that determine how and when the flow runs. */ triggerConfig: pulumi.Input; } interface IntegrationIncrementalPullConfigArgs { /** * A field that specifies the date time or timestamp field as the criteria to use when importing incremental records from the source. */ datetimeTypeFieldName?: pulumi.Input; } interface IntegrationMarketoSourcePropertiesArgs { /** * The object specified in the Marketo flow source. */ object: pulumi.Input; } interface IntegrationObjectTypeMappingArgs { /** * The key. */ key: pulumi.Input; /** * The value. */ value: pulumi.Input; } interface IntegrationS3SourcePropertiesArgs { /** * The Amazon S3 bucket name where the source files are stored. */ bucketName: pulumi.Input; /** * The object key for the Amazon S3 bucket in which the source files are stored. */ bucketPrefix?: pulumi.Input; } interface IntegrationSalesforceSourcePropertiesArgs { /** * The flag that enables dynamic fetching of new (recently added) fields in the Salesforce objects while running a flow. */ enableDynamicFieldUpdate?: pulumi.Input; /** * Indicates whether Amazon AppFlow includes deleted files in the flow run. */ includeDeletedRecords?: pulumi.Input; /** * The object specified in the Salesforce flow source. */ object: pulumi.Input; } interface IntegrationScheduledTriggerPropertiesArgs { /** * Specifies whether a scheduled flow has an incremental data transfer or a complete data transfer for each flow run. */ dataPullMode?: pulumi.Input; /** * Specifies the date range for the records to import from the connector in the first flow run. */ firstExecutionFrom?: pulumi.Input; /** * Specifies the scheduled end time for a scheduled-trigger flow. */ scheduleEndTime?: pulumi.Input; /** * The scheduling expression that determines the rate at which the schedule will run, for example rate (5 minutes). */ scheduleExpression: pulumi.Input; /** * Specifies the optional offset that is added to the time interval for a schedule-triggered flow. */ scheduleOffset?: pulumi.Input; /** * Specifies the scheduled start time for a scheduled-trigger flow. The value must be a date/time value in EPOCH format. */ scheduleStartTime?: pulumi.Input; /** * Specifies the time zone used when referring to the date and time of a scheduled-triggered flow, such as America/New_York. */ timezone?: pulumi.Input; } interface IntegrationServiceNowSourcePropertiesArgs { /** * The object specified in the ServiceNow flow source. */ object: pulumi.Input; } interface IntegrationSourceConnectorPropertiesArgs { /** * The properties that are applied when Marketo is being used as a source. */ marketo?: pulumi.Input; /** * The properties that are applied when Amazon S3 is being used as the flow source. */ s3?: pulumi.Input; /** * The properties that are applied when Salesforce is being used as a source. */ salesforce?: pulumi.Input; /** * The properties that are applied when ServiceNow is being used as a source. */ serviceNow?: pulumi.Input; /** * The properties that are applied when using Zendesk as a flow source. */ zendesk?: pulumi.Input; } interface IntegrationSourceFlowConfigArgs { /** * The name of the Amazon AppFlow connector profile. This name must be unique for each connector profile in the AWS account . */ connectorProfileName?: pulumi.Input; /** * The type of connector, such as Salesforce, Marketo, and so on. */ connectorType: pulumi.Input; /** * Defines the configuration for a scheduled incremental data pull. If a valid configuration is provided, the fields specified in the configuration are used when querying for the incremental data pull. */ incrementalPullConfig?: pulumi.Input; /** * Specifies the information that is required to query a particular source connector. */ sourceConnectorProperties: pulumi.Input; } interface IntegrationTaskArgs { /** * The operation to be performed on the provided source fields. */ connectorOperator?: pulumi.Input; /** * A field in a destination connector, or a field value against which Amazon AppFlow validates a source field. */ destinationField?: pulumi.Input; /** * The source fields to which a particular task is applied. */ sourceFields: pulumi.Input[]>; /** * A map used to store task-related information. The service looks for particular information based on the TaskType. */ taskProperties?: pulumi.Input[]>; /** * Specifies the particular task implementation that Amazon AppFlow performs. */ taskType: pulumi.Input; } interface IntegrationTaskPropertiesMapArgs { /** * The task property key. */ operatorPropertyKey: pulumi.Input; /** * The task property value. */ property: pulumi.Input; } interface IntegrationTriggerConfigArgs { /** * Specifies the configuration details of a schedule-triggered flow that you define. Currently, these settings only apply to the Scheduled trigger type. */ triggerProperties?: pulumi.Input; /** * Specifies the type of flow trigger. It can be OnDemand, Scheduled, or Event. */ triggerType: pulumi.Input; } interface IntegrationTriggerPropertiesArgs { /** * Specifies the configuration details of a schedule-triggered flow that you define. */ scheduled?: pulumi.Input; } interface IntegrationZendeskSourcePropertiesArgs { /** * The object specified in the Zendesk flow source. */ object: pulumi.Input; } /** * Represents a field in a ProfileObjectType. */ interface ObjectTypeFieldArgs { /** * The content type of the field. Used for determining equality when searching. */ contentType?: pulumi.Input; /** * A field of a ProfileObject. For example: _source.FirstName, where "_source" is a ProfileObjectType of a Zendesk user and "FirstName" is a field in that ObjectType. */ source?: pulumi.Input; /** * The location of the data in the standard ProfileObject model. For example: _profile.Address.PostalCode. */ target?: pulumi.Input; } interface ObjectTypeFieldMapArgs { /** * Name of the field. */ name?: pulumi.Input; /** * Represents a field in a ProfileObjectType. */ objectTypeField?: pulumi.Input; } /** * An object that defines the Key element of a ProfileObject. A Key is a special element that can be used to search for a customer profile. */ interface ObjectTypeKeyArgs { /** * The reference for the key name of the fields map. */ fieldNames?: pulumi.Input[]>; /** * The types of keys that a ProfileObject can have. Each ProfileObject can have only 1 UNIQUE key but multiple PROFILE keys. PROFILE means that this key can be used to tie an object to a PROFILE. UNIQUE means that it can be used to uniquely identify an object. If a key a is marked as SECONDARY, it will be used to search for profiles after all other PROFILE keys have been searched. A LOOKUP_ONLY key is only used to match a profile but is not persisted to be used for searching of the profile. A NEW_ONLY key is only used if the profile does not already exist before the object is ingested, otherwise it is only used for matching objects to profiles. */ standardIdentifiers?: pulumi.Input[]>; } interface ObjectTypeKeyMapArgs { /** * Name of the key. */ name?: pulumi.Input; /** * A list of ObjectTypeKey. */ objectTypeKeyList?: pulumi.Input[]>; } /** * Configuration for the recommender */ interface RecommenderConfigArgs { eventsConfig?: pulumi.Input; } /** * Event parameters with type and value threshold */ interface RecommenderEventParametersArgs { /** * The type of event */ eventType: pulumi.Input; /** * The threshold of the event type. Only events with a value greater or equal to this threshold will be considered for solution creation. */ eventValueThreshold?: pulumi.Input; } /** * Configuration for events used in the recommender */ interface RecommenderEventsConfigArgs { /** * List of event parameters with their value thresholds */ eventParametersList: pulumi.Input[]>; } /** * The address based criteria for the segment. */ interface SegmentDefinitionAddressDimensionArgs { city?: pulumi.Input; country?: pulumi.Input; county?: pulumi.Input; postalCode?: pulumi.Input; province?: pulumi.Input; state?: pulumi.Input; } /** * Specifies attribute based criteria for a segment. */ interface SegmentDefinitionAttributeDimensionArgs { dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * Specifies calculated attribute based criteria for a segment. */ interface SegmentDefinitionCalculatedAttributeDimensionArgs { conditionOverrides?: pulumi.Input; dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * Overrides the condition block within the original calculated attribute definition. */ interface SegmentDefinitionConditionOverridesArgs { range?: pulumi.Input; } /** * Specifies date based criteria for a segment. */ interface SegmentDefinitionDateDimensionArgs { dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * The criteria that define the dimensions for the segment. */ interface SegmentDefinitionDimension0PropertiesArgs { profileAttributes: pulumi.Input; } /** * The criteria that define the dimensions for the segment. */ interface SegmentDefinitionDimension1PropertiesArgs { calculatedAttributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Specifies criteria for a segment using extended-length string values. */ interface SegmentDefinitionExtraLengthValueProfileDimensionArgs { dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * An array that defines the set of segment criteria to evaluate when handling segment groups for the segment. */ interface SegmentDefinitionGroupArgs { /** * Defines the attributes to segment on. */ dimensions?: pulumi.Input[]>; /** * Defines the starting source of data. */ sourceSegments?: pulumi.Input[]>; /** * Defines how to interact with the source data. */ sourceType?: pulumi.Input; /** * Defines how to interact with the profiles found in the current filtering. */ type?: pulumi.Input; } /** * Specifies the dimension settings within profile attributes for a segment. */ interface SegmentDefinitionProfileAttributesArgs { accountNumber?: pulumi.Input; additionalInformation?: pulumi.Input; address?: pulumi.Input; attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; billingAddress?: pulumi.Input; birthDate?: pulumi.Input; businessEmailAddress?: pulumi.Input; businessName?: pulumi.Input; businessPhoneNumber?: pulumi.Input; emailAddress?: pulumi.Input; firstName?: pulumi.Input; genderString?: pulumi.Input; homePhoneNumber?: pulumi.Input; lastName?: pulumi.Input; mailingAddress?: pulumi.Input; middleName?: pulumi.Input; mobilePhoneNumber?: pulumi.Input; partyTypeString?: pulumi.Input; personalEmailAddress?: pulumi.Input; phoneNumber?: pulumi.Input; profileType?: pulumi.Input; shippingAddress?: pulumi.Input; } /** * Specifies profile based criteria for a segment. */ interface SegmentDefinitionProfileDimensionArgs { dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * Specifies profile type based criteria for a segment. */ interface SegmentDefinitionProfileTypeDimensionArgs { dimensionType: pulumi.Input; values: pulumi.Input[]>; } /** * Defines the range to be applied to the calculated attribute definition. */ interface SegmentDefinitionRangeOverrideArgs { /** * The ending point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future. */ end?: pulumi.Input; /** * The starting point for this overridden range. Positive numbers indicate how many days in the past data should be included, and negative numbers indicate how many days in the future. */ start: pulumi.Input; /** * The unit to be applied to the range. */ unit: pulumi.Input; } interface SegmentDefinitionSegmentGroupArgs { /** * Holds the list of groups within the segment definition. */ groups?: pulumi.Input[]>; /** * Defines whether to include or exclude the profiles that fit the segment criteria. */ include?: pulumi.Input; } /** * Defines how segments should be sorted and ordered in the results. */ interface SegmentDefinitionSegmentSortArgs { /** * A list of attributes used to sort the segments and their ordering preferences. */ attributes: pulumi.Input[]>; } /** * Defines the characteristics and rules for sorting by a specific attribute. */ interface SegmentDefinitionSortAttributeArgs { dataType?: pulumi.Input; /** * The name of the attribute to sort by. */ name: pulumi.Input; order: pulumi.Input; type?: pulumi.Input; } /** * The base segment to build the segment on. */ interface SegmentDefinitionSourceSegmentArgs { /** * The name of the source segment. */ segmentDefinitionName?: pulumi.Input; } } export declare namespace databrew { /** * Csv options */ interface DatasetCsvOptionsArgs { /** * A single character that specifies the delimiter being used in the CSV file. */ delimiter?: pulumi.Input; /** * A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated. */ headerRow?: pulumi.Input; } interface DatasetDataCatalogInputDefinitionArgs { /** * Catalog id */ catalogId?: pulumi.Input; /** * Database name */ databaseName?: pulumi.Input; /** * Table name */ tableName?: pulumi.Input; /** * An Amazon location that AWS Glue Data Catalog can use as a temporary directory. */ tempDirectory?: pulumi.Input; } interface DatasetDatabaseInputDefinitionArgs { /** * Database table name */ databaseTableName?: pulumi.Input; /** * Glue connection name */ glueConnectionName: pulumi.Input; /** * Custom SQL to run against the provided AWS Glue connection. This SQL will be used as the input for DataBrew projects and jobs. */ queryString?: pulumi.Input; /** * An Amazon location that AWS Glue Data Catalog can use as a temporary directory. */ tempDirectory?: pulumi.Input; } interface DatasetDatetimeOptionsArgs { /** * Date/time format of a date parameter */ format: pulumi.Input; /** * Locale code for a date parameter */ localeCode?: pulumi.Input; /** * Timezone offset */ timezoneOffset?: pulumi.Input; } interface DatasetExcelOptionsArgs { /** * A variable that specifies whether the first row in the file is parsed as the header. If this value is false, column names are auto-generated. */ headerRow?: pulumi.Input; /** * One or more sheet numbers in the Excel file that will be included in the dataset. */ sheetIndexes?: pulumi.Input[]>; /** * One or more named sheets in the Excel file that will be included in the dataset. */ sheetNames?: pulumi.Input[]>; } interface DatasetFilesLimitArgs { /** * Maximum number of files */ maxFiles: pulumi.Input; /** * Order */ order?: pulumi.Input; /** * Ordered by */ orderedBy?: pulumi.Input; } interface DatasetFilterExpressionArgs { /** * Filtering expression for a parameter */ expression: pulumi.Input; /** * The map of substitution variable names to their values used in this filter expression. */ valuesMap: pulumi.Input[]>; } /** * A key-value pair to associate expression variable names with their values */ interface DatasetFilterValueArgs { /** * The value to be associated with the substitution variable. */ value: pulumi.Input; /** * Variable name */ valueReference: pulumi.Input; } /** * Format options for dataset */ interface DatasetFormatOptionsArgs { /** * Options that define how CSV input is to be interpreted by DataBrew. */ csv?: pulumi.Input; /** * Options that define how Excel input is to be interpreted by DataBrew. */ excel?: pulumi.Input; /** * Options that define how JSON input is to be interpreted by DataBrew. */ json?: pulumi.Input; } /** * Input */ interface DatasetInputArgs { /** * The AWS Glue Data Catalog parameters for the data. */ dataCatalogInputDefinition?: pulumi.Input; /** * Connection information for dataset input files stored in a database. */ databaseInputDefinition?: pulumi.Input; /** * Contains additional resource information needed for specific datasets. */ metadata?: pulumi.Input; /** * The Amazon S3 location where the data is stored. */ s3InputDefinition?: pulumi.Input; } /** * Json options */ interface DatasetJsonOptionsArgs { /** * A value that specifies whether JSON input contains embedded new line characters. */ multiLine?: pulumi.Input; } interface DatasetMetadataArgs { /** * Arn of the source of the dataset. For e.g.: AppFlow Flow ARN. */ sourceArn?: pulumi.Input; } interface DatasetParameterArgs { /** * Add the value of this parameter as a column in a dataset. */ createColumn?: pulumi.Input; /** * Additional parameter options such as a format and a timezone. Required for datetime parameters. */ datetimeOptions?: pulumi.Input; /** * The optional filter expression structure to apply additional matching criteria to the parameter. */ filter?: pulumi.Input; /** * The name of the parameter that is used in the dataset's Amazon S3 path. */ name: pulumi.Input; /** * Parameter type */ type: pulumi.Input; } /** * Path options for dataset */ interface DatasetPathOptionsArgs { /** * If provided, this structure imposes a limit on a number of files that should be selected. */ filesLimit?: pulumi.Input; /** * If provided, this structure defines a date range for matching Amazon S3 objects based on their LastModifiedDate attribute in Amazon S3 . */ lastModifiedDateCondition?: pulumi.Input; /** * A structure that maps names of parameters used in the Amazon S3 path of a dataset to their definitions. */ parameters?: pulumi.Input[]>; } /** * A key-value pair to associate dataset parameter name with its definition. */ interface DatasetPathParameterArgs { /** * The path parameter definition. */ datasetParameter: pulumi.Input; /** * The name of the path parameter. */ pathParameterName: pulumi.Input; } /** * Input location */ interface DatasetS3LocationArgs { /** * The Amazon S3 bucket name. */ bucket: pulumi.Input; /** * The AWS account ID of the bucket owner. */ bucketOwner?: pulumi.Input; /** * The unique name of the object in the bucket. */ key?: pulumi.Input; } interface JobAllowedStatisticsArgs { /** * One or more column statistics to allow for columns that contain detected entities. */ statistics: pulumi.Input[]>; } interface JobColumnSelectorArgs { /** * The name of a column from a dataset. */ name?: pulumi.Input; /** * A regular expression for selecting a column from a dataset. */ regex?: pulumi.Input; } interface JobColumnStatisticsConfigurationArgs { /** * List of column selectors. Selectors can be used to select columns from the dataset. When selectors are undefined, configuration will be applied to all supported columns. */ selectors?: pulumi.Input[]>; /** * Configuration for evaluations. Statistics can be used to select evaluations and override parameters of evaluations. */ statistics: pulumi.Input; } /** * Output Csv options */ interface JobCsvOutputOptionsArgs { /** * A single character that specifies the delimiter used to create CSV job output. */ delimiter?: pulumi.Input; } interface JobDataCatalogOutputArgs { /** * The unique identifier of the AWS account that holds the Data Catalog that stores the data. */ catalogId?: pulumi.Input; /** * The name of a database in the Data Catalog. */ databaseName: pulumi.Input; /** * Represents options that specify how and where DataBrew writes the database output generated by recipe jobs. */ databaseOptions?: pulumi.Input; /** * A value that, if true, means that any data in the location specified for output is overwritten with new output. Not supported with DatabaseOptions. */ overwrite?: pulumi.Input; /** * Represents options that specify how and where DataBrew writes the Amazon S3 output generated by recipe jobs. */ s3Options?: pulumi.Input; /** * The name of a table in the Data Catalog. */ tableName: pulumi.Input; } interface JobDatabaseOutputArgs { /** * Represents options that specify how and where DataBrew writes the database output generated by recipe jobs. */ databaseOptions: pulumi.Input; /** * Database table name */ databaseOutputMode?: pulumi.Input; /** * Glue connection name */ glueConnectionName: pulumi.Input; } interface JobDatabaseTableOutputOptionsArgs { /** * A prefix for the name of a table DataBrew will create in the database. */ tableName: pulumi.Input; /** * Represents an Amazon S3 location (bucket name and object key) where DataBrew can store intermediate results. */ tempDirectory?: pulumi.Input; } interface JobEntityDetectorConfigurationArgs { /** * Configuration of statistics that are allowed to be run on columns that contain detected entities. When undefined, no statistics will be computed on columns that contain detected entities. */ allowedStatistics?: pulumi.Input; /** * Entity types to detect. Can be any of the following: * * - USA_SSN * - EMAIL * - USA_ITIN * - USA_PASSPORT_NUMBER * - PHONE_NUMBER * - USA_DRIVING_LICENSE * - BANK_ACCOUNT * - CREDIT_CARD * - IP_ADDRESS * - MAC_ADDRESS * - USA_DEA_NUMBER * - USA_HCPCS_CODE * - USA_NATIONAL_PROVIDER_IDENTIFIER * - USA_NATIONAL_DRUG_CODE * - USA_HEALTH_INSURANCE_CLAIM_NUMBER * - USA_MEDICARE_BENEFICIARY_IDENTIFIER * - USA_CPT_CODE * - PERSON_NAME * - DATE * * The Entity type group USA_ALL is also supported, and includes all of the above entity types except PERSON_NAME and DATE. */ entityTypes: pulumi.Input[]>; } interface JobOutputArgs { /** * The compression algorithm used to compress the output text of the job. */ compressionFormat?: pulumi.Input; /** * The data format of the output of the job. */ format?: pulumi.Input; /** * Represents options that define how DataBrew formats job output files. */ formatOptions?: pulumi.Input; /** * The location in Amazon S3 where the job writes its output. */ location: pulumi.Input; /** * The maximum number of files to be generated by the job and written to the output folder. */ maxOutputFiles?: pulumi.Input; /** * A value that, if true, means that any data in the location specified for output is overwritten with new output. */ overwrite?: pulumi.Input; /** * The names of one or more partition columns for the output of the job. */ partitionColumns?: pulumi.Input[]>; } /** * Format options for job Output */ interface JobOutputFormatOptionsArgs { /** * Represents a set of options that define the structure of comma-separated value (CSV) job output. */ csv?: pulumi.Input; } /** * Output location */ interface JobOutputLocationArgs { /** * The Amazon S3 bucket name. */ bucket: pulumi.Input; bucketOwner?: pulumi.Input; /** * The unique name of the object in the bucket. */ key?: pulumi.Input; } interface JobProfileConfigurationArgs { /** * List of configurations for column evaluations. ColumnStatisticsConfigurations are used to select evaluations and override parameters of evaluations for particular columns. When ColumnStatisticsConfigurations is undefined, the profile job will profile all supported columns and run all supported evaluations. */ columnStatisticsConfigurations?: pulumi.Input[]>; /** * Configuration for inter-column evaluations. Configuration can be used to select evaluations and override parameters of evaluations. When configuration is undefined, the profile job will run all supported inter-column evaluations. */ datasetStatisticsConfiguration?: pulumi.Input; /** * Configuration of entity detection for a profile job. When undefined, entity detection is disabled. */ entityDetectorConfiguration?: pulumi.Input; /** * List of column selectors. ProfileColumns can be used to select columns from the dataset. When ProfileColumns is undefined, the profile job will profile all supported columns. */ profileColumns?: pulumi.Input[]>; } interface JobRecipeArgs { /** * Recipe name */ name: pulumi.Input; /** * Recipe version */ version?: pulumi.Input; } /** * S3 Output location */ interface JobS3LocationArgs { /** * The Amazon S3 bucket name. */ bucket: pulumi.Input; /** * The AWS account ID of the bucket owner. */ bucketOwner?: pulumi.Input; /** * The unique name of the object in the bucket. */ key?: pulumi.Input; } interface JobS3TableOutputOptionsArgs { /** * Represents an Amazon S3 location (bucket name and object key) where DataBrew can write output from a job. */ location: pulumi.Input; } /** * Job Sample */ interface JobSampleArgs { /** * A value that determines whether the profile job is run on the entire dataset or a specified number of rows. This value must be one of the following: * * - FULL_DATASET - The profile job is run on the entire dataset. * - CUSTOM_ROWS - The profile job is run on the number of rows specified in the `Size` parameter. */ mode?: pulumi.Input; /** * The `Size` parameter is only required when the mode is CUSTOM_ROWS. The profile job is run on the specified number of rows. The maximum value for size is Long.MAX_VALUE. * * Long.MAX_VALUE = 9223372036854775807 */ size?: pulumi.Input; } interface JobStatisticOverrideArgs { /** * A map that includes overrides of an evaluation’s parameters. */ parameters: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of an evaluation */ statistic: pulumi.Input; } interface JobStatisticsConfigurationArgs { /** * List of included evaluations. When the list is undefined, all supported evaluations will be included. */ includedStatistics?: pulumi.Input[]>; /** * List of overrides for evaluations. */ overrides?: pulumi.Input[]>; } /** * Configuration to attach Rulesets to the job */ interface JobValidationConfigurationArgs { /** * Arn of the Ruleset */ rulesetArn: pulumi.Input; /** * Mode of data quality validation. Default mode is "CHECK_ALL" which verifies all rules defined in the selected ruleset. */ validationMode?: pulumi.Input; } interface ProjectSampleArgs { /** * Sample size */ size?: pulumi.Input; /** * Sample type */ type: pulumi.Input; } interface RecipeActionArgs { /** * Step action operation */ operation: pulumi.Input; /** * Contextual parameters for the transformation. */ parameters?: pulumi.Input; }>; } /** * Condition expressions applied to the step action */ interface RecipeConditionExpressionArgs { /** * Input condition to be applied to the target column */ condition: pulumi.Input; /** * Name of the target column */ targetColumn: pulumi.Input; /** * Value of the condition */ value?: pulumi.Input; } interface RecipeDataCatalogInputDefinitionArgs { /** * Catalog id */ catalogId?: pulumi.Input; /** * Database name */ databaseName?: pulumi.Input; /** * Table name */ tableName?: pulumi.Input; tempDirectory?: pulumi.Input; } interface RecipeParametersArgs { aggregateFunction?: pulumi.Input; base?: pulumi.Input; caseStatement?: pulumi.Input; categoryMap?: pulumi.Input; charsToRemove?: pulumi.Input; collapseConsecutiveWhitespace?: pulumi.Input; columnDataType?: pulumi.Input; columnRange?: pulumi.Input; count?: pulumi.Input; customCharacters?: pulumi.Input; customStopWords?: pulumi.Input; customValue?: pulumi.Input; datasetsColumns?: pulumi.Input; dateAddValue?: pulumi.Input; dateTimeFormat?: pulumi.Input; dateTimeParameters?: pulumi.Input; deleteOtherRows?: pulumi.Input; delimiter?: pulumi.Input; endPattern?: pulumi.Input; endPosition?: pulumi.Input; endValue?: pulumi.Input; expandContractions?: pulumi.Input; exponent?: pulumi.Input; falseString?: pulumi.Input; groupByAggFunctionOptions?: pulumi.Input; groupByColumns?: pulumi.Input; hiddenColumns?: pulumi.Input; ignoreCase?: pulumi.Input; includeInSplit?: pulumi.Input; /** * Input */ input?: pulumi.Input; interval?: pulumi.Input; isText?: pulumi.Input; joinKeys?: pulumi.Input; joinType?: pulumi.Input; leftColumns?: pulumi.Input; limit?: pulumi.Input; lowerBound?: pulumi.Input; mapType?: pulumi.Input; modeType?: pulumi.Input; multiLine?: pulumi.Input; numRows?: pulumi.Input; numRowsAfter?: pulumi.Input; numRowsBefore?: pulumi.Input; orderByColumn?: pulumi.Input; orderByColumns?: pulumi.Input; other?: pulumi.Input; pattern?: pulumi.Input; patternOption1?: pulumi.Input; patternOption2?: pulumi.Input; patternOptions?: pulumi.Input; period?: pulumi.Input; position?: pulumi.Input; removeAllPunctuation?: pulumi.Input; removeAllQuotes?: pulumi.Input; removeAllWhitespace?: pulumi.Input; removeCustomCharacters?: pulumi.Input; removeCustomValue?: pulumi.Input; removeLeadingAndTrailingPunctuation?: pulumi.Input; removeLeadingAndTrailingQuotes?: pulumi.Input; removeLeadingAndTrailingWhitespace?: pulumi.Input; removeLetters?: pulumi.Input; removeNumbers?: pulumi.Input; removeSourceColumn?: pulumi.Input; removeSpecialCharacters?: pulumi.Input; rightColumns?: pulumi.Input; sampleSize?: pulumi.Input; sampleType?: pulumi.Input; secondInput?: pulumi.Input; secondaryInputs?: pulumi.Input[]>; sheetIndexes?: pulumi.Input[]>; sheetNames?: pulumi.Input[]>; sourceColumn?: pulumi.Input; sourceColumn1?: pulumi.Input; sourceColumn2?: pulumi.Input; sourceColumns?: pulumi.Input; startColumnIndex?: pulumi.Input; startPattern?: pulumi.Input; startPosition?: pulumi.Input; startValue?: pulumi.Input; stemmingMode?: pulumi.Input; stepCount?: pulumi.Input; stepIndex?: pulumi.Input; stopWordsMode?: pulumi.Input; strategy?: pulumi.Input; targetColumn?: pulumi.Input; targetColumnNames?: pulumi.Input; targetDateFormat?: pulumi.Input; targetIndex?: pulumi.Input; timeZone?: pulumi.Input; tokenizerPattern?: pulumi.Input; trueString?: pulumi.Input; udfLang?: pulumi.Input; units?: pulumi.Input; unpivotColumn?: pulumi.Input; upperBound?: pulumi.Input; useNewDataFrame?: pulumi.Input; value?: pulumi.Input; value1?: pulumi.Input; value2?: pulumi.Input; valueColumn?: pulumi.Input; viewFrame?: pulumi.Input; } /** * Input */ interface RecipeParametersInputPropertiesArgs { dataCatalogInputDefinition?: pulumi.Input; s3InputDefinition?: pulumi.Input; } /** * Input location */ interface RecipeS3LocationArgs { bucket: pulumi.Input; key?: pulumi.Input; } /** * Secondary input */ interface RecipeSecondaryInputArgs { dataCatalogInputDefinition?: pulumi.Input; s3InputDefinition?: pulumi.Input; } interface RecipeStepArgs { /** * The particular action to be performed in the recipe step. */ action: pulumi.Input; /** * Condition expressions applied to the step action */ conditionExpressions?: pulumi.Input[]>; } /** * Selector of a column from a dataset for profile job configuration. One selector includes either a column name or a regular expression */ interface RulesetColumnSelectorArgs { /** * The name of a column from a dataset */ name?: pulumi.Input; /** * A regular expression for selecting a column from a dataset */ regex?: pulumi.Input; } /** * Data quality rule for a target resource (dataset) */ interface RulesetRuleArgs { /** * The expression which includes column references, condition names followed by variable references, possibly grouped and combined with other conditions. For example, `(:col1 starts_with :prefix1 or :col1 starts_with :prefix2) and (:col1 ends_with :suffix1 or :col1 ends_with :suffix2)` . Column and value references are substitution variables that should start with the ':' symbol. Depending on the context, substitution variables' values can be either an actual value or a column name. These values are defined in the SubstitutionMap. If a CheckExpression starts with a column reference, then ColumnSelectors in the rule should be null. If ColumnSelectors has been defined, then there should be no columnn reference in the left side of a condition, for example, `is_between :val1 and :val2` . */ checkExpression: pulumi.Input; /** * List of column selectors. Selectors can be used to select columns using a name or regular expression from the dataset. Rule will be applied to selected columns. */ columnSelectors?: pulumi.Input[]>; /** * A value that specifies whether the rule is disabled. Once a rule is disabled, a profile job will not validate it during a job run. Default value is false. */ disabled?: pulumi.Input; /** * Name of the rule */ name: pulumi.Input; /** * The map of substitution variable names to their values used in a check expression. Variable names should start with a ':' (colon). Variable values can either be actual values or column names. To differentiate between the two, column names should be enclosed in backticks, for example, `":col1": "`Column A`".` */ substitutionMap?: pulumi.Input[]>; /** * The threshold used with a non-aggregate check expression. Non-aggregate check expressions will be applied to each row in a specific column, and the threshold will be used to determine whether the validation succeeds. */ threshold?: pulumi.Input; } /** * A key-value pair to associate expression's substitution variable names with their values */ interface RulesetSubstitutionValueArgs { /** * Value or column name */ value: pulumi.Input; /** * Variable name */ valueReference: pulumi.Input; } interface RulesetThresholdArgs { /** * The type of a threshold. Used for comparison of an actual count of rows that satisfy the rule to the threshold value. */ type?: pulumi.Input; /** * Unit of threshold value. Can be either a COUNT or PERCENTAGE of the full sample size used for validation. */ unit?: pulumi.Input; /** * The value of a threshold. */ value: pulumi.Input; } } export declare namespace datapipeline { interface PipelineFieldArgs { /** * Specifies the name of a field for a particular object. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide. */ key: pulumi.Input; /** * A field value that you specify as an identifier of another object in the same pipeline definition. */ refValue?: pulumi.Input; /** * A field value that you specify as a string. To view valid values for a particular field, see Pipeline Object Reference in the AWS Data Pipeline Developer Guide. */ stringValue?: pulumi.Input; } interface PipelineObjectArgs { /** * Key-value pairs that define the properties of the object. */ fields: pulumi.Input[]>; /** * The ID of the object. */ id: pulumi.Input; /** * The name of the object. */ name: pulumi.Input; } interface PipelineParameterAttributeArgs { /** * The field identifier. */ key: pulumi.Input; /** * The field value, expressed as a String. */ stringValue: pulumi.Input; } interface PipelineParameterObjectArgs { /** * The attributes of the parameter object. */ attributes: pulumi.Input[]>; /** * The ID of the parameter object. */ id: pulumi.Input; } interface PipelineParameterValueArgs { /** * The ID of the parameter value. */ id: pulumi.Input; /** * The field value, expressed as a String. */ stringValue: pulumi.Input; } } export declare namespace datasync { /** * Specifies the shared access signature (SAS) that DataSync uses to access your Azure Blob Storage container. */ interface LocationAzureBlobAzureBlobSasConfigurationArgs { /** * Specifies the shared access signature (SAS) token, which indicates the permissions DataSync needs to access your Azure Blob Storage container. */ azureBlobSasToken: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationAzureBlobCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationAzureBlobCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * The subnet and security group that DataSync uses to access target EFS file system. */ interface LocationEfsEc2ConfigArgs { /** * The Amazon Resource Names (ARNs) of the security groups that are configured for the Amazon EC2 resource. */ securityGroupArns: pulumi.Input[]>; /** * The ARN of the subnet that DataSync uses to access the target EFS file system. */ subnetArn: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationFSxOntapCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationFSxOntapCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location. DataSync uses the default AWS-managed KMS key to encrypt this secret in AWS Secrets Manager. */ interface LocationFSxOntapManagedSecretConfigArgs { /** * Specifies the ARN for an AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * NFS protocol configuration for FSx ONTAP file system. */ interface LocationFSxOntapNfsArgs { /** * Specifies how DataSync can access a location using the NFS protocol. */ mountOptions: pulumi.Input; } /** * The NFS mount options that DataSync can use to mount your NFS share. */ interface LocationFSxOntapNfsMountOptionsArgs { /** * The specific NFS version that you want DataSync to use to mount your NFS share. */ version?: pulumi.Input; } /** * Configuration settings for NFS or SMB protocol. */ interface LocationFSxOntapProtocolArgs { /** * Specifies the Network File System (NFS) protocol configuration that DataSync uses to access your FSx for ONTAP file system's storage virtual machine (SVM). */ nfs?: pulumi.Input; /** * Specifies the Server Message Block (SMB) protocol configuration that DataSync uses to access your FSx for ONTAP file system's SVM. */ smb?: pulumi.Input; } /** * SMB protocol configuration for FSx ONTAP file system. */ interface LocationFSxOntapSmbArgs { cmkSecretConfig?: pulumi.Input; customSecretConfig?: pulumi.Input; /** * The name of the Windows domain that the SMB server belongs to. */ domain?: pulumi.Input; managedSecretConfig?: pulumi.Input; /** * Specifies how DataSync can access a location using the SMB protocol. */ mountOptions: pulumi.Input; /** * The password of the user who can mount the share and has the permissions to access files and folders in the SMB share. */ password?: pulumi.Input; /** * The user who can mount the share, has the permissions to access files and folders in the SMB share. */ user: pulumi.Input; } /** * The mount options used by DataSync to access the SMB server. */ interface LocationFSxOntapSmbMountOptionsArgs { /** * The specific SMB version that you want DataSync to use to mount your SMB share. */ version?: pulumi.Input; } /** * The NFS mount options that DataSync can use to mount your NFS share. */ interface LocationFSxOpenZfsMountOptionsArgs { /** * The specific NFS version that you want DataSync to use to mount your NFS share. */ version?: pulumi.Input; } /** * FSx OpenZFS file system NFS protocol information */ interface LocationFSxOpenZfsNfsArgs { /** * Represents the mount options that are available for DataSync to access an NFS location. */ mountOptions: pulumi.Input; } /** * Configuration settings for an NFS or SMB protocol, currently only support NFS */ interface LocationFSxOpenZfsProtocolArgs { /** * Represents the Network File System (NFS) protocol that DataSync uses to access your FSx for OpenZFS file system. */ nfs?: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationFSxWindowsCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationFSxWindowsCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationHdfsCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationHdfsCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * HDFS Name Node IP and port information. */ interface LocationHdfsNameNodeArgs { /** * The DNS name or IP address of the Name Node in the customer's on premises HDFS cluster. */ hostname: pulumi.Input; /** * The port on which the Name Node is listening on for client requests. */ port: pulumi.Input; } /** * Configuration information for RPC Protection and Data Transfer Protection. These parameters can be set to AUTHENTICATION, INTEGRITY, or PRIVACY. The default value is PRIVACY. */ interface LocationHdfsQopConfigurationArgs { /** * Configuration for Data Transfer Protection. */ dataTransferProtection?: pulumi.Input; /** * Configuration for RPC Protection. */ rpcProtection?: pulumi.Input; } /** * The NFS mount options that DataSync can use to mount your NFS share. */ interface LocationNfsMountOptionsArgs { /** * The specific NFS version that you want DataSync to use to mount your NFS share. */ version?: pulumi.Input; } /** * Contains a list of Amazon Resource Names (ARNs) of agents that are used to connect an NFS server. */ interface LocationNfsOnPremConfigArgs { /** * ARN(s) of the agent(s) to use for an NFS location. */ agentArns: pulumi.Input[]>; } /** * Specifies configuration information for a DataSync-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationObjectStorageCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as an authentication token or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationObjectStorageCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * The Amazon Resource Name (ARN) of the AWS IAM role that is used to access an Amazon S3 bucket. */ interface LocationS3s3ConfigArgs { /** * The ARN of the IAM role of the Amazon S3 bucket. */ bucketAccessRoleArn: pulumi.Input; } /** * Specifies configuration information for a DataSync-managed secret, such as a password or set of credentials that DataSync uses to access a specific transfer location, and a customer-managed AWS KMS key. */ interface LocationSmbCmkSecretConfigArgs { /** * Specifies the ARN for the customer-managed AWS KMS key used to encrypt the secret specified for SecretArn. DataSync provides this key to AWS Secrets Manager. */ kmsKeyArn?: pulumi.Input; /** * Specifies the ARN for an AWS Secrets Manager secret, managed by DataSync. */ secretArn?: pulumi.Input; } /** * Specifies configuration information for a customer-managed secret, such as a password or set of credentials that DataSync uses to access a specific transfer location, and an IAM role that DataSync can assume and access the customer-managed secret. */ interface LocationSmbCustomSecretConfigArgs { /** * Specifies the ARN for the AWS Identity and Access Management role that DataSync uses to access the secret specified for SecretArn. */ secretAccessRoleArn: pulumi.Input; /** * Specifies the ARN for a customer created AWS Secrets Manager secret. */ secretArn: pulumi.Input; } /** * The mount options used by DataSync to access the SMB server. */ interface LocationSmbMountOptionsArgs { /** * The specific SMB version that you want DataSync to use to mount your SMB share. */ version?: pulumi.Input; } /** * The server name and network port required to connect with the management interface of the on-premises storage system. */ interface StorageSystemServerConfigurationArgs { /** * The domain name or IP address of the storage system's management interface. */ serverHostname: pulumi.Input; /** * The network port needed to access the system's management interface */ serverPort?: pulumi.Input; } /** * The username and password for accessing your on-premises storage system's management interface. */ interface StorageSystemServerCredentialsArgs { /** * The password for your storage system's management interface */ password: pulumi.Input; /** * The username for your storage system's management interface. */ username: pulumi.Input; } /** * Specifies which files folders and objects to include or exclude when transferring files from source to destination. */ interface TaskFilterRuleArgs { /** * The type of filter rule to apply. AWS DataSync only supports the SIMPLE_PATTERN rule type. */ filterType?: pulumi.Input; /** * A single filter string that consists of the patterns to include or exclude. The patterns are delimited by "|". */ value?: pulumi.Input; } /** * Configures a manifest, which is a list of files or objects that you want DataSync to transfer. */ interface TaskManifestConfigArgs { /** * Specifies what DataSync uses the manifest for. */ action?: pulumi.Input; /** * Specifies the file format of your manifest. */ format?: pulumi.Input; /** * Specifies the manifest that you want DataSync to use and where it's hosted. */ source: pulumi.Input; } /** * Specifies the manifest that you want DataSync to use and where it's hosted. */ interface TaskManifestConfigSourcePropertiesArgs { s3?: pulumi.Input; } /** * Specifies the S3 bucket where you're hosting the manifest that you want AWS DataSync to use. */ interface TaskManifestConfigSourceS3Args { /** * Specifies the AWS Identity and Access Management (IAM) role that allows DataSync to access your manifest. */ bucketAccessRoleArn?: pulumi.Input; /** * Specifies the Amazon S3 object key of your manifest. */ manifestObjectPath?: pulumi.Input; /** * Specifies the object version ID of the manifest that you want DataSync to use. */ manifestObjectVersionId?: pulumi.Input; /** * Specifies the Amazon Resource Name (ARN) of the S3 bucket where you're hosting your manifest. */ s3BucketArn?: pulumi.Input; } /** * Represents the options that are available to control the behavior of a StartTaskExecution operation. */ interface TaskOptionsArgs { /** * A file metadata value that shows the last time a file was accessed (that is, when the file was read or written to). */ atime?: pulumi.Input; /** * A value that limits the bandwidth used by AWS DataSync. */ bytesPerSecond?: pulumi.Input; /** * The group ID (GID) of the file's owners. */ gid?: pulumi.Input; /** * A value that determines the types of logs that DataSync publishes to a log stream in the Amazon CloudWatch log group that you provide. */ logLevel?: pulumi.Input; /** * A value that indicates the last time that a file was modified (that is, a file was written to) before the PREPARING phase. */ mtime?: pulumi.Input; /** * A value that determines whether object tags should be read from the source object store and written to the destination object store. */ objectTags?: pulumi.Input; /** * A value that determines whether files at the destination should be overwritten or preserved when copying files. */ overwriteMode?: pulumi.Input; /** * A value that determines which users or groups can access a file for a specific purpose such as reading, writing, or execution of the file. */ posixPermissions?: pulumi.Input; /** * A value that specifies whether files in the destination that don't exist in the source file system should be preserved. */ preserveDeletedFiles?: pulumi.Input; /** * A value that determines whether AWS DataSync should preserve the metadata of block and character devices in the source file system, and recreate the files with that device name and metadata on the destination. */ preserveDevices?: pulumi.Input; /** * A value that determines which components of the SMB security descriptor are copied during transfer. */ securityDescriptorCopyFlags?: pulumi.Input; /** * A value that determines whether tasks should be queued before executing the tasks. */ taskQueueing?: pulumi.Input; /** * A value that determines whether DataSync transfers only the data and metadata that differ between the source and the destination location, or whether DataSync transfers all the content from the source, without comparing to the destination location. */ transferMode?: pulumi.Input; /** * The user ID (UID) of the file's owner. */ uid?: pulumi.Input; /** * A value that determines whether a data integrity verification should be performed at the end of a task execution after all data and metadata have been transferred. */ verifyMode?: pulumi.Input; } /** * Specifies how you want to configure a task report, which provides detailed information about for your Datasync transfer. */ interface TaskReportConfigArgs { /** * Specifies where DataSync uploads your task report. */ destination: pulumi.Input; /** * Specifies whether your task report includes the new version of each object transferred into an S3 bucket, this only applies if you enable versioning on your bucket. */ objectVersionIds?: pulumi.Input; /** * Specifies the type of task report that you want. */ outputType: pulumi.Input; /** * Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that Datasync attempted to delete in your destination location. */ overrides?: pulumi.Input; /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. */ reportLevel?: pulumi.Input; } /** * Specifies where DataSync uploads your task report. */ interface TaskReportConfigDestinationPropertiesArgs { s3?: pulumi.Input; } /** * Specifies the Amazon S3 bucket where DataSync uploads your task report. */ interface TaskReportConfigDestinationS3Args { /** * Specifies the Amazon Resource Name (ARN) of the IAM policy that allows Datasync to upload a task report to your S3 bucket. */ bucketAccessRoleArn?: pulumi.Input; /** * Specifies the ARN of the S3 bucket where Datasync uploads your report. */ s3BucketArn?: pulumi.Input; /** * Specifies a bucket prefix for your report. */ subdirectory?: pulumi.Input; } /** * Customizes the reporting level for aspects of your task report. For example, your report might generally only include errors, but you could specify that you want a list of successes and errors just for the files that Datasync attempted to delete in your destination location. */ interface TaskReportConfigOverridesPropertiesArgs { /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source. */ deleted?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to skip during your transfer. */ skipped?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to transfer. */ transferred?: pulumi.Input; /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to verify at the end of your transfer. This only applies if you configure your task to verify data during and after the transfer (which Datasync does by default) */ verified?: pulumi.Input; } /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to delete in your destination location. This only applies if you configure your task to delete data in the destination that isn't in the source. */ interface TaskReportConfigOverridesPropertiesDeletedPropertiesArgs { /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. */ reportLevel?: pulumi.Input; } /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to skip during your transfer. */ interface TaskReportConfigOverridesPropertiesSkippedPropertiesArgs { /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. */ reportLevel?: pulumi.Input; } /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to transfer. */ interface TaskReportConfigOverridesPropertiesTransferredPropertiesArgs { /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. */ reportLevel?: pulumi.Input; } /** * Specifies the level of reporting for the files, objects, and directories that Datasync attempted to verify at the end of your transfer. This only applies if you configure your task to verify data during and after the transfer (which Datasync does by default) */ interface TaskReportConfigOverridesPropertiesVerifiedPropertiesArgs { /** * Specifies whether you want your task report to include only what went wrong with your transfer or a list of what succeeded and didn't. */ reportLevel?: pulumi.Input; } /** * Specifies the schedule you want your task to use for repeated executions. */ interface TaskScheduleArgs { /** * A cron expression that specifies when AWS DataSync initiates a scheduled transfer from a source to a destination location */ scheduleExpression?: pulumi.Input; /** * Specifies status of a schedule. */ status?: pulumi.Input; } } export declare namespace datazone { /** * Amazon Q properties of the connection. */ interface ConnectionAmazonQPropertiesInputArgs { /** * The authentication mode of the connection's AmazonQ properties */ authMode?: pulumi.Input; /** * Specifies whether Amazon Q is enabled for the connection */ isEnabled?: pulumi.Input; profileArn?: pulumi.Input; } /** * Athena Properties Input */ interface ConnectionAthenaPropertiesInputArgs { workgroupName: pulumi.Input; } /** * Authentication Configuration Input */ interface ConnectionAuthenticationConfigurationInputArgs { authenticationType?: pulumi.Input; basicAuthenticationCredentials?: pulumi.Input; customAuthenticationCredentials?: pulumi.Input<{ [key: string]: pulumi.Input; }>; kmsKeyArn?: pulumi.Input; oAuth2Properties?: pulumi.Input; secretArn?: pulumi.Input; } /** * Authorization Code Properties */ interface ConnectionAuthorizationCodePropertiesArgs { authorizationCode?: pulumi.Input; redirectUri?: pulumi.Input; } /** * AWS Location of project */ interface ConnectionAwsLocationArgs { /** * The access role of a connection. */ accessRole?: pulumi.Input; /** * The account ID of a connection. */ awsAccountId?: pulumi.Input; /** * The Region of a connection. */ awsRegion?: pulumi.Input; /** * The IAM connection ID of a connection. */ iamConnectionId?: pulumi.Input; } /** * Basic Authentication Credentials */ interface ConnectionBasicAuthenticationCredentialsArgs { password?: pulumi.Input; userName?: pulumi.Input; } /** * Glue Connection Input */ interface ConnectionGlueConnectionInputArgs { athenaProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; authenticationConfiguration?: pulumi.Input; connectionProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; connectionType?: pulumi.Input; description?: pulumi.Input; matchCriteria?: pulumi.Input; name?: pulumi.Input; physicalConnectionRequirements?: pulumi.Input; pythonProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; sparkProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; validateCredentials?: pulumi.Input; validateForComputeEnvironments?: pulumi.Input[]>; } /** * Glue OAuth2 Credentials */ interface ConnectionGlueOAuth2CredentialsArgs { accessToken?: pulumi.Input; jwtToken?: pulumi.Input; refreshToken?: pulumi.Input; userManagedClientApplicationClientSecret?: pulumi.Input; } /** * Glue Properties Input */ interface ConnectionGluePropertiesInputArgs { glueConnectionInput?: pulumi.Input; } /** * HyperPod Properties Input */ interface ConnectionHyperPodPropertiesInputArgs { clusterName: pulumi.Input; } /** * IAM Properties Input */ interface ConnectionIamPropertiesInputArgs { glueLineageSyncEnabled?: pulumi.Input; } /** * Lineage Sync Schedule */ interface ConnectionLineageSyncScheduleArgs { schedule?: pulumi.Input; } /** * MLflow Properties Input */ interface ConnectionMlflowPropertiesInputArgs { /** * The ARN of the MLflow tracking server */ trackingServerArn?: pulumi.Input; } /** * OAuth2 Client Application */ interface ConnectionOAuth2ClientApplicationArgs { awsManagedClientApplicationReference?: pulumi.Input; userManagedClientApplicationClientId?: pulumi.Input; } /** * OAuth2 Properties */ interface ConnectionOAuth2PropertiesArgs { authorizationCodeProperties?: pulumi.Input; oAuth2ClientApplication?: pulumi.Input; oAuth2Credentials?: pulumi.Input; oAuth2GrantType?: pulumi.Input; tokenUrl?: pulumi.Input; tokenUrlParametersMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Physical Connection Requirements */ interface ConnectionPhysicalConnectionRequirementsArgs { availabilityZone?: pulumi.Input; securityGroupIdList?: pulumi.Input[]>; subnetId?: pulumi.Input; subnetIdList?: pulumi.Input[]>; } interface ConnectionPropertiesInput0PropertiesArgs { athenaProperties: pulumi.Input; } interface ConnectionPropertiesInput10PropertiesArgs { workflowsMwaaProperties: pulumi.Input; } interface ConnectionPropertiesInput11PropertiesArgs { workflowsServerlessProperties: pulumi.Input; } interface ConnectionPropertiesInput1PropertiesArgs { glueProperties: pulumi.Input; } interface ConnectionPropertiesInput2PropertiesArgs { hyperPodProperties: pulumi.Input; } interface ConnectionPropertiesInput3PropertiesArgs { iamProperties: pulumi.Input; } interface ConnectionPropertiesInput4PropertiesArgs { redshiftProperties: pulumi.Input; } interface ConnectionPropertiesInput5PropertiesArgs { sparkEmrProperties: pulumi.Input; } interface ConnectionPropertiesInput6PropertiesArgs { amazonQProperties: pulumi.Input; } interface ConnectionPropertiesInput7PropertiesArgs { sparkGlueProperties: pulumi.Input; } interface ConnectionPropertiesInput8PropertiesArgs { s3Properties: pulumi.Input; } interface ConnectionPropertiesInput9PropertiesArgs { mlflowProperties: pulumi.Input; } interface ConnectionRedshiftCredentials0PropertiesArgs { secretArn: pulumi.Input; } interface ConnectionRedshiftCredentials1PropertiesArgs { usernamePassword: pulumi.Input; } /** * Redshift Lineage Sync Configuration Input */ interface ConnectionRedshiftLineageSyncConfigurationInputArgs { enabled?: pulumi.Input; schedule?: pulumi.Input; } /** * Redshift Properties Input */ interface ConnectionRedshiftPropertiesInputArgs { credentials?: pulumi.Input; databaseName?: pulumi.Input; host?: pulumi.Input; lineageSync?: pulumi.Input; port?: pulumi.Input; storage?: pulumi.Input; } interface ConnectionRedshiftStorageProperties0PropertiesArgs { clusterName: pulumi.Input; } interface ConnectionRedshiftStorageProperties1PropertiesArgs { workgroupName: pulumi.Input; } /** * S3 Properties Input */ interface ConnectionS3PropertiesInputArgs { /** * The Amazon S3 Access Grant location ID that's part of the Amazon S3 properties of a connection. */ s3AccessGrantLocationId?: pulumi.Input; /** * The Amazon S3 URI that's part of the Amazon S3 properties of a connection. */ s3Uri: pulumi.Input; } /** * Spark EMR Properties Input. */ interface ConnectionSparkEmrPropertiesInputArgs { computeArn?: pulumi.Input; instanceProfileArn?: pulumi.Input; javaVirtualEnv?: pulumi.Input; logUri?: pulumi.Input; managedEndpointArn?: pulumi.Input; pythonVirtualEnv?: pulumi.Input; runtimeRole?: pulumi.Input; trustedCertificatesS3Uri?: pulumi.Input; } /** * Spark Glue Args. */ interface ConnectionSparkGlueArgsArgs { connection?: pulumi.Input; } /** * Spark Glue Properties Input. */ interface ConnectionSparkGluePropertiesInputArgs { additionalArgs?: pulumi.Input; glueConnectionName?: pulumi.Input; glueVersion?: pulumi.Input; idleTimeout?: pulumi.Input; javaVirtualEnv?: pulumi.Input; numberOfWorkers?: pulumi.Input; pythonVirtualEnv?: pulumi.Input; workerType?: pulumi.Input; } /** * The username and password to be used for authentication. */ interface ConnectionUsernamePasswordArgs { password: pulumi.Input; username: pulumi.Input; } /** * Workflows MWAA Properties Input */ interface ConnectionWorkflowsMwaaPropertiesInputArgs { /** * The name of the MWAA environment. */ mwaaEnvironmentName?: pulumi.Input; } /** * Workflows Serverless Properties Input */ interface ConnectionWorkflowsServerlessPropertiesInputArgs { } /** * Specifies the configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration or sageMakerRunConfiguration. */ interface DataSourceConfigurationInput0PropertiesArgs { glueRunConfiguration?: pulumi.Input; } /** * Specifies the configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration or sageMakerRunConfiguration. */ interface DataSourceConfigurationInput1PropertiesArgs { redshiftRunConfiguration?: pulumi.Input; } /** * Specifies the configuration of the data source. It can be set to either glueRunConfiguration or redshiftRunConfiguration or sageMakerRunConfiguration. */ interface DataSourceConfigurationInput2PropertiesArgs { sageMakerRunConfiguration?: pulumi.Input; } /** * The search filter expression. */ interface DataSourceFilterExpressionArgs { expression: pulumi.Input; type: pulumi.Input; } /** * The details of a metadata form. */ interface DataSourceFormInputArgs { /** * The content of the metadata form. */ content?: pulumi.Input; /** * The name of the metadata form. */ formName: pulumi.Input; /** * The ID of the metadata form type. */ typeIdentifier?: pulumi.Input; /** * The revision of the metadata form type. */ typeRevision?: pulumi.Input; } interface DataSourceGlueRunConfigurationInputArgs { /** * Specifies whether to automatically import data quality metrics as part of the data source run. */ autoImportDataQualityResult?: pulumi.Input; /** * The catalog name in the AWS Glue run configuration. */ catalogName?: pulumi.Input; /** * The data access role included in the configuration details of the AWS Glue data source. */ dataAccessRole?: pulumi.Input; /** * The relational filter configurations included in the configuration details of the AWS Glue data source. */ relationalFilterConfigurations: pulumi.Input[]>; } /** * The recommendation to be updated as part of the UpdateDataSource action. */ interface DataSourceRecommendationConfigurationArgs { /** * Specifies whether automatic business name generation is to be enabled or not as part of the recommendation configuration. */ enableBusinessNameGeneration?: pulumi.Input; } /** * The name of an Amazon Redshift cluster. */ interface DataSourceRedshiftClusterStorageArgs { /** * The name of an Amazon Redshift cluster. */ clusterName: pulumi.Input; } /** * The ARN of a secret manager for an Amazon Redshift cluster. */ interface DataSourceRedshiftCredentialConfigurationArgs { /** * The ARN of a secret manager for an Amazon Redshift cluster. */ secretManagerArn: pulumi.Input; } /** * The configuration details of the Amazon Redshift data source. */ interface DataSourceRedshiftRunConfigurationInputArgs { /** * The data access role included in the configuration details of the Amazon Redshift data source. */ dataAccessRole?: pulumi.Input; /** * The details of the credentials required to access an Amazon Redshift cluster. */ redshiftCredentialConfiguration?: pulumi.Input; /** * The details of the Amazon Redshift storage as part of the configuration of an Amazon Redshift data source run. */ redshiftStorage?: pulumi.Input; relationalFilterConfigurations: pulumi.Input[]>; } /** * The details of the Amazon Redshift Serverless workgroup storage. */ interface DataSourceRedshiftServerlessStorageArgs { /** * The name of the Amazon Redshift Serverless workgroup. */ workgroupName: pulumi.Input; } /** * The details of the Amazon Redshift cluster source. */ interface DataSourceRedshiftStorage0PropertiesArgs { redshiftClusterSource: pulumi.Input; } /** * The details of the Amazon Redshift Serverless workgroup source. */ interface DataSourceRedshiftStorage1PropertiesArgs { redshiftServerlessSource: pulumi.Input; } /** * The relational filter configuration for the data source. */ interface DataSourceRelationalFilterConfigurationArgs { /** * The database name specified in the relational filter configuration for the data source. */ databaseName: pulumi.Input; /** * The filter expressions specified in the relational filter configuration for the data source. */ filterExpressions?: pulumi.Input[]>; /** * The schema name specified in the relational filter configuration for the data source. */ schemaName?: pulumi.Input; } /** * The configuration details of the Amazon SageMaker data source. */ interface DataSourceSageMakerRunConfigurationInputArgs { /** * The tracking assets of the Amazon SageMaker run. */ trackingAssets: pulumi.Input<{ [key: string]: any; }>; } /** * The schedule of the data source runs. */ interface DataSourceScheduleConfigurationArgs { /** * The schedule of the data source runs. */ schedule?: pulumi.Input; /** * The timezone of the data source run. */ timezone?: pulumi.Input; } /** * The single-sign on configuration of the Amazon DataZone domain. */ interface DomainSingleSignOnArgs { /** * The ARN of the IDC instance. */ idcInstanceArn?: pulumi.Input; /** * The type of single sign-on in Amazon DataZone. */ type?: pulumi.Input; /** * The single sign-on user assignment in Amazon DataZone. */ userAssignment?: pulumi.Input; } /** * The parameters of the console link specified as part of the environment action */ interface EnvironmentActionsAwsConsoleLinkParametersArgs { /** * The URI of the console link specified as part of the environment action. */ uri?: pulumi.Input; } interface EnvironmentBlueprintConfigurationLakeFormationConfigurationArgs { locationRegistrationExcludeS3Locations?: pulumi.Input[]>; locationRegistrationRole?: pulumi.Input; } interface EnvironmentBlueprintConfigurationProvisioningConfigurationPropertiesArgs { lakeFormationConfiguration: pulumi.Input; } interface EnvironmentBlueprintConfigurationRegionalParameterArgs { /** * A string to string map containing parameters for the region. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The region specified in the environment parameter. */ region?: pulumi.Input; } /** * The parameter details of an environment. */ interface EnvironmentParameterArgs { /** * The name of an environment parameter. */ name?: pulumi.Input; /** * The value of an environment parameter. */ value?: pulumi.Input; } /** * The parameter details of an environment profile. */ interface EnvironmentProfileEnvironmentParameterArgs { /** * The name of an environment profile parameter. */ name?: pulumi.Input; /** * The value of an environment profile parameter. */ value?: pulumi.Input; } /** * Indicates the smithy model of the API. */ interface FormTypeModelArgs { smithy?: pulumi.Input; } /** * The properties of a domain unit's owner. */ interface OwnerPropertiesArgs { } interface PolicyGrantAddToProjectMemberPoolPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantAllDomainUnitsGrantFilterArgs { } interface PolicyGrantAllUsersGrantFilterArgs { } interface PolicyGrantCreateAssetTypePolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantCreateDomainUnitPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantCreateEnvironmentProfilePolicyGrantDetailArgs { domainUnitId?: pulumi.Input; } interface PolicyGrantCreateFormTypePolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantCreateGlossaryPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantCreateProjectFromProjectProfilePolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; projectProfiles?: pulumi.Input[]>; } interface PolicyGrantCreateProjectPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantDetail0PropertiesArgs { createDomainUnit: pulumi.Input; } interface PolicyGrantDetail10PropertiesArgs { createEnvironment: pulumi.Input; } interface PolicyGrantDetail11PropertiesArgs { createEnvironmentFromBlueprint: pulumi.Input; } interface PolicyGrantDetail12PropertiesArgs { createProjectFromProjectProfile: pulumi.Input; } interface PolicyGrantDetail1PropertiesArgs { overrideDomainUnitOwners: pulumi.Input; } interface PolicyGrantDetail2PropertiesArgs { addToProjectMemberPool: pulumi.Input; } interface PolicyGrantDetail3PropertiesArgs { overrideProjectOwners: pulumi.Input; } interface PolicyGrantDetail4PropertiesArgs { createGlossary: pulumi.Input; } interface PolicyGrantDetail5PropertiesArgs { createFormType: pulumi.Input; } interface PolicyGrantDetail6PropertiesArgs { createAssetType: pulumi.Input; } interface PolicyGrantDetail7PropertiesArgs { createProject: pulumi.Input; } interface PolicyGrantDetail8PropertiesArgs { createEnvironmentProfile: pulumi.Input; } interface PolicyGrantDetail9PropertiesArgs { delegateCreateEnvironmentProfile: pulumi.Input; } interface PolicyGrantDomainUnitFilterForProjectArgs { domainUnit: pulumi.Input; includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantDomainUnitGrantFilterPropertiesArgs { allDomainUnitsGrantFilter: pulumi.Input; } interface PolicyGrantDomainUnitPolicyGrantPrincipalArgs { domainUnitDesignation?: pulumi.Input; domainUnitGrantFilter?: pulumi.Input; domainUnitIdentifier?: pulumi.Input; } interface PolicyGrantGroupPolicyGrantPrincipalPropertiesArgs { groupIdentifier: pulumi.Input; } interface PolicyGrantOverrideDomainUnitOwnersPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantOverrideProjectOwnersPolicyGrantDetailArgs { includeChildDomainUnits?: pulumi.Input; } interface PolicyGrantPrincipal0PropertiesArgs { user: pulumi.Input; } interface PolicyGrantPrincipal1PropertiesArgs { group: pulumi.Input; } interface PolicyGrantPrincipal2PropertiesArgs { project: pulumi.Input; } interface PolicyGrantPrincipal3PropertiesArgs { domainUnit: pulumi.Input; } interface PolicyGrantProjectGrantFilterPropertiesArgs { domainUnitFilter: pulumi.Input; } interface PolicyGrantProjectPolicyGrantPrincipalArgs { projectDesignation?: pulumi.Input; projectGrantFilter?: pulumi.Input; projectIdentifier?: pulumi.Input; } interface PolicyGrantUnitArgs { } interface PolicyGrantUserPolicyGrantPrincipal0PropertiesArgs { userIdentifier: pulumi.Input; } interface PolicyGrantUserPolicyGrantPrincipal1PropertiesArgs { allUsersGrantFilter: pulumi.Input; } interface ProjectEnvironmentConfigurationUserParameterArgs { /** * The environment configuration name. */ environmentConfigurationName?: pulumi.Input; /** * The ID of the environment. */ environmentId?: pulumi.Input; /** * The environment parameters. */ environmentParameters?: pulumi.Input[]>; } interface ProjectEnvironmentParameterArgs { /** * The name of an environment profile parameter. */ name?: pulumi.Input; /** * The value of an environment profile parameter. */ value?: pulumi.Input; } interface ProjectMembershipMember0PropertiesArgs { userIdentifier: pulumi.Input; } interface ProjectMembershipMember1PropertiesArgs { groupIdentifier: pulumi.Input; } interface ProjectProfileAwsAccountArgs { /** * The account ID of a project. */ awsAccountId: pulumi.Input; } interface ProjectProfileEnvironmentConfigurationArgs { /** * The AWS account of the environment. */ awsAccount?: pulumi.Input; /** * The AWS Region of the environment. */ awsRegion: pulumi.Input; /** * The configuration parameters of the environment. */ configurationParameters?: pulumi.Input; /** * The deployment mode of the environment. */ deploymentMode?: pulumi.Input; /** * The deployment order of the environment. */ deploymentOrder?: pulumi.Input; /** * The environment description. */ description?: pulumi.Input; /** * The environment blueprint ID. */ environmentBlueprintId: pulumi.Input; environmentConfigurationId?: pulumi.Input; /** * The environment name. */ name: pulumi.Input; } interface ProjectProfileEnvironmentConfigurationParameterArgs { /** * Specifies whether the environment parameter is editable. */ isEditable?: pulumi.Input; /** * The name of the environment configuration parameter. */ name?: pulumi.Input; /** * The value of the environment configuration parameter. */ value?: pulumi.Input; } interface ProjectProfileEnvironmentConfigurationParametersDetailsArgs { /** * The parameter overrides. */ parameterOverrides?: pulumi.Input[]>; /** * The resolved environment configuration parameters. */ resolvedParameters?: pulumi.Input[]>; /** * Ssm path environment configuration parameters. */ ssmPath?: pulumi.Input; } interface ProjectProfileRegionArgs { /** * The AWS Region name. */ regionName: pulumi.Input; } interface ProjectProfileResourceTagParameterArgs { isValueEditable: pulumi.Input; key: pulumi.Input; value: pulumi.Input; } interface ProjectResourceTagArgs { key: pulumi.Input; value: pulumi.Input; } /** * The details of the subscription target configuration. */ interface SubscriptionTargetFormArgs { /** * The content of the subscription target configuration. */ content: pulumi.Input; /** * The form name included in the subscription target configuration. */ formName: pulumi.Input; } } export declare namespace deadline { interface FleetAcceleratorCapabilitiesArgs { count?: pulumi.Input; selections: pulumi.Input[]>; } interface FleetAcceleratorCountRangeArgs { max?: pulumi.Input; min: pulumi.Input; } interface FleetAcceleratorSelectionArgs { name: pulumi.Input; runtime?: pulumi.Input; } interface FleetAcceleratorTotalMemoryMiBRangeArgs { max?: pulumi.Input; min: pulumi.Input; } interface FleetAmountCapabilityArgs { /** * The maximum amount of the fleet worker capability. */ max?: pulumi.Input; /** * The minimum amount of fleet worker capability. */ min: pulumi.Input; /** * The name of the fleet capability. */ name: pulumi.Input; } interface FleetAttributeCapabilityArgs { /** * The name of the fleet attribute capability for the worker. */ name: pulumi.Input; /** * The number of fleet attribute capabilities. */ values: pulumi.Input[]>; } interface FleetConfiguration0PropertiesArgs { customerManaged: pulumi.Input; } interface FleetConfiguration1PropertiesArgs { serviceManagedEc2: pulumi.Input; } interface FleetCustomerManagedAutoScalingConfigurationArgs { scaleOutWorkersPerMinute?: pulumi.Input; standbyWorkerCount?: pulumi.Input; workerIdleDurationSeconds?: pulumi.Input; } interface FleetCustomerManagedFleetConfigurationArgs { autoScalingConfiguration?: pulumi.Input; mode: pulumi.Input; storageProfileId?: pulumi.Input; tagPropagationMode?: pulumi.Input; workerCapabilities: pulumi.Input; } interface FleetCustomerManagedWorkerCapabilitiesArgs { acceleratorCount?: pulumi.Input; acceleratorTotalMemoryMiB?: pulumi.Input; acceleratorTypes?: pulumi.Input[]>; cpuArchitectureType: pulumi.Input; customAmounts?: pulumi.Input[]>; customAttributes?: pulumi.Input[]>; memoryMiB: pulumi.Input; osFamily: pulumi.Input; vCpuCount: pulumi.Input; } interface FleetEc2EbsVolumeArgs { iops?: pulumi.Input; sizeGiB?: pulumi.Input; throughputMiB?: pulumi.Input; } interface FleetHostConfigurationArgs { /** * The text of the script that runs as a worker is starting up that you can use to provide additional configuration for workers in your fleet. The script runs after a worker enters the `STARTING` state and before the worker processes tasks. * * For more information about using the script, see [Run scripts as an administrator to configure workers](https://docs.aws.amazon.com/deadline-cloud/latest/developerguide/smf-admin.html) in the *Deadline Cloud Developer Guide* . * * > The script runs as an administrative user ( `sudo root` on Linux, as an Administrator on Windows). */ scriptBody: pulumi.Input; /** * The maximum time that the host configuration can run. If the timeout expires, the worker enters the `NOT RESPONDING` state and shuts down. You are charged for the time that the worker is running the host configuration script. * * > You should configure your fleet for a maximum of one worker while testing your host configuration script to avoid starting additional workers. * * The default is 300 seconds (5 minutes). */ scriptTimeoutSeconds?: pulumi.Input; } interface FleetMemoryMiBRangeArgs { max?: pulumi.Input; min: pulumi.Input; } interface FleetServiceManagedEc2AutoScalingConfigurationArgs { scaleOutWorkersPerMinute?: pulumi.Input; standbyWorkerCount?: pulumi.Input; workerIdleDurationSeconds?: pulumi.Input; } interface FleetServiceManagedEc2FleetConfigurationArgs { autoScalingConfiguration?: pulumi.Input; instanceCapabilities: pulumi.Input; instanceMarketOptions: pulumi.Input; storageProfileId?: pulumi.Input; vpcConfiguration?: pulumi.Input; } interface FleetServiceManagedEc2InstanceCapabilitiesArgs { acceleratorCapabilities?: pulumi.Input; allowedInstanceTypes?: pulumi.Input[]>; cpuArchitectureType: pulumi.Input; customAmounts?: pulumi.Input[]>; customAttributes?: pulumi.Input[]>; excludedInstanceTypes?: pulumi.Input[]>; memoryMiB: pulumi.Input; osFamily: pulumi.Input; rootEbsVolume?: pulumi.Input; vCpuCount: pulumi.Input; } interface FleetServiceManagedEc2InstanceMarketOptionsArgs { type: pulumi.Input; } interface FleetVCpuCountRangeArgs { max?: pulumi.Input; min: pulumi.Input; } interface FleetVpcConfigurationArgs { resourceConfigurationArns?: pulumi.Input[]>; } interface QueueJobAttachmentSettingsArgs { /** * The root prefix. */ rootPrefix: pulumi.Input; /** * The Amazon S3 bucket name. */ s3BucketName: pulumi.Input; } interface QueueJobRunAsUserArgs { /** * The user and group that the jobs in the queue run as. */ posix?: pulumi.Input; /** * Specifies whether the job should run using the queue's system user or if the job should run using the worker agent system user. */ runAs: pulumi.Input; /** * Identifies a Microsoft Windows user. */ windows?: pulumi.Input; } interface QueuePosixUserArgs { /** * The name of the POSIX user's group. */ group: pulumi.Input; /** * The name of the POSIX user. */ user: pulumi.Input; } interface QueueSchedulingConfigurationArgs { } interface QueueWindowsUserArgs { /** * The password ARN for the Windows user. */ passwordArn: pulumi.Input; /** * The user. */ user: pulumi.Input; } interface StorageProfileFileSystemLocationArgs { /** * The location name. */ name: pulumi.Input; /** * The file path. */ path: pulumi.Input; /** * The type of file. */ type: pulumi.Input; } } export declare namespace detective { } export declare namespace devicefarm { /** * Represents a condition for a device pool. */ interface DevicePoolRuleArgs { /** * The rule's stringified attribute. */ attribute?: pulumi.Input; /** * Specifies how Device Farm compares the rule's attribute to the value. */ operator?: pulumi.Input; /** * The rule's value. */ value?: pulumi.Input; } interface ProjectEnvironmentVariableArgs { name: pulumi.Input; value: pulumi.Input; } /** * The VPC security groups and subnets that are attached to a project */ interface ProjectVpcConfigArgs { /** * An array of security group Ids in your Amazon VPC */ securityGroupIds: pulumi.Input[]>; /** * A array of subnet IDs in your Amazon VPC. */ subnetIds: pulumi.Input[]>; /** * The ID of the Amazon VPC */ vpcId: pulumi.Input; } /** * The VPC security groups and subnets that are attached to a TestGrid project. */ interface TestGridProjectVpcConfigArgs { /** * A list of VPC security group IDs in your Amazon VPC. */ securityGroupIds: pulumi.Input[]>; /** * A list of VPC subnet IDs in your Amazon VPC. */ subnetIds: pulumi.Input[]>; /** * A list of VPC IDs. * * Each VPC is given a unique ID upon creation. */ vpcId: pulumi.Input; } } export declare namespace devopsagent { interface AgentSpaceIamAuthConfigurationArgs { createdAt?: pulumi.Input; operatorAppRoleArn: pulumi.Input; updatedAt?: pulumi.Input; } interface AgentSpaceIdcAuthConfigurationArgs { createdAt?: pulumi.Input; idcApplicationArn?: pulumi.Input; idcInstanceArn: pulumi.Input; operatorAppRoleArn: pulumi.Input; updatedAt?: pulumi.Input; } interface AgentSpaceOperatorAppArgs { iam?: pulumi.Input; idc?: pulumi.Input; } /** * The configuration that directs how AgentSpace interacts with the given service */ interface AssociationServiceConfigurationArgs { } /** * Service-specific configuration details */ interface ServiceDetailsArgs { } } export declare namespace devopsguru { /** * Information about notification channels you have configured with DevOps Guru. */ interface NotificationChannelConfigArgs { /** * The filter configurations for the Amazon SNS notification topic you use with DevOps Guru. If you do not provide filter configurations, the default configurations are to receive notifications for all message types of `High` or `Medium` severity. */ filters?: pulumi.Input; /** * Information about a notification channel configured in DevOps Guru to send notifications when insights are created. * * If you use an Amazon SNS topic in another account, you must attach a policy to it that grants DevOps Guru permission to send it notifications. DevOps Guru adds the required policy on your behalf to send notifications using Amazon SNS in your account. DevOps Guru only supports standard SNS topics. For more information, see [Permissions for Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-required-permissions.html) . * * If you use an Amazon SNS topic that is encrypted by an AWS Key Management Service customer-managed key (CMK), then you must add permissions to the CMK. For more information, see [Permissions for AWS KMS–encrypted Amazon SNS topics](https://docs.aws.amazon.com/devops-guru/latest/userguide/sns-kms-permissions.html) . */ sns?: pulumi.Input; } /** * Information about filters of a notification channel configured in DevOpsGuru to filter for insights. */ interface NotificationChannelNotificationFilterConfigArgs { /** * The events that you want to receive notifications for. For example, you can choose to receive notifications only when the severity level is upgraded or a new insight is created. */ messageTypes?: pulumi.Input[]>; /** * The severity levels that you want to receive notifications for. For example, you can choose to receive notifications only for insights with `HIGH` and `MEDIUM` severity levels. For more information, see [Understanding insight severities](https://docs.aws.amazon.com/devops-guru/latest/userguide/working-with-insights.html#understanding-insights-severities) . */ severities?: pulumi.Input[]>; } /** * Information about a notification channel configured in DevOps Guru to send notifications when insights are created. */ interface NotificationChannelSnsChannelConfigArgs { /** * The Amazon Resource Name (ARN) of an Amazon Simple Notification Service topic. */ topicArn?: pulumi.Input; } /** * CloudFormation resource for DevOps Guru to monitor */ interface ResourceCollectionCloudFormationCollectionFilterArgs { /** * An array of CloudFormation stack names. */ stackNames?: pulumi.Input[]>; } /** * Information about a filter used to specify which AWS resources are analyzed for anomalous behavior by DevOps Guru. */ interface ResourceCollectionFilterArgs { /** * Information about AWS CloudFormation stacks. You can use up to 1000 stacks to specify which AWS resources in your account to analyze. For more information, see [Stacks](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/stacks.html) in the *AWS CloudFormation User Guide* . */ cloudFormation?: pulumi.Input; /** * The AWS tags used to filter the resources in the resource collection. * * Tags help you identify and organize your AWS resources. Many AWS services support tagging, so you can assign the same tag to resources from different services to indicate that the resources are related. For example, you can assign the same tag to an Amazon DynamoDB table resource that you assign to an AWS Lambda function. For more information about using tags, see the [Tagging best practices](https://docs.aws.amazon.com/whitepapers/latest/tagging-best-practices/tagging-best-practices.html) whitepaper. * * Each AWS tag has two parts. * * - A tag *key* (for example, `CostCenter` , `Environment` , `Project` , or `Secret` ). Tag *keys* are case-sensitive. * - A field known as a tag *value* (for example, `111122223333` , `Production` , or a team name). Omitting the tag *value* is the same as using an empty string. Like tag *keys* , tag *values* are case-sensitive. The tag value is a required property when AppBoundaryKey is specified. * * Together these are known as *key* - *value* pairs. * * > The string used for a *key* in a tag that you use to define your resource coverage must begin with the prefix `Devops-guru-` . The tag *key* might be `DevOps-Guru-deployment-application` or `devops-guru-rds-application` . When you create a *key* , the case of characters in the *key* can be whatever you choose. After you create a *key* , it is case-sensitive. For example, DevOps Guru works with a *key* named `devops-guru-rds` and a *key* named `DevOps-Guru-RDS` , and these act as two different *keys* . Possible *key* / *value* pairs in your application might be `Devops-Guru-production-application/RDS` or `Devops-Guru-production-application/containers` . */ tags?: pulumi.Input[]>; } /** * Tagged resource for DevOps Guru to monitor */ interface ResourceCollectionTagCollectionArgs { /** * A Tag key for DevOps Guru app boundary. */ appBoundaryKey?: pulumi.Input; /** * Tag values of DevOps Guru app boundary. */ tagValues?: pulumi.Input[]>; } } export declare namespace directconnect { /** * Information about a BGP peer. */ interface PrivateVirtualInterfaceBgpPeerArgs { /** * The address family for the BGP peer. */ addressFamily: pulumi.Input; /** * The IP address assigned to the Amazon interface. */ amazonAddress?: pulumi.Input; /** * The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration. */ asn: pulumi.Input; /** * The authentication key for BGP configuration. This string has a minimum length of 6 characters and and a maximum length of 80 characters. */ authKey?: pulumi.Input; bgpPeerId?: pulumi.Input; /** * The IP address assigned to the customer interface. */ customerAddress?: pulumi.Input; } /** * Information about a BGP peer. */ interface PublicVirtualInterfaceBgpPeerArgs { /** * The address family for the BGP peer. */ addressFamily: pulumi.Input; /** * The IP address assigned to the Amazon interface. */ amazonAddress?: pulumi.Input; /** * The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration. */ asn: pulumi.Input; /** * The authentication key for BGP configuration. This string has a minimum length of 6 characters and and a maximum length of 80 characters. */ authKey?: pulumi.Input; bgpPeerId?: pulumi.Input; /** * The IP address assigned to the customer interface. */ customerAddress?: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface TransitVirtualInterfaceBgpPeerArgs { /** * The address family for the BGP peer. */ addressFamily: pulumi.Input; /** * The IP address assigned to the Amazon interface. */ amazonAddress?: pulumi.Input; /** * The autonomous system (AS) number for Border Gateway Protocol (BGP) configuration. */ asn: pulumi.Input; /** * The authentication key for BGP configuration. This string has a minimum length of 6 characters and and a maximum length of 80 characters. */ authKey?: pulumi.Input; bgpPeerId?: pulumi.Input; /** * The IP address assigned to the customer interface. */ customerAddress?: pulumi.Input; } } export declare namespace directoryservice { interface SimpleAdVpcSettingsArgs { /** * The identifiers of the subnets for the directory servers. The two subnets must be in different Availability Zones. AWS Directory Service specifies a directory server and a DNS server in each of these subnets. */ subnetIds: pulumi.Input[]>; /** * The identifier of the VPC in which to create the directory. */ vpcId: pulumi.Input; } } export declare namespace dms { interface DataMigrationSettingsArgs { /** * The property specifies whether to enable the CloudWatch log. */ cloudwatchLogsEnabled?: pulumi.Input; /** * The number of parallel jobs that trigger parallel threads to unload the tables from the source, and then load them to the target. */ numberOfJobs?: pulumi.Input; /** * The property specifies the rules of selecting objects for data migration. */ selectionRules?: pulumi.Input; } interface DataMigrationSourceDataSettingsArgs { /** * The property is a point in the database engine's log that defines a time where you can begin CDC. */ cdcStartPosition?: pulumi.Input; /** * The property indicates the start time for a change data capture (CDC) operation. The value is server time in UTC format. */ cdcStartTime?: pulumi.Input; /** * The property indicates the stop time for a change data capture (CDC) operation. The value is server time in UTC format. */ cdcStopTime?: pulumi.Input; /** * The property sets the name of a previously created logical replication slot for a change data capture (CDC) load of the source instance. */ slotName?: pulumi.Input; } /** * It is an object that describes Source and Target DataProviders and credentials for connecting to databases that are used in MigrationProject */ interface MigrationProjectDataProviderDescriptorArgs { /** * The Amazon Resource Name (ARN) of the data provider. */ dataProviderArn?: pulumi.Input; dataProviderIdentifier?: pulumi.Input; /** * The user-friendly name of the data provider. */ dataProviderName?: pulumi.Input; /** * The ARN of the role used to access AWS Secrets Manager. */ secretsManagerAccessRoleArn?: pulumi.Input; /** * The identifier of the AWS Secrets Manager Secret used to store access credentials for the data provider. */ secretsManagerSecretId?: pulumi.Input; } /** * Configuration parameters for provisioning a AWS DMS Serverless replication */ interface ReplicationConfigComputeConfigArgs { /** * The Availability Zone where the AWS DMS Serverless replication using this configuration will run. The default value is a random, system-chosen Availability Zone in the configuration's AWS Region , for example, `"us-west-2"` . You can't set this parameter if the `MultiAZ` parameter is set to `true` . */ availabilityZone?: pulumi.Input; /** * A list of custom DNS name servers supported for the AWS DMS Serverless replication to access your source or target database. This list overrides the default name servers supported by the AWS DMS Serverless replication. You can specify a comma-separated list of internet addresses for up to four DNS name servers. For example: `"1.1.1.1,2.2.2.2,3.3.3.3,4.4.4.4"` */ dnsNameServers?: pulumi.Input; /** * An AWS Key Management Service ( AWS ) key Amazon Resource Name (ARN) that is used to encrypt the data during AWS DMS Serverless replication. * * If you don't specify a value for the `KmsKeyId` parameter, AWS DMS uses your default encryption key. * * AWS creates the default encryption key for your Amazon Web Services account. Your AWS account has a different default encryption key for each AWS Region . */ kmsKeyId?: pulumi.Input; /** * Specifies the maximum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the maximum value that you can specify for AWS DMS Serverless is 384. The `MaxCapacityUnits` parameter is the only DCU parameter you are required to specify. */ maxCapacityUnits: pulumi.Input; /** * Specifies the minimum value of the AWS DMS capacity units (DCUs) for which a given AWS DMS Serverless replication can be provisioned. A single DCU is 2GB of RAM, with 1 DCU as the minimum value allowed. The list of valid DCU values includes 1, 2, 4, 8, 16, 32, 64, 128, 192, 256, and 384. So, the minimum DCU value that you can specify for AWS DMS Serverless is 1. If you don't set this value, AWS DMS sets this parameter to the minimum DCU value allowed, 1. If there is no current source activity, AWS DMS scales down your replication until it reaches the value specified in `MinCapacityUnits` . */ minCapacityUnits?: pulumi.Input; /** * Specifies whether the AWS DMS Serverless replication is a Multi-AZ deployment. You can't set the `AvailabilityZone` parameter if the `MultiAZ` parameter is set to `true` . */ multiAz?: pulumi.Input; /** * The weekly time range during which system maintenance can occur for the AWS DMS Serverless replication, in Universal Coordinated Time (UTC). The format is `ddd:hh24:mi-ddd:hh24:mi` . * * The default is a 30-minute window selected at random from an 8-hour block of time per AWS Region . This maintenance occurs on a random day of the week. Valid values for days of the week include `Mon` , `Tue` , `Wed` , `Thu` , `Fri` , `Sat` , and `Sun` . * * Constraints include a minimum 30-minute window. */ preferredMaintenanceWindow?: pulumi.Input; /** * Specifies a subnet group identifier to associate with the AWS DMS Serverless replication. */ replicationSubnetGroupId?: pulumi.Input; /** * Specifies the virtual private cloud (VPC) security group to use with the AWS DMS Serverless replication. The VPC security group must work with the VPC containing the replication. */ vpcSecurityGroupIds?: pulumi.Input[]>; } /** * The property describes schema conversion application attributes for the migration project. */ interface SchemaConversionApplicationAttributesPropertiesArgs { s3BucketPath?: pulumi.Input; s3BucketRoleArn?: pulumi.Input; } /** * The property identifies the exact type of settings for the data provider. */ interface SettingsPropertiesArgs { /** * DocDbSettings property identifier. */ docDbSettings?: pulumi.Input; /** * IbmDb2LuwSettings property identifier. */ ibmDb2LuwSettings?: pulumi.Input; /** * IbmDb2zOsSettings property identifier. */ ibmDb2zOsSettings?: pulumi.Input; /** * MariaDbSettings property identifier. */ mariaDbSettings?: pulumi.Input; /** * MicrosoftSqlServerSettings property identifier. */ microsoftSqlServerSettings?: pulumi.Input; /** * MongoDbSettings property identifier. */ mongoDbSettings?: pulumi.Input; /** * MySqlSettings property identifier. */ mySqlSettings?: pulumi.Input; /** * OracleSettings property identifier. */ oracleSettings?: pulumi.Input; /** * PostgreSqlSettings property identifier. */ postgreSqlSettings?: pulumi.Input; /** * RedshiftSettings property identifier. */ redshiftSettings?: pulumi.Input; /** * SybaseAseSettings property identifier. */ sybaseAseSettings?: pulumi.Input; } /** * DocDbSettings property identifier. */ interface SettingsPropertiesDocDbSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode?: pulumi.Input; } /** * IbmDb2LuwSettings property identifier. */ interface SettingsPropertiesIbmDb2LuwSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * IbmDb2zOsSettings property identifier. */ interface SettingsPropertiesIbmDb2zOsSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * MariaDbSettings property identifier. */ interface SettingsPropertiesMariaDbSettingsPropertiesArgs { certificateArn?: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * MicrosoftSqlServerSettings property identifier. */ interface SettingsPropertiesMicrosoftSqlServerSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * MongoDbSettings property identifier. */ interface SettingsPropertiesMongoDbSettingsPropertiesArgs { authMechanism?: pulumi.Input; authSource?: pulumi.Input; authType?: pulumi.Input; certificateArn?: pulumi.Input; databaseName?: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode?: pulumi.Input; } /** * MySqlSettings property identifier. */ interface SettingsPropertiesMySqlSettingsPropertiesArgs { certificateArn?: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * OracleSettings property identifier. */ interface SettingsPropertiesOracleSettingsPropertiesArgs { asmServer?: pulumi.Input; certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; secretsManagerOracleAsmAccessRoleArn?: pulumi.Input; secretsManagerOracleAsmSecretId?: pulumi.Input; secretsManagerSecurityDbEncryptionAccessRoleArn?: pulumi.Input; secretsManagerSecurityDbEncryptionSecretId?: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * PostgreSqlSettings property identifier. */ interface SettingsPropertiesPostgreSqlSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } /** * RedshiftSettings property identifier. */ interface SettingsPropertiesRedshiftSettingsPropertiesArgs { databaseName: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; } /** * SybaseAseSettings property identifier. */ interface SettingsPropertiesSybaseAseSettingsPropertiesArgs { certificateArn?: pulumi.Input; databaseName?: pulumi.Input; encryptPassword?: pulumi.Input; port: pulumi.Input; serverName: pulumi.Input; sslMode: pulumi.Input; } } export declare namespace docdb { } export declare namespace docdbelastic { } export declare namespace dsql { /** * The Multi-region properties associated to this cluster. */ interface MultiRegionPropertiesPropertiesArgs { /** * The set of peered clusters that form the multi-Region cluster configuration. Each peered cluster represents a database instance in a different Region. */ clusters?: pulumi.Input[]>; /** * The witness region in a multi-region cluster. */ witnessRegion?: pulumi.Input; } } export declare namespace dynamodb { interface GlobalTableAttributeDefinitionArgs { /** * A name for the attribute. */ attributeName: pulumi.Input; /** * The data type for the attribute, where: * * - `S` - the attribute is of type String * - `N` - the attribute is of type Number * - `B` - the attribute is of type Binary */ attributeType: pulumi.Input; } interface GlobalTableCapacityAutoScalingSettingsArgs { /** * The maximum provisioned capacity units for the global table. */ maxCapacity: pulumi.Input; /** * The minimum provisioned capacity units for the global table. */ minCapacity: pulumi.Input; /** * When switching billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , DynamoDB requires you to specify read and write capacity unit values for the table and for each global secondary index. These values will be applied to all replicas. The table will use these provisioned values until CloudFormation creates the autoscaling policies you configured in your template. CloudFormation cannot determine what capacity the table and its global secondary indexes will require in this time period, since they are application-dependent. * * If you want to switch a table's billing mode from `PAY_PER_REQUEST` to `PROVISIONED` , you must specify a value for this property for each autoscaled resource. If you specify different values for the same resource in different regions, CloudFormation will use the highest value found in either the `SeedCapacity` or `ReadCapacityUnits` properties. For example, if your global secondary index `myGSI` has a `SeedCapacity` of 10 in us-east-1 and a fixed `ReadCapacityUnits` of 20 in eu-west-1, CloudFormation will initially set the read capacity for `myGSI` to 20. Note that if you disable `ScaleIn` for `myGSI` in us-east-1, its read capacity units might not be set back to 10. * * You must also specify a value for `SeedCapacity` when you plan to switch a table's billing mode from `PROVISIONED` to `PAY_PER_REQUEST` , because CloudFormation might need to roll back the operation (reverting the billing mode to `PROVISIONED` ) and this cannot succeed without specifying a value for `SeedCapacity` . */ seedCapacity?: pulumi.Input; /** * Defines a target tracking scaling policy. */ targetTrackingScalingPolicyConfiguration: pulumi.Input; } interface GlobalTableContributorInsightsSpecificationArgs { /** * Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false). */ enabled: pulumi.Input; /** * Specifies the CloudWatch Contributor Insights mode for a global table. Valid values are `ACCESSED_AND_THROTTLED_KEYS` (tracks all access and throttled events) or `THROTTLED_KEYS` (tracks only throttled events). This setting determines what type of contributor insights data is collected for the global table. */ mode?: pulumi.Input; } interface GlobalTableGlobalReadProvisionedThroughputSettingsArgs { readCapacityUnits?: pulumi.Input; } interface GlobalTableGlobalSecondaryIndexArgs { /** * The name of the global secondary index. The name must be unique among all other indexes on this table. */ indexName: pulumi.Input; /** * The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types: * * - `HASH` - partition key * - `RANGE` - sort key * * > The partition key of an item is also known as its *hash attribute* . The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * > * > The sort key of an item is also known as its *range attribute* . The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keySchema: pulumi.Input[]>; /** * Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. */ projection: pulumi.Input; readOnDemandThroughputSettings?: pulumi.Input; readProvisionedThroughputSettings?: pulumi.Input; /** * Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify `ReadUnitsPerSecond` , `WriteUnitsPerSecond` , or both. */ warmThroughput?: pulumi.Input; /** * Sets the write request settings for a global table or a global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` . */ writeOnDemandThroughputSettings?: pulumi.Input; /** * Defines write capacity settings for the global secondary index. You must specify a value for this property if the table's `BillingMode` is `PROVISIONED` . All replicas will have the same write capacity settings for this global secondary index. */ writeProvisionedThroughputSettings?: pulumi.Input; } interface GlobalTableKeySchemaArgs { /** * The name of a key attribute. */ attributeName: pulumi.Input; /** * The role that this key attribute will assume: * * - `HASH` - partition key * - `RANGE` - sort key * * > The partition key of an item is also known as its *hash attribute* . The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * > * > The sort key of an item is also known as its *range attribute* . The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keyType: pulumi.Input; } interface GlobalTableKinesisStreamSpecificationArgs { /** * The precision for the time and date that the stream was created. */ approximateCreationDateTimePrecision?: pulumi.Input; /** * The ARN for a specific Kinesis data stream. */ streamArn: pulumi.Input; } interface GlobalTableLocalSecondaryIndexArgs { /** * The name of the local secondary index. The name must be unique among all other indexes on this table. */ indexName: pulumi.Input; /** * The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types: * * - `HASH` - partition key * - `RANGE` - sort key * * > The partition key of an item is also known as its *hash attribute* . The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * > * > The sort key of an item is also known as its *range attribute* . The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keySchema: pulumi.Input[]>; /** * Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. */ projection: pulumi.Input; } interface GlobalTablePointInTimeRecoverySpecificationArgs { /** * Indicates whether point in time recovery is enabled (true) or disabled (false) on the table. */ pointInTimeRecoveryEnabled?: pulumi.Input; /** * The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35. */ recoveryPeriodInDays?: pulumi.Input; } interface GlobalTableProjectionArgs { /** * Represents the non-key attribute names which will be projected into the index. * * For global and local secondary indexes, the total count of `NonKeyAttributes` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of `INCLUDE` . You still can specify the ProjectionType of `ALL` to project all attributes from the source table, even if the table has more than 100 attributes. */ nonKeyAttributes?: pulumi.Input[]>; /** * The set of attributes that are projected into the index: * * - `KEYS_ONLY` - Only the index and primary keys are projected into the index. * - `INCLUDE` - In addition to the attributes described in `KEYS_ONLY` , the secondary index will include other non-key attributes that you specify. * - `ALL` - All of the table attributes are projected into the index. * * When using the DynamoDB console, `ALL` is selected by default. */ projectionType?: pulumi.Input; } interface GlobalTableReadOnDemandThroughputSettingsArgs { /** * Maximum number of read request units for the specified replica of a global table. */ maxReadRequestUnits?: pulumi.Input; } interface GlobalTableReadProvisionedThroughputSettingsArgs { /** * Specifies auto scaling settings for the replica table or global secondary index. */ readCapacityAutoScalingSettings?: pulumi.Input; /** * Specifies a fixed read capacity for the replica table or global secondary index. */ readCapacityUnits?: pulumi.Input; } interface GlobalTableReplicaGlobalSecondaryIndexSpecificationArgs { /** * Updates the status for contributor insights for a specific table or index. CloudWatch Contributor Insights for DynamoDB graphs display the partition key and (if applicable) sort key of frequently accessed items and frequently throttled items in plaintext. If you require the use of AWS Key Management Service (KMS) to encrypt this table’s partition key and sort key data with an AWS managed key or customer managed key, you should not enable CloudWatch Contributor Insights for DynamoDB for this table. */ contributorInsightsSpecification?: pulumi.Input; /** * The name of the global secondary index. The name must be unique among all other indexes on this table. */ indexName: pulumi.Input; /** * Sets the read request settings for a replica global secondary index. You can only specify this setting if your resource uses the `PAY_PER_REQUEST` `BillingMode` . */ readOnDemandThroughputSettings?: pulumi.Input; /** * Allows you to specify the read capacity settings for a replica global secondary index when the `BillingMode` is set to `PROVISIONED` . */ readProvisionedThroughputSettings?: pulumi.Input; } interface GlobalTableReplicaSpecificationArgs { /** * The settings used to enable or disable CloudWatch Contributor Insights for the specified replica. When not specified, defaults to contributor insights disabled for the replica. */ contributorInsightsSpecification?: pulumi.Input; /** * Determines if a replica is protected from deletion. When enabled, the table cannot be deleted by any user or process. This setting is disabled by default. For more information, see [Using deletion protection](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/WorkingWithTables.Basics.html#WorkingWithTables.Basics.DeletionProtection) in the *Amazon DynamoDB Developer Guide* . */ deletionProtectionEnabled?: pulumi.Input; /** * Defines additional settings for the global secondary indexes of this replica. */ globalSecondaryIndexes?: pulumi.Input[]>; globalTableSettingsReplicationMode?: pulumi.Input; /** * Defines the Kinesis Data Streams configuration for the specified replica. */ kinesisStreamSpecification?: pulumi.Input; /** * The settings used to enable point in time recovery. When not specified, defaults to point in time recovery disabled for the replica. */ pointInTimeRecoverySpecification?: pulumi.Input; /** * Sets read request settings for the replica table. */ readOnDemandThroughputSettings?: pulumi.Input; /** * Defines read capacity settings for the replica table. */ readProvisionedThroughputSettings?: pulumi.Input; /** * The region in which this replica exists. */ region: pulumi.Input; /** * Represents the DynamoDB Streams configuration for a global table replica. */ replicaStreamSpecification?: pulumi.Input; /** * A resource-based policy document that contains permissions to add to the specified replica of a DynamoDB global table. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource. * * In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) . */ resourcePolicy?: pulumi.Input; /** * Allows you to specify a customer-managed key for the replica. When using customer-managed keys for server-side encryption, this property must have a value in all replicas. */ sseSpecification?: pulumi.Input; /** * The table class of the specified table. Valid values are `STANDARD` and `STANDARD_INFREQUENT_ACCESS` . */ tableClass?: pulumi.Input; /** * An array of key-value pairs to apply to this replica. * * For more information, see [Tag](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html) . */ tags?: pulumi.Input[]>; } interface GlobalTableReplicaSseSpecificationArgs { /** * The AWS key that should be used for the AWS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key `alias/aws/dynamodb` . */ kmsMasterKeyId: pulumi.Input; } interface GlobalTableReplicaStreamSpecificationArgs { /** * A resource-based policy document that contains the permissions for the specified stream of a DynamoDB global table replica. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource. * * In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) . * * You can update the `ResourcePolicy` property if you've specified more than one table using the [AWS ::DynamoDB::GlobalTable](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-dynamodb-globaltable.html) resource. */ resourcePolicy: pulumi.Input; } interface GlobalTableResourcePolicyArgs { /** * A resource-based policy document that contains permissions to add to the specified DynamoDB table, its indexes, and stream. In a CloudFormation template, you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to DynamoDB . For more information about resource-based policies, see [Using resource-based policies for DynamoDB](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html) . */ policyDocument: any; } interface GlobalTableSseSpecificationArgs { /** * Indicates whether server-side encryption is performed using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to KMS and an AWS managed key is used ( AWS charges apply). If disabled (false) or not specified,server-side encryption is set to an AWS owned key. If you choose to use KMS encryption, you can also use customer managed KMS keys by specifying them in the `ReplicaSpecification.SSESpecification` object. You cannot mix AWS managed and customer managed KMS keys. */ sseEnabled: pulumi.Input; /** * Server-side encryption type. The only supported value is: * * - `KMS` - Server-side encryption that uses AWS Key Management Service . The key is stored in your account and is managed by AWS ( AWS charges apply). */ sseType?: pulumi.Input; } interface GlobalTableStreamSpecificationArgs { /** * When an item in the table is modified, `StreamViewType` determines what information is written to the stream for this table. Valid values for `StreamViewType` are: * * - `KEYS_ONLY` - Only the key attributes of the modified item are written to the stream. * - `NEW_IMAGE` - The entire item, as it appears after it was modified, is written to the stream. * - `OLD_IMAGE` - The entire item, as it appeared before it was modified, is written to the stream. * - `NEW_AND_OLD_IMAGES` - Both the new and the old item images of the item are written to the stream. */ streamViewType: pulumi.Input; } interface GlobalTableTagArgs { /** * The key of the tag. Tag keys are case sensitive. Each DynamoDB table can only have up to one tag with the same key. If you try to add an existing tag (same key), the existing tag value will be updated to the new value. */ key: pulumi.Input; /** * The value of the tag. Tag values are case-sensitive and can be null. */ value: pulumi.Input; } interface GlobalTableTargetTrackingScalingPolicyConfigurationArgs { /** * Indicates whether scale in by the target tracking scaling policy is disabled. The default value is `false` . */ disableScaleIn?: pulumi.Input; /** * The amount of time, in seconds, after a scale-in activity completes before another scale-in activity can start. */ scaleInCooldown?: pulumi.Input; /** * The amount of time, in seconds, after a scale-out activity completes before another scale-out activity can start. */ scaleOutCooldown?: pulumi.Input; /** * Defines a target value for the scaling policy. */ targetValue: pulumi.Input; } interface GlobalTableTimeToLiveSpecificationArgs { /** * The name of the attribute used to store the expiration time for items in the table. * * Currently, you cannot directly change the attribute name used to evaluate time to live. In order to do so, you must first disable time to live, and then re-enable it with the new attribute name. It can take up to one hour for changes to time to live to take effect. If you attempt to modify time to live within that time window, your stack operation might be delayed. */ attributeName?: pulumi.Input; /** * Indicates whether TTL is to be enabled (true) or disabled (false) on the table. */ enabled: pulumi.Input; } interface GlobalTableWarmThroughputArgs { /** * Represents the number of read operations your base table can instantaneously support. */ readUnitsPerSecond?: pulumi.Input; /** * Represents the number of write operations your base table can instantaneously support. */ writeUnitsPerSecond?: pulumi.Input; } interface GlobalTableWitnessArgs { /** * The name of the AWS Region that serves as a witness for the MRSC global table. */ region?: pulumi.Input; } interface GlobalTableWriteOnDemandThroughputSettingsArgs { /** * Maximum number of write request settings for the specified replica of a global table. */ maxWriteRequestUnits?: pulumi.Input; } interface GlobalTableWriteProvisionedThroughputSettingsArgs { /** * Specifies auto scaling settings for the replica table or global secondary index. */ writeCapacityAutoScalingSettings?: pulumi.Input; } /** * Represents an attribute for describing the schema for the table and indexes. */ interface TableAttributeDefinitionArgs { /** * A name for the attribute. */ attributeName: pulumi.Input; /** * The data type for the attribute, where: * + ``S`` - the attribute is of type String * + ``N`` - the attribute is of type Number * + ``B`` - the attribute is of type Binary */ attributeType: pulumi.Input; } /** * Configures contributor insights settings for a table or one of its indexes. */ interface TableContributorInsightsSpecificationArgs { /** * Indicates whether CloudWatch Contributor Insights are to be enabled (true) or disabled (false). */ enabled: pulumi.Input; /** * Specifies the CloudWatch Contributor Insights mode for a table. Valid values are ``ACCESSED_AND_THROTTLED_KEYS`` (tracks all access and throttled events) or ``THROTTLED_KEYS`` (tracks only throttled events). This setting determines what type of contributor insights data is collected for the table. */ mode?: pulumi.Input; } /** * The options for imported source files in CSV format. The values are Delimiter and HeaderList. */ interface TableCsvArgs { /** * The delimiter used for separating items in the CSV file being imported. */ delimiter?: pulumi.Input; /** * List of the headers used to specify a common header for all source CSV files being imported. If this field is specified then the first line of each CSV file is treated as data instead of the header. If this field is not specified the the first line of each CSV file is treated as the header. */ headerList?: pulumi.Input[]>; } /** * Represents the properties of a global secondary index. */ interface TableGlobalSecondaryIndexArgs { /** * The settings used to specify whether to enable CloudWatch Contributor Insights for the global table and define which events to monitor. */ contributorInsightsSpecification?: pulumi.Input; /** * The name of the global secondary index. The name must be unique among all other indexes on this table. */ indexName: pulumi.Input; /** * The complete key schema for a global secondary index, which consists of one or more pairs of attribute names and key types: * + ``HASH`` - partition key * + ``RANGE`` - sort key * * The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keySchema: pulumi.Input[]>; /** * The maximum number of read and write units for the specified global secondary index. If you use this parameter, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both. You must use either ``OnDemandThroughput`` or ``ProvisionedThroughput`` based on your table's capacity mode. */ onDemandThroughput?: pulumi.Input; /** * Represents attributes that are copied (projected) from the table into the global secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. */ projection: pulumi.Input; /** * Represents the provisioned throughput settings for the specified global secondary index. You must use either ``OnDemandThroughput`` or ``ProvisionedThroughput`` based on your table's capacity mode. * For current minimum and maximum provisioned throughput values, see [Service, Account, and Table Quotas](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/Limits.html) in the *Amazon DynamoDB Developer Guide*. */ provisionedThroughput?: pulumi.Input; /** * Represents the warm throughput value (in read units per second and write units per second) for the specified secondary index. If you use this parameter, you must specify ``ReadUnitsPerSecond``, ``WriteUnitsPerSecond``, or both. */ warmThroughput?: pulumi.Input; } /** * Specifies the properties of data being imported from the S3 bucket source to the table. */ interface TableImportSourceSpecificationArgs { /** * Type of compression to be used on the input coming from the imported table. */ inputCompressionType?: pulumi.Input; /** * The format of the source data. Valid values for ``ImportFormat`` are ``CSV``, ``DYNAMODB_JSON`` or ``ION``. */ inputFormat: pulumi.Input; /** * Additional properties that specify how the input is formatted, */ inputFormatOptions?: pulumi.Input; /** * The S3 bucket that provides the source for the import. */ s3BucketSource: pulumi.Input; } /** * The format options for the data that was imported into the target table. There is one value, CsvOption. */ interface TableInputFormatOptionsArgs { /** * The options for imported source files in CSV format. The values are Delimiter and HeaderList. */ csv?: pulumi.Input; } /** * Represents *a single element* of a key schema. A key schema specifies the attributes that make up the primary key of a table, or the key attributes of an index. * A ``KeySchemaElement`` represents exactly one attribute of the primary key. For example, a simple primary key would be represented by one ``KeySchemaElement`` (for the partition key). A composite primary key would require one ``KeySchemaElement`` for the partition key, and another ``KeySchemaElement`` for the sort key. * A ``KeySchemaElement`` must be a scalar, top-level attribute (not a nested attribute). The data type must be one of String, Number, or Binary. The attribute cannot be nested within a List or a Map. */ interface TableKeySchemaArgs { /** * The name of a key attribute. */ attributeName: pulumi.Input; /** * The role that this key attribute will assume: * + ``HASH`` - partition key * + ``RANGE`` - sort key * * The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keyType: pulumi.Input; } /** * The Kinesis Data Streams configuration for the specified table. */ interface TableKinesisStreamSpecificationArgs { /** * The precision for the time and date that the stream was created. */ approximateCreationDateTimePrecision?: pulumi.Input; /** * The ARN for a specific Kinesis data stream. * Length Constraints: Minimum length of 37. Maximum length of 1024. */ streamArn: pulumi.Input; } /** * Represents the properties of a local secondary index. A local secondary index can only be created when its parent table is created. */ interface TableLocalSecondaryIndexArgs { /** * The name of the local secondary index. The name must be unique among all other indexes on this table. */ indexName: pulumi.Input; /** * The complete key schema for the local secondary index, consisting of one or more pairs of attribute names and key types: * + ``HASH`` - partition key * + ``RANGE`` - sort key * * The partition key of an item is also known as its *hash attribute*. The term "hash attribute" derives from DynamoDB's usage of an internal hash function to evenly distribute data items across partitions, based on their partition key values. * The sort key of an item is also known as its *range attribute*. The term "range attribute" derives from the way DynamoDB stores items with the same partition key physically close together, in sorted order by the sort key value. */ keySchema: pulumi.Input[]>; /** * Represents attributes that are copied (projected) from the table into the local secondary index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. */ projection: pulumi.Input; } /** * Sets the maximum number of read and write units for the specified on-demand table. If you use this property, you must specify ``MaxReadRequestUnits``, ``MaxWriteRequestUnits``, or both. */ interface TableOnDemandThroughputArgs { /** * Maximum number of read request units for the specified table. * To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxReadRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxReadRequestUnits`` to -1. */ maxReadRequestUnits?: pulumi.Input; /** * Maximum number of write request units for the specified table. * To specify a maximum ``OnDemandThroughput`` on your table, set the value of ``MaxWriteRequestUnits`` as greater than or equal to 1. To remove the maximum ``OnDemandThroughput`` that is currently set on your table, set the value of ``MaxWriteRequestUnits`` to -1. */ maxWriteRequestUnits?: pulumi.Input; } /** * The settings used to enable point in time recovery. */ interface TablePointInTimeRecoverySpecificationArgs { /** * Indicates whether point in time recovery is enabled (true) or disabled (false) on the table. */ pointInTimeRecoveryEnabled?: pulumi.Input; /** * The number of preceding days for which continuous backups are taken and maintained. Your table data is only recoverable to any point-in-time from within the configured recovery period. This parameter is optional. If no value is provided, the value will default to 35. */ recoveryPeriodInDays?: pulumi.Input; } /** * Represents attributes that are copied (projected) from the table into an index. These are in addition to the primary key attributes and index key attributes, which are automatically projected. */ interface TableProjectionArgs { /** * Represents the non-key attribute names which will be projected into the index. * For global and local secondary indexes, the total count of ``NonKeyAttributes`` summed across all of the secondary indexes, must not exceed 100. If you project the same attribute into two different indexes, this counts as two distinct attributes when determining the total. This limit only applies when you specify the ProjectionType of ``INCLUDE``. You still can specify the ProjectionType of ``ALL`` to project all attributes from the source table, even if the table has more than 100 attributes. */ nonKeyAttributes?: pulumi.Input[]>; /** * The set of attributes that are projected into the index: * + ``KEYS_ONLY`` - Only the index and primary keys are projected into the index. * + ``INCLUDE`` - In addition to the attributes described in ``KEYS_ONLY``, the secondary index will include other non-key attributes that you specify. * + ``ALL`` - All of the table attributes are projected into the index. * * When using the DynamoDB console, ``ALL`` is selected by default. */ projectionType?: pulumi.Input; } /** * Throughput for the specified table, which consists of values for ``ReadCapacityUnits`` and ``WriteCapacityUnits``. For more information about the contents of a provisioned throughput structure, see [Table ProvisionedThroughput](https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_ProvisionedThroughput.html). */ interface TableProvisionedThroughputArgs { /** * The maximum number of strongly consistent reads consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*. * If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0. */ readCapacityUnits: pulumi.Input; /** * The maximum number of writes consumed per second before DynamoDB returns a ``ThrottlingException``. For more information, see [Specifying Read and Write Requirements](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/ProvisionedThroughput.html) in the *Amazon DynamoDB Developer Guide*. * If read/write capacity mode is ``PAY_PER_REQUEST`` the value is set to 0. */ writeCapacityUnits: pulumi.Input; } /** * Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table, its indexes, and stream. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource. * In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html). * While defining resource-based policies in your CFNshort templates, the following considerations apply: * + The maximum size supported for a resource-based policy document in JSON format is 20 KB. DDB counts whitespaces when calculating the size of a policy against this limit. * + Resource-based policies don't support [drift detection](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-stack-drift.html#). If you update a policy outside of the CFNshort stack template, you'll need to update the CFNshort stack with the changes. * + Resource-based policies don't support out-of-band changes. If you add, update, or delete a policy outside of the CFNshort template, the change won't be overwritten if there are no changes to the policy within the template. * For example, say that your template contains a resource-based policy, which you later update outside of the template. If you don't make any changes to the policy in the template, the updated policy in DDB won’t be synced with the policy in the template. * Conversely, say that your template doesn’t contain a resource-based policy, but you add a policy outside of the template. This policy won’t be removed from DDB as long as you don’t add it to the template. When you add a policy to the template and update the stack, the existing policy in DDB will be updated to match the one defined in the template. * * For a full list of all considerations, see [Resource-based policy considerations](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-considerations.html). */ interface TableResourcePolicyArgs { /** * A resource-based policy document that contains permissions to add to the specified DDB table, index, or both. In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html). */ policyDocument: any; } /** * The S3 bucket that is being imported from. */ interface TableS3BucketSourceArgs { /** * The S3 bucket that is being imported from. */ s3Bucket: pulumi.Input; /** * The account number of the S3 bucket that is being imported from. If the bucket is owned by the requester this is optional. */ s3BucketOwner?: pulumi.Input; /** * The key prefix shared by all S3 Objects that are being imported. */ s3KeyPrefix?: pulumi.Input; } /** * Represents the settings used to enable server-side encryption. */ interface TableSseSpecificationArgs { /** * The KMS key that should be used for the KMS encryption. To specify a key, use its key ID, Amazon Resource Name (ARN), alias name, or alias ARN. Note that you should only provide this parameter if the key is different from the default DynamoDB key ``alias/aws/dynamodb``. */ kmsMasterKeyId?: pulumi.Input; /** * Indicates whether server-side encryption is done using an AWS managed key or an AWS owned key. If enabled (true), server-side encryption type is set to ``KMS`` and an AWS managed key is used (KMS charges apply). If disabled (false) or not specified, server-side encryption is set to AWS owned key. */ sseEnabled: pulumi.Input; /** * Server-side encryption type. The only supported value is: * + ``KMS`` - Server-side encryption that uses KMSlong. The key is stored in your account and is managed by KMS (KMS charges apply). */ sseType?: pulumi.Input; } /** * Represents the DynamoDB Streams configuration for a table in DynamoDB. */ interface TableStreamSpecificationArgs { /** * Creates or updates a resource-based policy document that contains the permissions for DDB resources, such as a table's streams. Resource-based policies let you define access permissions by specifying who has access to each resource, and the actions they are allowed to perform on each resource. * When you remove the ``StreamSpecification`` property from the template, DynamoDB disables the stream but retains any attached resource policy until the stream is deleted after 24 hours. When you modify the ``StreamViewType`` property, DynamoDB creates a new stream and retains the old stream's resource policy. The old stream and its resource policy are deleted after the 24-hour retention period. * In a CFNshort template, you can provide the policy in JSON or YAML format because CFNshort converts YAML to JSON before submitting it to DDB. For more information about resource-based policies, see [Using resource-based policies for](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/access-control-resource-based.html) and [Resource-based policy examples](https://docs.aws.amazon.com/amazondynamodb/latest/developerguide/rbac-examples.html). */ resourcePolicy?: pulumi.Input; /** * When an item in the table is modified, ``StreamViewType`` determines what information is written to the stream for this table. Valid values for ``StreamViewType`` are: * + ``KEYS_ONLY`` - Only the key attributes of the modified item are written to the stream. * + ``NEW_IMAGE`` - The entire item, as it appears after it was modified, is written to the stream. * + ``OLD_IMAGE`` - The entire item, as it appeared before it was modified, is written to the stream. * + ``NEW_AND_OLD_IMAGES`` - Both the new and the old item images of the item are written to the stream. */ streamViewType: pulumi.Input; } /** * Represents the settings used to enable or disable Time to Live (TTL) for the specified table. */ interface TableTimeToLiveSpecificationArgs { /** * The name of the TTL attribute used to store the expiration time for items in the table. * + The ``AttributeName`` property is required when enabling the TTL, or when TTL is already enabled. * + To update this property, you must first disable TTL and then enable TTL with the new attribute name. */ attributeName?: pulumi.Input; /** * Indicates whether TTL is to be enabled (true) or disabled (false) on the table. */ enabled: pulumi.Input; } /** * Provides visibility into the number of read and write operations your table or secondary index can instantaneously support. The settings can be modified using the ``UpdateTable`` operation to meet the throughput requirements of an upcoming peak event. */ interface TableWarmThroughputArgs { /** * Represents the number of read operations your base table can instantaneously support. */ readUnitsPerSecond?: pulumi.Input; /** * Represents the number of write operations your base table can instantaneously support. */ writeUnitsPerSecond?: pulumi.Input; } } export declare namespace ec2 { interface CapacityReservationFleetInstanceTypeSpecificationArgs { /** * The Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone. */ availabilityZone?: pulumi.Input; /** * The ID of the Availability Zone in which the Capacity Reservation Fleet reserves the capacity. A Capacity Reservation Fleet can't span Availability Zones. All instance type specifications that you specify for the Fleet must use the same Availability Zone. */ availabilityZoneId?: pulumi.Input; /** * Indicates whether the Capacity Reservation Fleet supports EBS-optimized instances types. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using EBS-optimized instance types. */ ebsOptimized?: pulumi.Input; /** * The type of operating system for which the Capacity Reservation Fleet reserves capacity. */ instancePlatform?: pulumi.Input; /** * The instance type for which the Capacity Reservation Fleet reserves capacity. */ instanceType?: pulumi.Input; /** * The priority to assign to the instance type. This value is used to determine which of the instance types specified for the Fleet should be prioritized for use. A lower value indicates a high priority. For more information, see [Instance type priority](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#instance-priority) in the *Amazon EC2 User Guide* . */ priority?: pulumi.Input; /** * The number of capacity units provided by the specified instance type. This value, together with the total target capacity that you specify for the Fleet determine the number of instances for which the Fleet reserves capacity. Both values are based on units that make sense for your workload. For more information, see [Total target capacity](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/crfleet-concepts.html#target-capacity) in the Amazon EC2 User Guide. * * Valid Range: Minimum value of `0.001` . Maximum value of `99.999` . */ weight?: pulumi.Input; } interface CapacityReservationFleetTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } interface CapacityReservationFleetTagSpecificationArgs { /** * The type of resource to tag on creation. Specify `capacity-reservation-fleet` . * * To tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html) . */ resourceType?: pulumi.Input; /** * The tags to apply to the resource. */ tags?: pulumi.Input[]>; } interface CapacityReservationTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } interface CapacityReservationTagSpecificationArgs { /** * The type of resource to tag. Specify `capacity-reservation` . */ resourceType?: pulumi.Input; /** * The tags to apply to the resource. */ tags?: pulumi.Input[]>; } /** * The CPU options for the instance. */ interface CpuOptionsPropertiesArgs { /** * The number of CPU cores for the instance. */ coreCount?: pulumi.Input; /** * The number of threads per CPU core. */ threadsPerCore?: pulumi.Input; } /** * The credit option for CPU usage of the burstable performance instance. Valid values are standard and unlimited. */ interface CreditSpecificationPropertiesArgs { /** * The credit option for CPU usage of the instance. * * Valid values: `standard` | `unlimited` * * T3 instances with `host` tenancy do not support the `unlimited` CPU credit option. */ cpuCredits?: pulumi.Input; } /** * The destination options. */ interface DestinationOptionsPropertiesArgs { /** * The format for the flow log. The default is `plain-text` . */ fileFormat: pulumi.Input; /** * Indicates whether to use Hive-compatible prefixes for flow logs stored in Amazon S3. The default is `false` . */ hiveCompatiblePartitions: pulumi.Input; /** * Indicates whether to partition the flow log per hour. This reduces the cost and response time for queries. The default is `false` . */ perHourPartition: pulumi.Input; } interface Ec2FleetAcceleratorCountRequestArgs { /** * The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` . */ max?: pulumi.Input; /** * The minimum number of accelerators. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetAcceleratorTotalMemoryMiBRequestArgs { /** * The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetBaselineEbsBandwidthMbpsRequestArgs { /** * The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetBaselinePerformanceFactorsRequestArgs { /** * The CPU performance to consider, using an instance family as the baseline reference. */ cpu?: pulumi.Input; } interface Ec2FleetBlockDeviceMappingArgs { /** * The device name. For available device names, see [Device names for volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html) . */ deviceName?: pulumi.Input; /** * Parameters used to automatically set up EBS volumes when the instance is launched. */ ebs?: pulumi.Input; /** * To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value. */ noDevice?: pulumi.Input; /** * The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume. * * NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect. * * Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI. */ virtualName?: pulumi.Input; } interface Ec2FleetCapacityRebalanceArgs { /** * The replacement strategy to use. Only available for fleets of type `maintain` . * * `launch` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. EC2 Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running. * * `launch-before-terminate` - EC2 Fleet launches a replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification. */ replacementStrategy?: pulumi.Input; /** * The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance. * * Required when `ReplacementStrategy` is set to `launch-before-terminate` . * * Not valid when `ReplacementStrategy` is set to `launch` . * * Valid values: Minimum value of `120` seconds. Maximum value of `7200` seconds. */ terminationDelay?: pulumi.Input; } interface Ec2FleetCapacityReservationOptionsRequestArgs { /** * Indicates whether to use unused Capacity Reservations for fulfilling On-Demand capacity. * * If you specify `use-capacity-reservations-first` , the fleet uses unused Capacity Reservations to fulfill On-Demand capacity up to the target On-Demand capacity. If multiple instance pools have unused Capacity Reservations, the On-Demand allocation strategy ( `lowest-price` or `prioritized` ) is applied. If the number of unused Capacity Reservations is less than the On-Demand target capacity, the remaining On-Demand target capacity is launched according to the On-Demand allocation strategy ( `lowest-price` or `prioritized` ). * * If you do not specify a value, the fleet fulfils the On-Demand capacity according to the chosen On-Demand allocation strategy. */ usageStrategy?: pulumi.Input; } interface Ec2FleetCpuPerformanceFactorRequestArgs { /** * Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences. * * > Currently, only one instance family can be specified in the list. */ references?: pulumi.Input[]>; } interface Ec2FleetEbsBlockDeviceArgs { /** * Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* . */ deleteOnTermination?: pulumi.Input; /** * Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS encryption](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption.html#encryption-parameters) in the *Amazon EBS User Guide* . * * In no case can you remove encryption from an encrypted volume. * * Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported instance types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-encryption-requirements.html#ebs-encryption_supported_instances) . * * - If you are creating a block device mapping for a *new (empty) volume* , you can include this parameter, and specify either `true` for an encrypted volume, or `false` for an unencrypted volume. If you omit this parameter, it defaults to `false` (unencrypted). * - If you are creating a block device mapping from an *existing encrypted or unencrypted snapshot* , you must omit this parameter. If you include this parameter, the request will fail, regardless of the value that you specify. * - If you are creating a block device mapping from an *existing unencrypted volume* , you can include this parameter, but you must specify `false` . If you specify `true` , the request will fail. In this case, we recommend that you omit the parameter. * - If you are creating a block device mapping from an *existing encrypted volume* , you can include this parameter, and specify either `true` or `false` . However, if you specify `false` , the parameter is ignored and the block device mapping is always encrypted. In this case, we recommend that you omit the parameter. */ encrypted?: pulumi.Input; /** * The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. * * The following are the supported values for each volume type: * * - `gp3` : 3,000 - 80,000 IOPS * - `io1` : 100 - 64,000 IOPS * - `io2` : 100 - 256,000 IOPS * * For `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS. * * This parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. */ iops?: pulumi.Input; /** * Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption. * * This parameter is only supported on `BlockDeviceMapping` objects called by [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , and [RequestSpotInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotInstances.html) . */ kmsKeyId?: pulumi.Input; /** * The ID of the snapshot. */ snapshotId?: pulumi.Input; /** * The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size. * * The following are the supported sizes for each volume type: * * - `gp2` : 1 - 16,384 GiB * - `gp3` : 1 - 65,536 GiB * - `io1` : 4 - 16,384 GiB * - `io2` : 4 - 65,536 GiB * - `st1` and `sc1` : 125 - 16,384 GiB * - `standard` : 1 - 1024 GiB */ volumeSize?: pulumi.Input; /** * The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* . */ volumeType?: pulumi.Input; } interface Ec2FleetFleetLaunchTemplateConfigRequestArgs { /** * The launch template to use. You must specify either the launch template ID or launch template name in the request. */ launchTemplateSpecification?: pulumi.Input; /** * Any parameters that you specify override the same parameters in the launch template. * * For fleets of type `request` and `maintain` , a maximum of 300 items is allowed across all launch templates. */ overrides?: pulumi.Input[]>; } interface Ec2FleetFleetLaunchTemplateOverridesRequestArgs { /** * The Availability Zone in which to launch the instances. For example, `us-east-2a` . * * Either `AvailabilityZone` or `AvailabilityZoneId` must be specified in the request, but not both. */ availabilityZone?: pulumi.Input; /** * The ID of the Availability Zone in which to launch the instances. For example, `use2-az1` . * * Either `AvailabilityZone` or `AvailabilityZoneId` must be specified in the request, but not both. */ availabilityZoneId?: pulumi.Input; /** * The block device mappings, which define the EBS volumes and instance store volumes to attach to the instance at launch. * * Supported only for fleets of type `instant` . * * For more information, see [Block device mappings for volumes on Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/block-device-mapping-concepts.html) in the *Amazon EC2 User Guide* . */ blockDeviceMappings?: pulumi.Input[]>; /** * The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes. * * > If you specify `InstanceRequirements` , you can't specify `InstanceType` . */ instanceRequirements?: pulumi.Input; /** * The instance type. * * `mac1.metal` is not supported as a launch template override. * * > If you specify `InstanceType` , you can't specify `InstanceRequirements` . */ instanceType?: pulumi.Input; /** * The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. * * > If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter. * > * > If you specify a maximum price, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an `InvalidParameterValue` error message. */ maxPrice?: pulumi.Input; /** * The location where the instance launched, if applicable. */ placement?: pulumi.Input; /** * The priority for the launch template override. The highest priority is launched first. * * If the On-Demand `AllocationStrategy` is set to `prioritized` , EC2 Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. * * If the Spot `AllocationStrategy` is set to `capacity-optimized-prioritized` , EC2 Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first. * * Valid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides. */ priority?: pulumi.Input; /** * The IDs of the subnets in which to launch the instances. Separate multiple subnet IDs using commas (for example, `subnet-1234abcdeexample1, subnet-0987cdef6example2` ). A request of type `instant` can have only one subnet ID. */ subnetId?: pulumi.Input; /** * The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O. * * If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1. * * > When specifying weights, the price used in the `lowest-price` and `price-capacity-optimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour. */ weightedCapacity?: pulumi.Input; } interface Ec2FleetFleetLaunchTemplateSpecificationRequestArgs { /** * The ID of the launch template. * * You must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. * * You must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both. */ launchTemplateName?: pulumi.Input; /** * The launch template version number, `$Latest` , or `$Default` . You must specify a value, otherwise the request fails. * * If the value is `$Latest` , Amazon EC2 uses the latest version of the launch template. * * If the value is `$Default` , Amazon EC2 uses the default version of the launch template. */ version: pulumi.Input; } interface Ec2FleetInstanceRequirementsRequestArgs { /** * The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance. * * To exclude accelerator-enabled instance types, set `Max` to `0` . * * Default: No minimum or maximum limits */ acceleratorCount?: pulumi.Input; /** * Indicates whether instance types must have accelerators by specific manufacturers. * * - For instance types with AWS devices, specify `amazon-web-services` . * - For instance types with AMD devices, specify `amd` . * - For instance types with Habana devices, specify `habana` . * - For instance types with NVIDIA devices, specify `nvidia` . * - For instance types with Xilinx devices, specify `xilinx` . * * Default: Any manufacturer */ acceleratorManufacturers?: pulumi.Input[]>; /** * The accelerators that must be on the instance type. * * - For instance types with NVIDIA A10G GPUs, specify `a10g` . * - For instance types with NVIDIA A100 GPUs, specify `a100` . * - For instance types with NVIDIA H100 GPUs, specify `h100` . * - For instance types with AWS Inferentia chips, specify `inferentia` . * - For instance types with AWS Inferentia2 chips, specify `inferentia2` . * - For instance types with Habana Gaudi HL-205 GPUs, specify `gaudi-hl-205` . * - For instance types with NVIDIA GRID K520 GPUs, specify `k520` . * - For instance types with NVIDIA K80 GPUs, specify `k80` . * - For instance types with NVIDIA L4 GPUs, specify `l4` . * - For instance types with NVIDIA L40S GPUs, specify `l40s` . * - For instance types with NVIDIA M60 GPUs, specify `m60` . * - For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` . * - For instance types with AWS Trainium chips, specify `trainium` . * - For instance types with AWS Trainium2 chips, specify `trainium2` . * - For instance types with NVIDIA T4 GPUs, specify `t4` . * - For instance types with NVIDIA T4G GPUs, specify `t4g` . * - For instance types with Xilinx U30 cards, specify `u30` . * - For instance types with Xilinx VU9P FPGAs, specify `vu9p` . * - For instance types with NVIDIA V100 GPUs, specify `v100` . * * Default: Any accelerator */ acceleratorNames?: pulumi.Input[]>; /** * The minimum and maximum amount of total accelerator memory, in MiB. * * Default: No minimum or maximum limits */ acceleratorTotalMemoryMiB?: pulumi.Input; /** * The accelerator types that must be on the instance type. * * - For instance types with FPGA accelerators, specify `fpga` . * - For instance types with GPU accelerators, specify `gpu` . * - For instance types with Inference accelerators, specify `inference` . * - For instance types with Media accelerators, specify `media` . * * Default: Any accelerator type */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. * * You can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` . * * For example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types. * * > If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . * * Default: All instance types */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether bare metal instance types must be included, excluded, or required. * * - To include bare metal instance types, specify `included` . * - To require only bare metal instance types, specify `required` . * - To exclude bare metal instance types, specify `excluded` . * * Default: `excluded` */ bareMetal?: pulumi.Input; /** * The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* . * * Default: No minimum or maximum limits */ baselineEbsBandwidthMbps?: pulumi.Input; /** * The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* . */ baselinePerformanceFactors?: pulumi.Input; /** * Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) . * * - To include burstable performance instance types, specify `included` . * - To require only burstable performance instance types, specify `required` . * - To exclude burstable performance instance types, specify `excluded` . * * Default: `excluded` */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include. * * - For instance types with Intel CPUs, specify `intel` . * - For instance types with AMD CPUs, specify `amd` . * - For instance types with AWS CPUs, specify `amazon-web-services` . * - For instance types with Apple CPUs, specify `apple` . * * > Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * Default: Any manufacturer */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. * * You can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` . * * For example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types. * * > If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . * * Default: No excluded instance types */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* . * * For current generation instance types, specify `current` . * * For previous generation instance types, specify `previous` . * * Default: Current and previous generation instance types */ instanceGenerations?: pulumi.Input[]>; /** * Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* . * * - To include instance types with instance store volumes, specify `included` . * - To require only instance types with instance store volumes, specify `required` . * - To exclude instance types with instance store volumes, specify `excluded` . * * Default: `included` */ localStorage?: pulumi.Input; /** * The type of local storage that is required. * * - For instance types with hard disk drive (HDD) storage, specify `hdd` . * - For instance types with solid state drive (SSD) storage, specify `ssd` . * * Default: `hdd` and `ssd` */ localStorageTypes?: pulumi.Input[]>; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price. * * > Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU, in GiB. * * Default: No minimum or maximum limits */ memoryGiBPerVCpu?: pulumi.Input; /** * The minimum and maximum amount of memory, in MiB. */ memoryMiB?: pulumi.Input; /** * The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* . * * Default: No minimum or maximum limits */ networkBandwidthGbps?: pulumi.Input; /** * The minimum and maximum number of network interfaces. * * Default: No minimum or maximum limits */ networkInterfaceCount?: pulumi.Input; /** * [Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * To indicate no price protection threshold, specify a high value, such as `999999` . * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) . * * > If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * * Default: `20` */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Specifies whether instance types must support encrypting in-transit traffic between instances. For more information, including the supported instance types, see [Encryption in transit](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit) in the *Amazon EC2 User Guide* . * * Default: `false` */ requireEncryptionInTransit?: pulumi.Input; /** * Indicates whether instance types must support hibernation for On-Demand Instances. * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) . * * Default: `false` */ requireHibernateSupport?: pulumi.Input; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) . * * > Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . * * Default: `100` */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * The minimum and maximum amount of total local storage, in GB. * * Default: No minimum or maximum limits */ totalLocalStorageGb?: pulumi.Input; /** * The minimum and maximum number of vCPUs. */ vCpuCount?: pulumi.Input; } interface Ec2FleetMaintenanceStrategiesArgs { /** * The strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. */ capacityRebalance?: pulumi.Input; } interface Ec2FleetMemoryGiBPerVCpuRequestArgs { /** * The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetMemoryMiBRequestArgs { /** * The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` . */ min?: pulumi.Input; } interface Ec2FleetNetworkBandwidthGbpsRequestArgs { /** * The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetNetworkInterfaceCountRequestArgs { /** * The maximum number of network interfaces. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of network interfaces. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetOnDemandOptionsRequestArgs { /** * The strategy that determines the order of the launch template overrides to use in fulfilling On-Demand capacity. * * `lowest-price` - EC2 Fleet uses price to determine the order, launching the lowest price first. * * `prioritized` - EC2 Fleet uses the priority that you assigned to each launch template override, launching the highest priority first. * * Default: `lowest-price` */ allocationStrategy?: pulumi.Input; /** * The strategy for using unused Capacity Reservations for fulfilling On-Demand capacity. * * Supported only for fleets of type `instant` . */ capacityReservationOptions?: pulumi.Input; /** * The maximum amount per hour for On-Demand Instances that you're willing to pay. * * > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* . */ maxTotalPrice?: pulumi.Input; /** * The minimum target capacity for On-Demand Instances in the fleet. If this minimum capacity isn't reached, no instances are launched. * * Constraints: Maximum value of `1000` . Supported only for fleets of type `instant` . * * At least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType` */ minTargetCapacity?: pulumi.Input; /** * Indicates that the fleet launches all On-Demand Instances into a single Availability Zone. * * Supported only for fleets of type `instant` . */ singleAvailabilityZone?: pulumi.Input; /** * Indicates that the fleet uses a single instance type to launch all On-Demand Instances in the fleet. * * Supported only for fleets of type `instant` . */ singleInstanceType?: pulumi.Input; } interface Ec2FleetPerformanceFactorReferenceRequestArgs { /** * The instance family to use as a baseline reference. * * > Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . * * The following instance families are *not supported* for performance protection: * * - `c1` * - `g3` | `g3s` * - `hpc7g` * - `m1` | `m2` * - `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro` * - `p3dn` | `p4d` | `p5` * - `t1` * - `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb` * * If you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families. * * If you specify an unsupported instance family as a value for baseline performance, the API returns an empty response response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) . */ instanceFamily?: pulumi.Input; } interface Ec2FleetPlacementArgs { /** * The affinity setting for the instance on the Dedicated Host. * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) . */ affinity?: pulumi.Input; /** * The Availability Zone of the instance. * * On input, you can specify `AvailabilityZone` or `AvailabilityZoneId` , but not both. If you specify neither one, Amazon EC2 automatically selects an Availability Zone for you. * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . */ availabilityZone?: pulumi.Input; /** * The name of the placement group that the instance is in. * * On input, you can specify `GroupId` or `GroupName` , but not both. */ groupName?: pulumi.Input; /** * The ID of the Dedicated Host on which the instance resides. * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) or [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) . */ hostId?: pulumi.Input; /** * The ARN of the host resource group in which to launch the instances. * * On input, if you specify this parameter, either omit the *Tenancy* parameter or set it to `host` . * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . */ hostResourceGroupArn?: pulumi.Input; /** * The number of the partition that the instance is in. Valid only if the placement group strategy is set to `partition` . * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . */ partitionNumber?: pulumi.Input; /** * Reserved for future use. */ spreadDomain?: pulumi.Input; /** * The tenancy of the instance. An instance with a tenancy of `dedicated` runs on single-tenant hardware. * * This parameter is not supported for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet) . The `host` tenancy is not supported for [ImportInstance](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportInstance.html) or for T3 instances that are configured for the `unlimited` CPU credit option. */ tenancy?: pulumi.Input; } interface Ec2FleetReservedCapacityOptionsRequestArgs { reservationTypes?: pulumi.Input[]>; } interface Ec2FleetSpotOptionsRequestArgs { /** * Indicates how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the EC2 Fleet. * * If the allocation strategy is `lowestPrice` , EC2 Fleet launches instances from the Spot Instance pools with the lowest price. This is the default allocation strategy. * * If the allocation strategy is `diversified` , EC2 Fleet launches instances from all the Spot Instance pools that you specify. * * If the allocation strategy is `capacityOptimized` , EC2 Fleet launches instances from Spot Instance pools that are optimally chosen based on the available Spot Instance capacity. * * *Allowed Values* : `lowestPrice` | `diversified` | `capacityOptimized` | `capacityOptimizedPrioritized` */ allocationStrategy?: pulumi.Input; /** * The behavior when a Spot Instance is interrupted. * * Default: `terminate` */ instanceInterruptionBehavior?: pulumi.Input; /** * The number of Spot pools across which to allocate your target Spot capacity. Supported only when Spot `AllocationStrategy` is set to `lowest-price` . EC2 Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify. * * Note that EC2 Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, EC2 Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified. */ instancePoolsToUseCount?: pulumi.Input; /** * The strategies for managing your Spot Instances that are at an elevated risk of being interrupted. */ maintenanceStrategies?: pulumi.Input; /** * The maximum amount per hour for Spot Instances that you're willing to pay. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. * * > If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `MaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `MaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* . */ maxTotalPrice?: pulumi.Input; /** * The minimum target capacity for Spot Instances in the fleet. If this minimum capacity isn't reached, no instances are launched. * * Constraints: Maximum value of `1000` . Supported only for fleets of type `instant` . * * At least one of the following must be specified: `SingleAvailabilityZone` | `SingleInstanceType` */ minTargetCapacity?: pulumi.Input; /** * Indicates that the fleet launches all Spot Instances into a single Availability Zone. * * Supported only for fleets of type `instant` . */ singleAvailabilityZone?: pulumi.Input; /** * Indicates that the fleet uses a single instance type to launch all Spot Instances in the fleet. * * Supported only for fleets of type `instant` . */ singleInstanceType?: pulumi.Input; } interface Ec2FleetTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } interface Ec2FleetTagSpecificationArgs { /** * The type of resource to tag. */ resourceType?: pulumi.Input; /** * The tags to apply to the resource. */ tags?: pulumi.Input[]>; } interface Ec2FleetTargetCapacitySpecificationRequestArgs { /** * The default target capacity type. */ defaultTargetCapacityType?: pulumi.Input; /** * The number of On-Demand units to request. */ onDemandTargetCapacity?: pulumi.Input; /** * The number of Spot units to request. */ spotTargetCapacity?: pulumi.Input; /** * The unit for the target capacity. You can specify this parameter only when using attributed-based instance type selection. * * Default: `units` (the number of instances) */ targetCapacityUnitType?: pulumi.Input; /** * The number of units to request, filled using the default target capacity type. */ totalTargetCapacity: pulumi.Input; } interface Ec2FleetTotalLocalStorageGbRequestArgs { /** * The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface Ec2FleetVCpuCountRangeRequestArgs { /** * The maximum number of vCPUs. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of vCPUs. To specify no minimum limit, specify `0` . */ min?: pulumi.Input; } /** * Indicates whether the instance is enabled for AWS Nitro Enclaves. */ interface EnclaveOptionsPropertiesArgs { /** * If this parameter is set to true, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves. */ enabled?: pulumi.Input; } /** * Indicates whether an instance is enabled for hibernation. */ interface HibernationOptionsPropertiesArgs { /** * If you set this parameter to true, your instance is enabled for hibernation. */ configured?: pulumi.Input; } interface InstanceAssociationParameterArgs { /** * The name of an input parameter that is in the associated SSM document. */ key: pulumi.Input; /** * The value of an input parameter. */ value: pulumi.Input[]>; } interface InstanceBlockDeviceMappingArgs { /** * The device name (for example, /dev/sdh or xvdh). */ deviceName: pulumi.Input; /** * Parameters used to automatically set up EBS volumes when the instance is launched. */ ebs?: pulumi.Input; /** * To omit the device from the block device mapping, specify an empty string. * * > After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . */ noDevice?: any; /** * The virtual device name ( `ephemeral` N). The name must be in the form `ephemeral` *X* where *X* is a number starting from zero (0). For example, an instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume. * * NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect. * * *Constraints* : For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI. * * > After the instance is running, modifying this parameter results in instance [replacement](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/using-cfn-updating-stacks-update-behaviors.html#update-replacement) . */ virtualName?: pulumi.Input; } interface InstanceEbsArgs { /** * Indicates whether the EBS volume is deleted on instance termination. */ deleteOnTermination?: pulumi.Input; /** * Indicates whether the volume should be encrypted. */ encrypted?: pulumi.Input; /** * The number of I/O operations per second (IOPS). For gp3, io1, and io2 volumes, this represents the number of IOPS that are provisioned for the volume. For gp2 volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. */ iops?: pulumi.Input; /** * The identifier of the AWS Key Management Service (AWS KMS) customer managed CMK to use for Amazon EBS encryption. If KmsKeyId is specified, the encrypted state must be true. If the encrypted state is true but you do not specify KmsKeyId, your AWS managed CMK for EBS is used. */ kmsKeyId?: pulumi.Input; /** * The ID of the snapshot. */ snapshotId?: pulumi.Input; /** * The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size. */ volumeSize?: pulumi.Input; /** * The volume type. */ volumeType?: pulumi.Input; } interface InstanceElasticGpuSpecificationArgs { /** * The type of Elastic Graphics accelerator. Amazon Elastic Graphics is no longer available. */ type: pulumi.Input; } interface InstanceElasticInferenceAcceleratorArgs { /** * The number of elastic inference accelerators to attach to the instance. Amazon Elastic Inference is no longer available. */ count?: pulumi.Input; /** * The type of elastic inference accelerator. Amazon Elastic Inference is no longer available. */ type: pulumi.Input; } /** * Specifies the ENA Express settings for the network interface that's attached to the instance. */ interface InstanceEnaSrdSpecificationArgs { /** * Specifies whether ENA Express is enabled for the network interface when you launch an instance. */ enaSrdEnabled?: pulumi.Input; /** * Configures ENA Express for UDP network traffic. */ enaSrdUdpSpecification?: pulumi.Input; } /** * Contains ENA Express settings for UDP network traffic for the network interface that's attached to the instance. */ interface InstanceEnaSrdUdpSpecificationArgs { /** * Indicates whether UDP traffic uses ENA Express for your instance. */ enaSrdUdpEnabled?: pulumi.Input; } interface InstanceIpv6AddressArgs { /** * The IPv6 address. */ ipv6Address: pulumi.Input; } interface InstanceLaunchTemplateSpecificationArgs { /** * The ID of the launch template. You must specify the LaunchTemplateName or the LaunchTemplateId, but not both. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. You must specify the LaunchTemplateName or the LaunchTemplateId, but not both. */ launchTemplateName?: pulumi.Input; /** * The version number of the launch template. */ version?: pulumi.Input; } interface InstanceLicenseSpecificationArgs { /** * The Amazon Resource Name (ARN) of the license configuration. */ licenseConfigurationArn: pulumi.Input; } interface InstanceMetadataOptionsArgs { /** * Enables or disables the HTTP metadata endpoint on your instances. If you specify a value of disabled, you cannot access your instance metadata. */ httpEndpoint?: pulumi.Input; /** * Enables or disables the IPv6 endpoint for the instance metadata service. To use this option, the instance must be a Nitro-based instance launched in a subnet that supports IPv6. */ httpProtocolIpv6?: pulumi.Input; /** * The number of network hops that the metadata token can travel. Maximum is 64. */ httpPutResponseHopLimit?: pulumi.Input; /** * Indicates whether IMDSv2 is required. */ httpTokens?: pulumi.Input; /** * Indicates whether tags from the instance are propagated to the EBS volumes. */ instanceMetadataTags?: pulumi.Input; } interface InstanceNetworkInterfaceArgs { /** * Not currently supported by AWS CloudFormation. */ associateCarrierIpAddress?: pulumi.Input; /** * Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. */ associatePublicIpAddress?: pulumi.Input; /** * If set to true, the interface is deleted when the instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * The description of the network interface. */ description?: pulumi.Input; /** * The position of the network interface in the attachment order. A primary network interface has a device index of 0. */ deviceIndex: pulumi.Input; /** * Configures ENA Express for UDP network traffic. */ enaSrdSpecification?: pulumi.Input; /** * The IDs of the security groups for the network interface. */ groupSet?: pulumi.Input[]>; /** * A number of IPv6 addresses to assign to the network interface. */ ipv6AddressCount?: pulumi.Input; /** * The IPv6 addresses associated with the network interface. */ ipv6Addresses?: pulumi.Input[]>; /** * The ID of the network interface. */ networkInterfaceId?: pulumi.Input; /** * The private IPv4 address of the network interface. */ privateIpAddress?: pulumi.Input; /** * One or more private IPv4 addresses to assign to the network interface. */ privateIpAddresses?: pulumi.Input[]>; /** * The number of secondary private IPv4 addresses. */ secondaryPrivateIpAddressCount?: pulumi.Input; /** * The ID of the subnet. */ subnetId?: pulumi.Input; } interface InstancePrivateDnsNameOptionsArgs { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * The type of hostnames to assign to instances in the subnet at launch. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see Amazon EC2 instance hostname types in the Amazon Elastic Compute Cloud User Guide. */ hostnameType?: pulumi.Input; } interface InstancePrivateIpAddressSpecificationArgs { /** * Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary. */ primary: pulumi.Input; /** * The private IPv4 addresses. */ privateIpAddress: pulumi.Input; } interface InstanceSsmAssociationArgs { /** * The input parameter values to use with the associated SSM document. */ associationParameters?: pulumi.Input[]>; /** * The name of an SSM document to associate with the instance. */ documentName: pulumi.Input; } interface InstanceVolumeArgs { /** * The device name (for example, /dev/sdh or xvdh). */ device: pulumi.Input; /** * The ID of the EBS volume. The volume and instance must be within the same Availability Zone. */ volumeId: pulumi.Input; } /** * The regions IPAM is enabled for. Allows pools to be created in these regions, as well as enabling monitoring */ interface IpamOperatingRegionArgs { /** * The name of the region. */ regionName: pulumi.Input; } /** * If your IPAM is integrated with AWS Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. */ interface IpamOrganizationalUnitExclusionArgs { /** * An AWS Organizations entity path. Build the path for the OU(s) using AWS Organizations IDs separated by a '/'. Include all child OUs by ending the path with '/*'. */ organizationsEntityPath: pulumi.Input; } /** * An address space to be inserted into this pool. All allocations must be made from this address space. */ interface IpamPoolProvisionedCidrArgs { /** * The CIDR provisioned to the IPAM pool. A CIDR is a representation of an IP address and its associated network mask (or netmask) and refers to a range of IP addresses. An IPv4 CIDR example is `10.24.34.0/23` . An IPv6 CIDR example is `2001:DB8::/32` . */ cidr: pulumi.Input; } /** * The resource associated with this pool's space. Depending on the ResourceType, setting a SourceResource changes which space can be provisioned in this pool and which types of resources can receive allocations */ interface IpamPoolSourceResourceArgs { /** * The source resource ID. */ resourceId: pulumi.Input; /** * The source resource owner. */ resourceOwner: pulumi.Input; /** * The source resource Region. */ resourceRegion: pulumi.Input; /** * The source resource type. */ resourceType: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface IpamPoolTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * CIDR selection rules define the business logic for selecting CIDRs from IPAM. If a CIDR matches any of the rules, it will be included. If a rule has multiple conditions, the CIDR has to match every condition of that rule. You can create a prefix list resolver without rules, but you'll need to add at least one rule before it can actually automate your prefix list updates. */ interface IpamPrefixListResolverRuleArgs { /** * Two of the rule types allow you to add conditions to the rules. (1) For IPAM Pool CIDR rules, you can specify an ipamPoolId; if not specified, the rule will apply to all IPAM Pool CIDRs in the scope. (2) For IPAM Resource CIDR rules, you can specify resourceId, resourceOwner, resourceRegion, cidr, or resourceTag. */ conditions?: pulumi.Input[]>; /** * This rule will only match resources that are in this IPAM Scope. */ ipamScopeId?: pulumi.Input; /** * The resourceType property only applies to ipam-resource-cidr rules; this property specifies what type of resources this rule will apply to, such as VPCs or Subnets. */ resourceType?: pulumi.Input; /** * There are three rule types: (1) Static CIDR: A fixed list of CIDRs that don't change (like a manual list replicated across Regions). (2) IPAM pool CIDR: CIDRs from specific IPAM pools (like all CIDRs from your IPAM production pool). (3) IPAM resource CIDR: CIDRs for AWS resources like VPCs, subnets, and EIPs within a specific IPAM scope. */ ruleType: pulumi.Input; /** * A fixed CIDR that doesn't change */ staticCidr?: pulumi.Input; } /** * Two of the rule types allow you to add conditions to the rules. (1) For IPAM Pool CIDR rules, you can specify an ipamPoolId; if not specified, the rule will apply to all IPAM Pool CIDRs in the scope. (2) For IPAM Resource CIDR rules, you can specify resourceId, resourceOwner, resourceRegion, cidr, or resourceTag. */ interface IpamPrefixListResolverRuleConditionArgs { /** * Condition for the IPAM Resource CIDR rule type. CIDR (like 10.24.34.0/23). */ cidr?: pulumi.Input; /** * Condition for the IPAM Pool CIDR rule type. If not chosen, the resolver applies to all IPAM Pool CIDRs in the scope. */ ipamPoolId?: pulumi.Input; /** * Equals, Not equals, or Subnet Of. The subnet-of operation only applies to cidr conditions. */ operation?: pulumi.Input; /** * Condition for the IPAM Resource CIDR rule type. The unique ID of a resource (like vpc-1234567890abcdef0). */ resourceId?: pulumi.Input; /** * Condition for the IPAM Resource CIDR rule type. Resource owner (like 111122223333). */ resourceOwner?: pulumi.Input; /** * Condition for the IPAM Resource CIDR rule type. Resource region (like us-east-1). */ resourceRegion?: pulumi.Input; /** * Condition for the IPAM Resource CIDR rule type. Resource Tag (like dev-vpc-1). */ resourceTag?: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface IpamPrefixListResolverTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * The regions IPAM Resource Discovery is enabled for. Allows for monitoring. */ interface IpamResourceDiscoveryIpamOperatingRegionArgs { /** * The name of the region. */ regionName: pulumi.Input; } /** * If your IPAM is integrated with AWS Organizations and you add an organizational unit (OU) exclusion, IPAM will not manage the IP addresses in accounts in that OU exclusion. */ interface IpamResourceDiscoveryOrganizationalUnitExclusionArgs { /** * An AWS Organizations entity path. Build the path for the OU(s) using AWS Organizations IDs separated by a '/'. Include all child OUs by ending the path with '/*'. */ organizationsEntityPath: pulumi.Input; } /** * External service configuration to connect your AWS IPAM scope. */ interface IpamScopeExternalAuthorityConfigurationArgs { /** * Resource identifier of the scope in the external service connecting to your AWS IPAM scope. */ externalResourceIdentifier: pulumi.Input; /** * An external service connecting to your AWS IPAM scope. */ ipamScopeExternalAuthorityType: pulumi.Input; } /** * The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance. */ interface LaunchTemplateAcceleratorCountArgs { /** * The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set ``Max`` to ``0``. */ max?: pulumi.Input; /** * The minimum number of accelerators. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * The minimum and maximum amount of total accelerator memory, in MiB. */ interface LaunchTemplateAcceleratorTotalMemoryMiBArgs { /** * The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide*. */ interface LaunchTemplateBaselineEbsBandwidthMbpsArgs { /** * The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. * Currently, this parameter only supports CPU performance as a baseline performance factor. For example, specifying ``c6i`` would use the CPU performance of the ``c6i`` family as the baseline reference. */ interface LaunchTemplateBaselinePerformanceFactorsArgs { /** * The CPU performance to consider, using an instance family as the baseline reference. */ cpu?: pulumi.Input; } /** * Specifies a block device mapping for a launch template. You must specify ``DeviceName`` plus exactly one of the following properties: ``Ebs``, ``NoDevice``, or ``VirtualName``. * ``BlockDeviceMapping`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateBlockDeviceMappingArgs { /** * The device name (for example, /dev/sdh or xvdh). */ deviceName?: pulumi.Input; /** * Parameters used to automatically set up EBS volumes when the instance is launched. */ ebs?: pulumi.Input; /** * To omit the device from the block device mapping, specify an empty string. */ noDevice?: pulumi.Input; /** * The virtual device name (ephemeralN). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for ephemeral0 and ephemeral1. The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume. */ virtualName?: pulumi.Input; } /** * Specifies an instance's Capacity Reservation targeting option. You can specify only one option at a time. * ``CapacityReservationSpecification`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateCapacityReservationSpecificationArgs { /** * Indicates the instance's Capacity Reservation preferences. Possible preferences include: * + ``capacity-reservations-only`` - The instance will only run in a Capacity Reservation or Capacity Reservation group. If capacity isn't available, the instance will fail to launch. * + ``open`` - The instance can run in any ``open`` Capacity Reservation that has matching attributes (instance type, platform, Availability Zone, tenancy). * + ``none`` - The instance avoids running in a Capacity Reservation even if one is available. The instance runs in On-Demand capacity. */ capacityReservationPreference?: pulumi.Input; /** * Information about the target Capacity Reservation or Capacity Reservation group. */ capacityReservationTarget?: pulumi.Input; } /** * Specifies a target Capacity Reservation. * ``CapacityReservationTarget`` is a property of the [Amazon EC2 LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html) property type. */ interface LaunchTemplateCapacityReservationTargetArgs { /** * The ID of the Capacity Reservation in which to run the instance. */ capacityReservationId?: pulumi.Input; /** * The ARN of the Capacity Reservation resource group in which to run the instance. */ capacityReservationResourceGroupArn?: pulumi.Input; } /** * A security group connection tracking specification that enables you to set the idle timeout for connection tracking on an Elastic network interface. For more information, see [Connection tracking timeouts](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-connection-tracking.html#connection-tracking-timeouts) in the *Amazon EC2 User Guide*. */ interface LaunchTemplateConnectionTrackingSpecificationArgs { /** * Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds. */ tcpEstablishedTimeout?: pulumi.Input; /** * Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds. */ udpStreamTimeout?: pulumi.Input; /** * Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds. */ udpTimeout?: pulumi.Input; } /** * Specifies the CPU performance to consider when using an instance family as the baseline reference. */ interface LaunchTemplateCpuArgs { /** * The instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes are compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences. */ references?: pulumi.Input[]>; } /** * Specifies the CPU options for an instance. For more information, see [Optimize CPU options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *User Guide*. * ``CpuOptions`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateCpuOptionsArgs { /** * Indicates whether to enable the instance for AMD SEV-SNP. AMD SEV-SNP is supported with M6a, R6a, and C6a instance types only. For more information, see [AMD SEV-SNP for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/sev-snp.html). */ amdSevSnp?: pulumi.Input; /** * The number of CPU cores for the instance. */ coreCount?: pulumi.Input; /** * The number of threads per CPU core. To disable multithreading for the instance, specify a value of ``1``. Otherwise, specify the default value of ``2``. */ threadsPerCore?: pulumi.Input; } /** * Specifies the credit option for CPU usage of a T2, T3, or T3a instance. * ``CreditSpecification`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateCreditSpecificationArgs { /** * The credit option for CPU usage of a T instance. * Valid values: ``standard`` | ``unlimited`` */ cpuCredits?: pulumi.Input; } /** * The information to include in the launch template. * You must specify at least one parameter for the launch template data. */ interface LaunchTemplateDataArgs { /** * The block device mapping. */ blockDeviceMappings?: pulumi.Input[]>; /** * The Capacity Reservation targeting option. If you do not specify this parameter, the instance's Capacity Reservation preference defaults to ``open``, which enables it to run in any open Capacity Reservation that has matching attributes (instance type, platform, Availability Zone). */ capacityReservationSpecification?: pulumi.Input; /** * The CPU options for the instance. For more information, see [CPU options for Amazon EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-optimize-cpu.html) in the *Amazon EC2 User Guide*. */ cpuOptions?: pulumi.Input; /** * The credit option for CPU usage of the instance. Valid only for T instances. */ creditSpecification?: pulumi.Input; /** * Indicates whether to enable the instance for stop protection. For more information, see [Enable stop protection for your EC2 instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-stop-protection.html) in the *Amazon EC2 User Guide*. */ disableApiStop?: pulumi.Input; /** * Indicates whether termination protection is enabled for the instance. The default is ``false``, which means that you can terminate the instance using the Amazon EC2 console, command line tools, or API. You can enable termination protection when you launch an instance, while the instance is running, or while the instance is stopped. */ disableApiTermination?: pulumi.Input; /** * Indicates whether the instance is optimized for Amazon EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal Amazon EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS-optimized instance. */ ebsOptimized?: pulumi.Input; /** * Indicates whether the instance is enabled for AWS Nitro Enclaves. For more information, see [What is Nitro Enclaves?](https://docs.aws.amazon.com/enclaves/latest/user/nitro-enclave.html) in the *Nitro Enclaves User Guide*. * You can't enable AWS Nitro Enclaves and hibernation on the same instance. */ enclaveOptions?: pulumi.Input; /** * Indicates whether an instance is enabled for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/hibernating-prerequisites.html). For more information, see [Hibernate your Amazon EC2 instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide*. */ hibernationOptions?: pulumi.Input; /** * The name or Amazon Resource Name (ARN) of an IAM instance profile. */ iamInstanceProfile?: pulumi.Input; /** * The ID of the AMI. Alternatively, you can specify a Systems Manager parameter, which will resolve to an AMI ID on launch. * Valid formats: * + ``ami-0ac394d6a3example`` * + ``resolve:ssm:parameter-name`` * + ``resolve:ssm:parameter-name:version-number`` * + ``resolve:ssm:parameter-name:label`` * * For more information, see [Use a Systems Manager parameter to find an AMI](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/finding-an-ami.html#using-systems-manager-parameter-to-find-AMI) in the *Amazon Elastic Compute Cloud User Guide*. */ imageId?: pulumi.Input; /** * Indicates whether an instance stops or terminates when you initiate shutdown from the instance (using the operating system command for system shutdown). * Default: ``stop`` */ instanceInitiatedShutdownBehavior?: pulumi.Input; /** * The market (purchasing) option for the instances. */ instanceMarketOptions?: pulumi.Input; /** * The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes. * You must specify ``VCpuCount`` and ``MemoryMiB``. All other attributes are optional. Any unspecified optional attribute is set to its default. * When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values. * To limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request: * + ``AllowedInstanceTypes`` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes. * + ``ExcludedInstanceTypes`` - The instance types to exclude from the list, even if they match your specified attributes. * * If you specify ``InstanceRequirements``, you can't specify ``InstanceType``. * Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html)AWS CloudFormation resource, you can't specify ``InstanceRequirements``. * For more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide*. */ instanceRequirements?: pulumi.Input; /** * The instance type. For more information, see [Amazon EC2 instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*. * If you specify ``InstanceType``, you can't specify ``InstanceRequirements``. */ instanceType?: pulumi.Input; /** * The ID of the kernel. * We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User Provided Kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide*. */ kernelId?: pulumi.Input; /** * The name of the key pair. You can create a key pair using [CreateKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateKeyPair.html) or [ImportKeyPair](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ImportKeyPair.html). * If you do not specify a key pair, you can't connect to the instance unless you choose an AMI that is configured to allow users another way to log in. */ keyName?: pulumi.Input; /** * The license configurations. */ licenseSpecifications?: pulumi.Input[]>; /** * The maintenance options of your instance. */ maintenanceOptions?: pulumi.Input; /** * The metadata options for the instance. For more information, see [Configure the Instance Metadata Service options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configuring-instance-metadata-options.html) in the *Amazon EC2 User Guide*. */ metadataOptions?: pulumi.Input; /** * The monitoring for the instance. */ monitoring?: pulumi.Input; /** * The network interfaces for the instance. */ networkInterfaces?: pulumi.Input[]>; /** * The settings for the network performance options for the instance. For more information, see [EC2 instance bandwidth weighting configuration](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/configure-bandwidth-weighting.html). */ networkPerformanceOptions?: pulumi.Input; /** * The placement for the instance. */ placement?: pulumi.Input; /** * The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*. */ privateDnsNameOptions?: pulumi.Input; /** * The ID of the RAM disk. * We recommend that you use PV-GRUB instead of kernels and RAM disks. For more information, see [User provided kernels](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/UserProvidedkernels.html) in the *Amazon EC2 User Guide*. */ ramDiskId?: pulumi.Input; /** * The IDs of the security groups. You can specify the IDs of existing security groups and references to resources created by the stack template. * If you specify a network interface, you must specify any security groups as part of the network interface instead. */ securityGroupIds?: pulumi.Input[]>; /** * The names of the security groups. For a nondefault VPC, you must use security group IDs instead. * If you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter. */ securityGroups?: pulumi.Input[]>; /** * The tags to apply to resources that are created during instance launch. * To tag the launch template itself, use [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#cfn-ec2-launchtemplate-tagspecifications). */ tagSpecifications?: pulumi.Input[]>; /** * The user data to make available to the instance. You must provide base64-encoded text. User data is limited to 16 KB. For more information, see [Run commands when you launch an EC2 instance with user data input](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/user-data.html) in the *Amazon EC2 User Guide*. * If you are creating the launch template for use with BATCH, the user data must be provided in the [MIME multi-part archive format](https://docs.aws.amazon.com/https://cloudinit.readthedocs.io/en/latest/topics/format.html#mime-multi-part-archive). For more information, see [Amazon EC2 user data in launch templates](https://docs.aws.amazon.com/batch/latest/userguide/launch-templates.html#lt-user-data) in the *User Guide*. */ userData?: pulumi.Input; } /** * Parameters for a block device for an EBS volume in an Amazon EC2 launch template. * ``Ebs`` is a property of [AWS::EC2::LaunchTemplate BlockDeviceMapping](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-blockdevicemapping.html). */ interface LaunchTemplateEbsArgs { /** * Indicates whether the EBS volume is deleted on instance termination. */ deleteOnTermination?: pulumi.Input; ebsCardIndex?: pulumi.Input; /** * Indicates whether the EBS volume is encrypted. Encrypted volumes can only be attached to instances that support Amazon EBS encryption. If you are creating a volume from a snapshot, you can't specify an encryption value. */ encrypted?: pulumi.Input; /** * The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. * The following are the supported values for each volume type: * + ``gp3``: 3,000 - 80,000 IOPS * + ``io1``: 100 - 64,000 IOPS * + ``io2``: 100 - 256,000 IOPS * * For ``io2`` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/ec2/latest/instancetypes/ec2-nitro-instances.html). On other instances, you can achieve performance up to 32,000 IOPS. * This parameter is supported for ``io1``, ``io2``, and ``gp3`` volumes only. */ iops?: pulumi.Input; /** * Identifier (key ID, key alias, key ARN, or alias ARN) of the customer managed KMS key to use for EBS encryption. */ kmsKeyId?: pulumi.Input; /** * The ID of the snapshot. */ snapshotId?: pulumi.Input; /** * The throughput to provision for a ``gp3`` volume, with a maximum of 2,000 MiB/s. * Valid Range: Minimum value of 125. Maximum value of 2,000. */ throughput?: pulumi.Input; /** * Specifies the Amazon EBS Provisioned Rate for Volume Initialization (volume initialization rate), in MiB/s, at which to download the snapshot blocks from Amazon S3 to the volume. This is also known as *volume initialization*. Specifying a volume initialization rate ensures that the volume is initialized at a predictable and consistent rate after creation. * This parameter is supported only for volumes created from snapshots. Omit this parameter if: * + You want to create the volume using fast snapshot restore. You must specify a snapshot that is enabled for fast snapshot restore. In this case, the volume is fully initialized at creation. * If you specify a snapshot that is enabled for fast snapshot restore and a volume initialization rate, the volume will be initialized at the specified rate instead of fast snapshot restore. * + You want to create a volume that is initialized at the default rate. * * For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EC2 User Guide*. * Valid range: 100 - 300 MiB/s */ volumeInitializationRate?: pulumi.Input; /** * The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. The following are the supported volumes sizes for each volume type: * + ``gp2``: 1 - 16,384 GiB * + ``gp3``: 1 - 65,536 GiB * + ``io1``: 4 - 16,384 GiB * + ``io2``: 4 - 65,536 GiB * + ``st1`` and ``sc1``: 125 - 16,384 GiB * + ``standard``: 1 - 1024 GiB */ volumeSize?: pulumi.Input; /** * The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide*. */ volumeType?: pulumi.Input; } /** * ENA Express uses AWS Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances. With ENA Express, you can communicate between two EC2 instances in the same subnet within the same account, or in different accounts. Both sending and receiving instances must have ENA Express enabled. * To improve the reliability of network packet delivery, ENA Express reorders network packets on the receiving end by default. However, some UDP-based applications are designed to handle network packets that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express is enabled, you can specify whether UDP network traffic uses it. */ interface LaunchTemplateEnaSrdSpecificationArgs { /** * Indicates whether ENA Express is enabled for the network interface. */ enaSrdEnabled?: pulumi.Input; /** * Configures ENA Express for UDP network traffic. */ enaSrdUdpSpecification?: pulumi.Input; } /** * ENA Express is compatible with both TCP and UDP transport protocols. When it's enabled, TCP traffic automatically uses it. However, some UDP-based applications are designed to handle network packets that are out of order, without a need for retransmission, such as live video broadcasting or other near-real-time applications. For UDP traffic, you can specify whether to use ENA Express, based on your application environment needs. */ interface LaunchTemplateEnaSrdUdpSpecificationArgs { /** * Indicates whether UDP traffic to and from the instance uses ENA Express. To specify this setting, you must first enable ENA Express. */ enaSrdUdpEnabled?: pulumi.Input; } /** * Indicates whether the instance is enabled for AWS Nitro Enclaves. */ interface LaunchTemplateEnclaveOptionsArgs { /** * If this parameter is set to ``true``, the instance is enabled for AWS Nitro Enclaves; otherwise, it is not enabled for AWS Nitro Enclaves. */ enabled?: pulumi.Input; } /** * Specifies whether your instance is configured for hibernation. This parameter is valid only if the instance meets the [hibernation prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html#hibernating-prerequisites). For more information, see [Hibernate Your Instance](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Hibernate.html) in the *Amazon EC2 User Guide*. * ``HibernationOptions`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateHibernationOptionsArgs { /** * If you set this parameter to ``true``, the instance is enabled for hibernation. * Default: ``false`` */ configured?: pulumi.Input; } /** * Specifies an IAM instance profile, which is a container for an IAM role for your instance. You can use an IAM role to distribute your AWS credentials to your instances. * If you are creating the launch template for use with an ASlong group, you can specify either the name or the ARN of the instance profile, but not both. * ``IamInstanceProfile`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateIamInstanceProfileArgs { /** * The Amazon Resource Name (ARN) of the instance profile. */ arn?: pulumi.Input; /** * The name of the instance profile. */ name?: pulumi.Input; } /** * Specifies the market (purchasing) option for an instance. * ``InstanceMarketOptions`` is a property of the [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateInstanceMarketOptionsArgs { /** * The market type. */ marketType?: pulumi.Input; /** * The options for Spot Instances. */ spotOptions?: pulumi.Input; } /** * The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with these attributes. * You must specify ``VCpuCount`` and ``MemoryMiB``. All other attributes are optional. Any unspecified optional attribute is set to its default. * When you specify multiple attributes, you get instance types that satisfy all of the specified attributes. If you specify multiple values for an attribute, you get instance types that satisfy any of the specified values. * To limit the list of instance types from which Amazon EC2 can identify matching instance types, you can use one of the following parameters, but not both in the same request: * + ``AllowedInstanceTypes`` - The instance types to include in the list. All other instance types are ignored, even if they match your specified attributes. * + ``ExcludedInstanceTypes`` - The instance types to exclude from the list, even if they match your specified attributes. * * If you specify ``InstanceRequirements``, you can't specify ``InstanceType``. * Attribute-based instance type selection is only supported when using Auto Scaling groups, EC2 Fleet, and Spot Fleet to launch instances. If you plan to use the launch template in the [launch instance wizard](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-instance-wizard.html), or with the [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) API or [AWS::EC2::Instance](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-instance.html)AWS CloudFormation resource, you can't specify ``InstanceRequirements``. * For more information, see [Specify attributes for instance type selection for EC2 Fleet or Spot Fleet](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html) and [Spot placement score](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-placement-score.html) in the *Amazon EC2 User Guide*. */ interface LaunchTemplateInstanceRequirementsArgs { /** * The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance. * To exclude accelerator-enabled instance types, set ``Max`` to ``0``. * Default: No minimum or maximum limits */ acceleratorCount?: pulumi.Input; /** * Indicates whether instance types must have accelerators by specific manufacturers. * + For instance types with AWS devices, specify ``amazon-web-services``. * + For instance types with AMD devices, specify ``amd``. * + For instance types with Habana devices, specify ``habana``. * + For instance types with NVIDIA devices, specify ``nvidia``. * + For instance types with Xilinx devices, specify ``xilinx``. * * Default: Any manufacturer */ acceleratorManufacturers?: pulumi.Input[]>; /** * The accelerators that must be on the instance type. * + For instance types with NVIDIA A10G GPUs, specify ``a10g``. * + For instance types with NVIDIA A100 GPUs, specify ``a100``. * + For instance types with NVIDIA H100 GPUs, specify ``h100``. * + For instance types with AWS Inferentia chips, specify ``inferentia``. * + For instance types with NVIDIA GRID K520 GPUs, specify ``k520``. * + For instance types with NVIDIA K80 GPUs, specify ``k80``. * + For instance types with NVIDIA M60 GPUs, specify ``m60``. * + For instance types with AMD Radeon Pro V520 GPUs, specify ``radeon-pro-v520``. * + For instance types with NVIDIA T4 GPUs, specify ``t4``. * + For instance types with NVIDIA T4G GPUs, specify ``t4g``. * + For instance types with Xilinx VU9P FPGAs, specify ``vu9p``. * + For instance types with NVIDIA V100 GPUs, specify ``v100``. * * Default: Any accelerator */ acceleratorNames?: pulumi.Input[]>; /** * The minimum and maximum amount of total accelerator memory, in MiB. * Default: No minimum or maximum limits */ acceleratorTotalMemoryMiB?: pulumi.Input; /** * The accelerator types that must be on the instance type. * + For instance types with FPGA accelerators, specify ``fpga``. * + For instance types with GPU accelerators, specify ``gpu``. * + For instance types with Inference accelerators, specify ``inference``. * * Default: Any accelerator type */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. * You can use strings with one or more wild cards, represented by an asterisk (``*``), to allow an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``. * For example, if you specify ``c5*``,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 will allow all the M5a instance types, but not the M5n instance types. * If you specify ``AllowedInstanceTypes``, you can't specify ``ExcludedInstanceTypes``. * Default: All instance types */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether bare metal instance types must be included, excluded, or required. * + To include bare metal instance types, specify ``included``. * + To require only bare metal instance types, specify ``required``. * + To exclude bare metal instance types, specify ``excluded``. * * Default: ``excluded`` */ bareMetal?: pulumi.Input; /** * The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide*. * Default: No minimum or maximum limits */ baselineEbsBandwidthMbps?: pulumi.Input; /** * The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide*. */ baselinePerformanceFactors?: pulumi.Input; /** * Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html). * + To include burstable performance instance types, specify ``included``. * + To require only burstable performance instance types, specify ``required``. * + To exclude burstable performance instance types, specify ``excluded``. * * Default: ``excluded`` */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include. * + For instance types with Intel CPUs, specify ``intel``. * + For instance types with AMD CPUs, specify ``amd``. * + For instance types with AWS CPUs, specify ``amazon-web-services``. * + For instance types with Apple CPUs, specify ``apple``. * * Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * Default: Any manufacturer */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. * You can use strings with one or more wild cards, represented by an asterisk (``*``), to exclude an instance type, size, or generation. The following are examples: ``m5.8xlarge``, ``c5*.*``, ``m5a.*``, ``r*``, ``*3*``. * For example, if you specify ``c5*``,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify ``m5a.*``, Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types. * If you specify ``ExcludedInstanceTypes``, you can't specify ``AllowedInstanceTypes``. * Default: No excluded instance types */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide*. * For current generation instance types, specify ``current``. * For previous generation instance types, specify ``previous``. * Default: Current and previous generation instance types */ instanceGenerations?: pulumi.Input[]>; /** * Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide*. * + To include instance types with instance store volumes, specify ``included``. * + To require only instance types with instance store volumes, specify ``required``. * + To exclude instance types with instance store volumes, specify ``excluded``. * * Default: ``included`` */ localStorage?: pulumi.Input; /** * The type of local storage that is required. * + For instance types with hard disk drive (HDD) storage, specify ``hdd``. * + For instance types with solid state drive (SSD) storage, specify ``ssd``. * * Default: ``hdd`` and ``ssd`` */ localStorageTypes?: pulumi.Input[]>; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is based on the per vCPU or per memory price instead of the per instance price. * Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``. */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU, in GiB. * Default: No minimum or maximum limits */ memoryGiBPerVCpu?: pulumi.Input; /** * The minimum and maximum amount of memory, in MiB. */ memoryMiB?: pulumi.Input; /** * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). * Default: No minimum or maximum limits */ networkBandwidthGbps?: pulumi.Input; /** * The minimum and maximum number of network interfaces. * Default: No minimum or maximum limits */ networkInterfaceCount?: pulumi.Input; /** * [Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * To turn off price protection, specify a high value, such as ``999999``. * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). * If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * Default: ``20`` */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicates whether instance types must support hibernation for On-Demand Instances. * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html). * Default: ``false`` */ requireHibernateSupport?: pulumi.Input; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold. * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * If you set ``TargetCapacityUnitType`` to ``vcpu`` or ``memory-mib``, the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html). * Only one of ``SpotMaxPricePercentageOverLowestPrice`` or ``MaxSpotPriceAsPercentageOfOptimalOnDemandPrice`` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as ``999999``. * Default: ``100`` */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * The minimum and maximum amount of total local storage, in GB. * Default: No minimum or maximum limits */ totalLocalStorageGb?: pulumi.Input; /** * The minimum and maximum number of vCPUs. */ vCpuCount?: pulumi.Input; } /** * Specifies an IPv4 prefix for a network interface. * ``Ipv4PrefixSpecification`` is a property of [AWS::EC2::LaunchTemplate NetworkInterface](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterface.html). */ interface LaunchTemplateIpv4PrefixSpecificationArgs { /** * The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide*. */ ipv4Prefix?: pulumi.Input; } /** * Specifies an IPv6 address in an Amazon EC2 launch template. * ``Ipv6Add`` is a property of [AWS::EC2::LaunchTemplate NetworkInterface](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterface.html). */ interface LaunchTemplateIpv6AddArgs { /** * One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses. */ ipv6Address?: pulumi.Input; } /** * Specifies an IPv6 prefix for a network interface. * ``Ipv6PrefixSpecification`` is a property of [AWS::EC2::LaunchTemplate NetworkInterface](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterface.html). */ interface LaunchTemplateIpv6PrefixSpecificationArgs { /** * The IPv6 prefix. */ ipv6Prefix?: pulumi.Input; } /** * Specifies a license configuration for an instance. * ``LicenseSpecification`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateLicenseSpecificationArgs { /** * The Amazon Resource Name (ARN) of the license configuration. */ licenseConfigurationArn?: pulumi.Input; } /** * The maintenance options of your instance. */ interface LaunchTemplateMaintenanceOptionsArgs { /** * Disables the automatic recovery behavior of your instance or sets it to default. */ autoRecovery?: pulumi.Input; } /** * The minimum and maximum amount of memory per vCPU, in GiB. */ interface LaunchTemplateMemoryGiBPerVCpuArgs { /** * The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * The minimum and maximum amount of memory, in MiB. */ interface LaunchTemplateMemoryMiBArgs { /** * The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory, in MiB. To specify no minimum limit, specify ``0``. */ min?: pulumi.Input; } /** * The metadata options for the instance. For more information, see [Instance metadata and user data](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-metadata.html) in the *Amazon EC2 User Guide*. * ``MetadataOptions`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateMetadataOptionsArgs { /** * Enables or disables the HTTP metadata endpoint on your instances. If the parameter is not specified, the default state is ``enabled``. * If you specify a value of ``disabled``, you will not be able to access your instance metadata. */ httpEndpoint?: pulumi.Input; /** * Enables or disables the IPv6 endpoint for the instance metadata service. * Default: ``disabled`` */ httpProtocolIpv6?: pulumi.Input; /** * The desired HTTP PUT response hop limit for instance metadata requests. The larger the number, the further instance metadata requests can travel. * Default: ``1`` * Possible values: Integers from 1 to 64 */ httpPutResponseHopLimit?: pulumi.Input; /** * Indicates whether IMDSv2 is required. * + ``optional`` - IMDSv2 is optional. You can choose whether to send a session token in your instance metadata retrieval requests. If you retrieve IAM role credentials without a session token, you receive the IMDSv1 role credentials. If you retrieve IAM role credentials using a valid session token, you receive the IMDSv2 role credentials. * + ``required`` - IMDSv2 is required. You must send a session token in your instance metadata retrieval requests. With this option, retrieving the IAM role credentials always returns IMDSv2 credentials; IMDSv1 credentials are not available. * * Default: If the value of ``ImdsSupport`` for the Amazon Machine Image (AMI) for your instance is ``v2.0``, the default is ``required``. */ httpTokens?: pulumi.Input; /** * Set to ``enabled`` to allow access to instance tags from the instance metadata. Set to ``disabled`` to turn off access to instance tags from the instance metadata. For more information, see [View tags for your EC2 instances using instance metadata](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/work-with-tags-in-IMDS.html). * Default: ``disabled`` */ instanceMetadataTags?: pulumi.Input; } /** * Specifies whether detailed monitoring is enabled for an instance. For more information about detailed monitoring, see [Enable or turn off detailed monitoring for your instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/using-cloudwatch-new.html) in the *User Guide*. * ``Monitoring`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateMonitoringArgs { /** * Specify ``true`` to enable detailed monitoring. Otherwise, basic monitoring is enabled. */ enabled?: pulumi.Input; } /** * The minimum and maximum amount of network bandwidth, in gigabits per second (Gbps). * Setting the minimum bandwidth does not guarantee that your instance will achieve the minimum bandwidth. Amazon EC2 will identify instance types that support the specified minimum bandwidth, but the actual bandwidth of your instance might go below the specified minimum at times. For more information, see [Available instance bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html#available-instance-bandwidth) in the *Amazon EC2 User Guide*. */ interface LaunchTemplateNetworkBandwidthGbpsArgs { /** * The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of network bandwidth, in Gbps. If this parameter is not specified, there is no minimum limit. */ min?: pulumi.Input; } /** * Specifies the parameters for a network interface. * ``NetworkInterface`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplateNetworkInterfaceArgs { /** * Associates a Carrier IP address with eth0 for a new network interface. * Use this option when you launch an instance in a Wavelength Zone and want to associate a Carrier IP address with the network interface. For more information about Carrier IP addresses, see [Carrier IP addresses](https://docs.aws.amazon.com/wavelength/latest/developerguide/how-wavelengths-work.html#provider-owned-ip) in the *Developer Guide*. */ associateCarrierIpAddress?: pulumi.Input; /** * Associates a public IPv4 address with eth0 for a new network interface. * AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/). */ associatePublicIpAddress?: pulumi.Input; /** * A connection tracking specification for the network interface. */ connectionTrackingSpecification?: pulumi.Input; /** * Indicates whether the network interface is deleted when the instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * A description for the network interface. */ description?: pulumi.Input; /** * The device index for the network interface attachment. The primary network interface has a device index of 0. If the network interface is of type ``interface``, you must specify a device index. * If you create a launch template that includes secondary network interfaces but no primary network interface, and you specify it using the ``LaunchTemplate`` property of ``AWS::EC2::Instance``, then you must include a primary network interface using the ``NetworkInterfaces`` property of ``AWS::EC2::Instance``. */ deviceIndex?: pulumi.Input; /** * The number of ENA queues to be created with the instance. */ enaQueueCount?: pulumi.Input; /** * The ENA Express configuration for the network interface. */ enaSrdSpecification?: pulumi.Input; /** * The IDs of one or more security groups. */ groups?: pulumi.Input[]>; /** * The type of network interface. To create an Elastic Fabric Adapter (EFA), specify ``efa`` or ``efa``. For more information, see [Elastic Fabric Adapter for AI/ML and HPC workloads on Amazon EC2](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/efa.html) in the *Amazon EC2 User Guide*. * If you are not creating an EFA, specify ``interface`` or omit this parameter. * If you specify ``efa-only``, do not assign any IP addresses to the network interface. EFA-only network interfaces do not support IP addresses. * Valid values: ``interface`` | ``efa`` | ``efa-only`` */ interfaceType?: pulumi.Input; /** * The number of IPv4 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the ``Ipv4Prefix`` option. */ ipv4PrefixCount?: pulumi.Input; /** * One or more IPv4 prefixes to be assigned to the network interface. You cannot use this option if you use the ``Ipv4PrefixCount`` option. */ ipv4Prefixes?: pulumi.Input[]>; /** * The number of IPv6 addresses to assign to a network interface. Amazon EC2 automatically selects the IPv6 addresses from the subnet range. You can't use this option if specifying specific IPv6 addresses. */ ipv6AddressCount?: pulumi.Input; /** * One or more specific IPv6 addresses from the IPv6 CIDR block range of your subnet. You can't use this option if you're specifying a number of IPv6 addresses. */ ipv6Addresses?: pulumi.Input[]>; /** * The number of IPv6 prefixes to be automatically assigned to the network interface. You cannot use this option if you use the ``Ipv6Prefix`` option. */ ipv6PrefixCount?: pulumi.Input; /** * One or more IPv6 prefixes to be assigned to the network interface. You cannot use this option if you use the ``Ipv6PrefixCount`` option. */ ipv6Prefixes?: pulumi.Input[]>; /** * The index of the network card. Some instance types support multiple network cards. The primary network interface must be assigned to network card index 0. The default is network card index 0. */ networkCardIndex?: pulumi.Input; /** * The ID of the network interface. */ networkInterfaceId?: pulumi.Input; /** * The primary IPv6 address of the network interface. When you enable an IPv6 GUA address to be a primary IPv6, the first IPv6 GUA will be made the primary IPv6 address until the instance is terminated or the network interface is detached. For more information about primary IPv6 addresses, see [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html). */ primaryIpv6?: pulumi.Input; /** * The primary private IPv4 address of the network interface. */ privateIpAddress?: pulumi.Input; /** * One or more private IPv4 addresses. */ privateIpAddresses?: pulumi.Input[]>; /** * The number of secondary private IPv4 addresses to assign to a network interface. */ secondaryPrivateIpAddressCount?: pulumi.Input; /** * The ID of the subnet for the network interface. */ subnetId?: pulumi.Input; } /** * The minimum and maximum number of network interfaces. */ interface LaunchTemplateNetworkInterfaceCountArgs { /** * The maximum number of network interfaces. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of network interfaces. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * Contains settings for the network performance options for the instance. */ interface LaunchTemplateNetworkPerformanceOptionsArgs { /** * Specify the bandwidth weighting option to boost the associated type of baseline bandwidth, as follows: * + default This option uses the standard bandwidth configuration for your instance type. + vpc-1 This option boosts your networking baseline bandwidth and reduces your EBS baseline bandwidth. + ebs-1 This option boosts your EBS baseline bandwidth and reduces your networking baseline bandwidth. */ bandwidthWeighting?: pulumi.Input; } /** * Specifies the placement of an instance. * ``Placement`` is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface LaunchTemplatePlacementArgs { /** * The affinity setting for an instance on a Dedicated Host. */ affinity?: pulumi.Input; /** * The Availability Zone for the instance. * Either ``AvailabilityZone`` or ``AvailabilityZoneId`` can be specified, but not both */ availabilityZone?: pulumi.Input; /** * The Group Id of a placement group. You must specify the Placement Group *Group Id* to launch an instance in a shared placement group. */ groupId?: pulumi.Input; /** * The name of the placement group for the instance. */ groupName?: pulumi.Input; /** * The ID of the Dedicated Host for the instance. */ hostId?: pulumi.Input; /** * The ARN of the host resource group in which to launch the instances. If you specify a host resource group ARN, omit the *Tenancy* parameter or set it to ``host``. */ hostResourceGroupArn?: pulumi.Input; /** * The number of the partition the instance should launch in. Valid only if the placement group strategy is set to ``partition``. */ partitionNumber?: pulumi.Input; /** * Reserved for future use. */ spreadDomain?: pulumi.Input; /** * The tenancy of the instance. An instance with a tenancy of dedicated runs on single-tenant hardware. */ tenancy?: pulumi.Input; } /** * The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*. */ interface LaunchTemplatePrivateDnsNameOptionsArgs { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostnames with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*. */ hostnameType?: pulumi.Input; } /** * Specifies a secondary private IPv4 address for a network interface. * ``PrivateIpAdd`` is a property of [AWS::EC2::LaunchTemplate NetworkInterface](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-networkinterface.html). */ interface LaunchTemplatePrivateIpAddArgs { /** * Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary. */ primary?: pulumi.Input; /** * The private IPv4 address. */ privateIpAddress?: pulumi.Input; } /** * Specifies an instance family to use as the baseline reference for CPU performance. */ interface LaunchTemplateReferenceArgs { /** * The instance family to use as a baseline reference. * Ensure that you specify the correct value for the instance family. The instance family is everything before the period (``.``) in the instance type name. For example, in the instance type ``c6i.large``, the instance family is ``c6i``, not ``c6``. For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types*. * The following instance families are *not supported* for performance protection: * + ``c1`` * + ``g3`` | ``g3s`` * + ``hpc7g`` * + ``m1`` | ``m2`` * + ``mac1`` | ``mac2`` | ``mac2-m1ultra`` | ``mac2-m2`` | ``mac2-m2pro`` * + ``p3dn`` | ``p4d`` | ``p5`` * + ``t1`` * + ``u-12tb1`` | ``u-18tb1`` | ``u-24tb1`` | ``u-3tb1`` | ``u-6tb1`` | ``u-9tb1`` | ``u7i-12tb`` | ``u7in-16tb`` | ``u7in-24tb`` | ``u7in-32tb`` * * If you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families. */ instanceFamily?: pulumi.Input; } /** * Specifies options for Spot Instances. * ``SpotOptions`` is a property of [AWS::EC2::LaunchTemplate InstanceMarketOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata-instancemarketoptions.html). */ interface LaunchTemplateSpotOptionsArgs { /** * Deprecated. */ blockDurationMinutes?: pulumi.Input; /** * The behavior when a Spot Instance is interrupted. The default is ``terminate``. */ instanceInterruptionBehavior?: pulumi.Input; /** * The maximum hourly price you're willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. If you do specify this parameter, it must be more than USD $0.001. Specifying a value below USD $0.001 will result in an ``InvalidParameterValue`` error message when the launch template is used to launch an instance. * If you specify a maximum price, your Spot Instances will be interrupted more frequently than if you do not specify this parameter. */ maxPrice?: pulumi.Input; /** * The Spot Instance request type. * If you are using Spot Instances with an Auto Scaling group, use ``one-time`` requests, as the ASlong service handles requesting new Spot Instances whenever the group is below its desired capacity. */ spotInstanceType?: pulumi.Input; /** * The end date of the request, in UTC format (*YYYY-MM-DD*T*HH:MM:SS*Z). Supported only for persistent requests. * + For a persistent request, the request remains active until the ``ValidUntil`` date and time is reached. Otherwise, the request remains active until you cancel it. * + For a one-time request, ``ValidUntil`` is not supported. The request remains active until all instances launch or you cancel the request. * * Default: 7 days from the current date */ validUntil?: pulumi.Input; } /** * Specifies a tag. For more information, see [Resource tags](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-resource-tags.html). */ interface LaunchTemplateTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } /** * Specifies the tags to apply to the launch template during creation. * To specify the tags for the resources that are created during instance launch, use [AWS::EC2::LaunchTemplate TagSpecification](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-tagspecification.html). * ``LaunchTemplateTagSpecification`` is a property of [AWS::EC2::LaunchTemplate](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html). */ interface LaunchTemplateTagSpecificationArgs { /** * The type of resource. To tag a launch template, ``ResourceType`` must be ``launch-template``. */ resourceType?: pulumi.Input; /** * The tags for the resource. */ tags?: pulumi.Input[]>; } /** * The minimum and maximum amount of total local storage, in GB. */ interface LaunchTemplateTotalLocalStorageGbArgs { /** * The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } /** * The minimum and maximum number of vCPUs. */ interface LaunchTemplateVCpuCountArgs { /** * The maximum number of vCPUs. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of vCPUs. To specify no minimum limit, specify ``0``. */ min?: pulumi.Input; } /** * For regional NAT gateways only: The configuration specifying which Elastic IP address (EIP) to use for handling outbound NAT traffic from a specific Availability Zone. * A regional NAT gateway is a single NAT Gateway that works across multiple availability zones (AZs) in your VPC, providing redundancy, scalability and availability across all the AZs in a Region. * For more information, see [Regional NAT gateways for automatic multi-AZ expansion](https://docs.aws.amazon.com/vpc/latest/userguide/nat-gateways-regional.html) in the *Amazon VPC User Guide*. */ interface NatGatewayAvailabilityZoneAddressArgs { /** * The allocation IDs of the Elastic IP addresses (EIPs) to be used for handling outbound NAT traffic in this specific Availability Zone. */ allocationIds: pulumi.Input[]>; /** * For regional NAT gateways only: The Availability Zone where this specific NAT gateway configuration will be active. Each AZ in a regional NAT gateway has its own configuration to handle outbound NAT traffic from that AZ. * A regional NAT gateway is a single NAT Gateway that works across multiple availability zones (AZs) in your VPC, providing redundancy, scalability and availability across all the AZs in a Region. */ availabilityZone?: pulumi.Input; /** * For regional NAT gateways only: The ID of the Availability Zone where this specific NAT gateway configuration will be active. Each AZ in a regional NAT gateway has its own configuration to handle outbound NAT traffic from that AZ. Use this instead of AvailabilityZone for consistent identification of AZs across AWS Regions. * A regional NAT gateway is a single NAT Gateway that works across multiple availability zones (AZs) in your VPC, providing redundancy, scalability and availability across all the AZs in a Region. */ availabilityZoneId?: pulumi.Input; } interface NetworkInsightsAccessScopeAccessScopePathRequestArgs { /** * The destination. */ destination?: pulumi.Input; /** * The source. */ source?: pulumi.Input; /** * The through resources. */ throughResources?: pulumi.Input[]>; } interface NetworkInsightsAccessScopePacketHeaderStatementRequestArgs { /** * The destination addresses. */ destinationAddresses?: pulumi.Input[]>; /** * The destination ports. */ destinationPorts?: pulumi.Input[]>; /** * The destination prefix lists. */ destinationPrefixLists?: pulumi.Input[]>; /** * The protocols. */ protocols?: pulumi.Input[]>; /** * The source addresses. */ sourceAddresses?: pulumi.Input[]>; /** * The source ports. */ sourcePorts?: pulumi.Input[]>; /** * The source prefix lists. */ sourcePrefixLists?: pulumi.Input[]>; } interface NetworkInsightsAccessScopePathStatementRequestArgs { /** * The packet header statement. */ packetHeaderStatement?: pulumi.Input; /** * The resource statement. */ resourceStatement?: pulumi.Input; } interface NetworkInsightsAccessScopeResourceStatementRequestArgs { /** * The resource types. */ resourceTypes?: pulumi.Input[]>; /** * The resources. */ resources?: pulumi.Input[]>; } interface NetworkInsightsAccessScopeThroughResourcesStatementRequestArgs { /** * The resource statement. */ resourceStatement?: pulumi.Input; } interface NetworkInsightsPathFilterPortRangeArgs { /** * The first port in the range. */ fromPort?: pulumi.Input; /** * The last port in the range. */ toPort?: pulumi.Input; } interface NetworkInsightsPathPathFilterArgs { /** * The destination IPv4 address. */ destinationAddress?: pulumi.Input; /** * The destination port range. */ destinationPortRange?: pulumi.Input; /** * The source IPv4 address. */ sourceAddress?: pulumi.Input; /** * The source port range. */ sourcePortRange?: pulumi.Input; } /** * ENA Express uses AWS Scalable Reliable Datagram (SRD) technology to increase the maximum bandwidth used per stream and minimize tail latency of network traffic between EC2 instances. With ENA Express, you can communicate between two EC2 instances in the same subnet within the same account, or in different accounts. Both sending and receiving instances must have ENA Express enabled. * To improve the reliability of network packet delivery, ENA Express reorders network packets on the receiving end by default. However, some UDP-based applications are designed to handle network packets that are out of order to reduce the overhead for packet delivery at the network layer. When ENA Express is enabled, you can specify whether UDP network traffic uses it. */ interface NetworkInterfaceAttachmentEnaSrdSpecificationArgs { /** * Indicates whether ENA Express is enabled for the network interface. */ enaSrdEnabled?: pulumi.Input; /** * Configures ENA Express for UDP network traffic. */ enaSrdUdpSpecification?: pulumi.Input; } /** * Configures ENA Express for UDP network traffic. */ interface NetworkInterfaceAttachmentEnaSrdSpecificationEnaSrdUdpSpecificationPropertiesArgs { enaSrdUdpEnabled?: pulumi.Input; } interface NetworkInterfaceConnectionTrackingSpecificationArgs { /** * Timeout (in seconds) for idle TCP connections in an established state. Min: 60 seconds. Max: 432000 seconds (5 days). Default: 432000 seconds. Recommended: Less than 432000 seconds. */ tcpEstablishedTimeout?: pulumi.Input; /** * Timeout (in seconds) for idle UDP flows classified as streams which have seen more than one request-response transaction. Min: 60 seconds. Max: 180 seconds (3 minutes). Default: 180 seconds. */ udpStreamTimeout?: pulumi.Input; /** * Timeout (in seconds) for idle UDP flows that have seen traffic only in a single direction or a single request-response transaction. Min: 30 seconds. Max: 60 seconds. Default: 30 seconds. */ udpTimeout?: pulumi.Input; } interface NetworkInterfaceInstanceIpv6AddressArgs { /** * An IPv6 address to associate with the network interface. */ ipv6Address: pulumi.Input; } interface NetworkInterfaceIpv4PrefixSpecificationArgs { /** * The IPv4 prefix. For information, see [Assigning prefixes to network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon EC2 User Guide* . */ ipv4Prefix: pulumi.Input; } interface NetworkInterfaceIpv6PrefixSpecificationArgs { /** * The IPv6 prefix. For information, see [Assigning prefixes to Amazon EC2 network interfaces](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-prefix-eni.html) in the *Amazon Elastic Compute Cloud User Guide* . */ ipv6Prefix: pulumi.Input; } interface NetworkInterfacePrivateIpAddressSpecificationArgs { /** * Sets the private IP address as the primary private address. You can set only one primary private IP address. If you don't specify a primary private IP address, Amazon EC2 automatically assigns a primary private IP address. */ primary: pulumi.Input; /** * The private IP address of the network interface. */ privateIpAddress: pulumi.Input; } /** * The options for the transit gateway vpc attachment. */ interface OptionsPropertiesArgs { /** * Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable */ applianceModeSupport?: pulumi.Input; /** * Indicates whether to enable DNS Support for Vpc Attachment. Valid Values: enable | disable */ dnsSupport?: pulumi.Input; /** * Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable */ ipv6Support?: pulumi.Input; /** * Indicates whether to enable Security Group referencing support for Vpc Attachment. Valid values: enable | disable */ securityGroupReferencingSupport?: pulumi.Input; } interface PrefixListEntryArgs { /** * The CIDR block. */ cidr: pulumi.Input; /** * A description for the entry. * * Constraints: Up to 255 characters in length. */ description?: pulumi.Input; } /** * The hostname type for EC2 instances launched into this subnet and how DNS A and AAAA record queries to the instances should be handled. For more information, see [Amazon EC2 instance hostname types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-naming.html) in the *User Guide*. * Available options: * + EnableResourceNameDnsAAAARecord (true | false) * + EnableResourceNameDnsARecord (true | false) * + HostnameType (ip-name | resource-name) */ interface PrivateDnsNameOptionsOnLaunchPropertiesArgs { /** * Indicates whether to respond to DNS queries for instance hostnames with DNS A records. */ enableResourceNameDnsARecord?: pulumi.Input; /** * Indicates whether to respond to DNS queries for instance hostname with DNS AAAA records. */ enableResourceNameDnsAaaaRecord?: pulumi.Input; /** * The type of hostname for EC2 instances. For IPv4 only subnets, an instance DNS name must be based on the instance IPv4 address. For IPv6 only subnets, an instance DNS name must be based on the instance ID. For dual-stack subnets, you can specify whether DNS names use the instance IPv4 address or the instance ID. */ hostnameType?: pulumi.Input; } /** * BGP Options */ interface RouteServerPeerBgpOptionsArgs { /** * BGP ASN of the Route Server Peer */ peerAsn?: pulumi.Input; /** * BGP Liveness Detection */ peerLivenessDetection?: pulumi.Input; } interface SecurityGroupEgressArgs { /** * The IPv4 address range, in CIDR format. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` . * * For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* . */ cidrIp?: pulumi.Input; /** * The IPv6 address range, in CIDR format. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` . * * For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* . */ cidrIpv6?: pulumi.Input; /** * A description for the security group rule. * * Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$* */ description?: pulumi.Input; /** * The prefix list IDs for the destination AWS service. This is the AWS service that you want to access through a VPC endpoint from instances associated with the security group. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` . */ destinationPrefixListId?: pulumi.Input; /** * The ID of the destination VPC security group. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `DestinationPrefixListId` , or `DestinationSecurityGroupId` . */ destinationSecurityGroupId?: pulumi.Input; /** * If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). */ fromPort?: pulumi.Input; /** * The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ). * * Use `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed. */ ipProtocol: pulumi.Input; /** * If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes). */ toPort?: pulumi.Input; } interface SecurityGroupIngressArgs { /** * The IPv4 address range, in CIDR format. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` . * * For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* . */ cidrIp?: pulumi.Input; /** * The IPv6 address range, in CIDR format. * * You must specify exactly one of the following: `CidrIp` , `CidrIpv6` , `SourcePrefixListId` , or `SourceSecurityGroupId` . * * For examples of rules that you can add to security groups for specific access scenarios, see [Security group rules for different use cases](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/security-group-rules-reference.html) in the *Amazon EC2 User Guide* . */ cidrIpv6?: pulumi.Input; /** * Updates the description of an ingress (inbound) security group rule. You can replace an existing description, or add a description to a rule that did not have one previously. * * Constraints: Up to 255 characters in length. Allowed characters are a-z, A-Z, 0-9, spaces, and ._-:/()#,@[]+=;{}!$* */ description?: pulumi.Input; /** * If the protocol is TCP or UDP, this is the start of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP type or -1 (all ICMP types). */ fromPort?: pulumi.Input; /** * The IP protocol name ( `tcp` , `udp` , `icmp` , `icmpv6` ) or number (see [Protocol Numbers](https://docs.aws.amazon.com/http://www.iana.org/assignments/protocol-numbers/protocol-numbers.xhtml) ). * * Use `-1` to specify all protocols. When authorizing security group rules, specifying `-1` or a protocol number other than `tcp` , `udp` , `icmp` , or `icmpv6` allows traffic on all ports, regardless of any port range you specify. For `tcp` , `udp` , and `icmp` , you must specify a port range. For `icmpv6` , the port range is optional; if you omit the port range, traffic for all types and codes is allowed. */ ipProtocol: pulumi.Input; /** * The ID of a prefix list. */ sourcePrefixListId?: pulumi.Input; /** * The ID of the security group. */ sourceSecurityGroupId?: pulumi.Input; /** * [Default VPC] The name of the source security group. You must specify either the security group ID or the security group name. You can't specify the group name in combination with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access. * * For security groups in a nondefault VPC, you must specify the group ID. */ sourceSecurityGroupName?: pulumi.Input; /** * [nondefault VPC] The AWS account ID for the source security group, if the source security group is in a different account. You can't specify this property with an IP address range. Creates rules that grant full ICMP, UDP, and TCP access. * * If you specify `SourceSecurityGroupName` or `SourceSecurityGroupId` and that security group is owned by a different account than the account creating the stack, you must specify the `SourceSecurityGroupOwnerId` ; otherwise, this property is optional. */ sourceSecurityGroupOwnerId?: pulumi.Input; /** * If the protocol is TCP or UDP, this is the end of the port range. If the protocol is ICMP or ICMPv6, this is the ICMP code or -1 (all ICMP codes). If the start port is -1 (all ICMP types), then the end port must be -1 (all ICMP codes). */ toPort?: pulumi.Input; } interface SpotFleetAcceleratorCountRequestArgs { /** * The maximum number of accelerators. To specify no maximum limit, omit this parameter. To exclude accelerator-enabled instance types, set `Max` to `0` . */ max?: pulumi.Input; /** * The minimum number of accelerators. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetAcceleratorTotalMemoryMiBRequestArgs { /** * The maximum amount of accelerator memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of accelerator memory, in MiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetBaselineEbsBandwidthMbpsRequestArgs { /** * The maximum baseline bandwidth, in Mbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum baseline bandwidth, in Mbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetBaselinePerformanceFactorsRequestArgs { /** * The CPU performance to consider, using an instance family as the baseline reference. */ cpu?: pulumi.Input; } interface SpotFleetBlockDeviceMappingArgs { /** * The device name. For available device names, see [Device names for volumes](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/device_naming.html) . */ deviceName: pulumi.Input; /** * Parameters used to automatically set up EBS volumes when the instance is launched. */ ebs?: pulumi.Input; /** * To omit the device from the block device mapping, specify an empty string. When this property is specified, the device is removed from the block device mapping regardless of the assigned value. */ noDevice?: pulumi.Input; /** * The virtual device name ( `ephemeral` N). Instance store volumes are numbered starting from 0. An instance type with 2 available instance store volumes can specify mappings for `ephemeral0` and `ephemeral1` . The number of available instance store volumes depends on the instance type. After you connect to the instance, you must mount the volume. * * NVMe instance store volumes are automatically enumerated and assigned a device name. Including them in your block device mapping has no effect. * * Constraints: For M3 instances, you must specify instance store volumes in the block device mapping for the instance. When you launch an M3 instance, we ignore any instance store volumes specified in the block device mapping for the AMI. */ virtualName?: pulumi.Input; } interface SpotFleetClassicLoadBalancerArgs { /** * The name of the load balancer. */ name: pulumi.Input; } interface SpotFleetClassicLoadBalancersConfigArgs { /** * One or more Classic Load Balancers. */ classicLoadBalancers: pulumi.Input[]>; } interface SpotFleetCpuPerformanceFactorRequestArgs { /** * Specify an instance family to use as the baseline reference for CPU performance. All instance types that match your specified attributes will be compared against the CPU performance of the referenced instance family, regardless of CPU manufacturer or architecture differences. * * > Currently, only one instance family can be specified in the list. */ references?: pulumi.Input[]>; } interface SpotFleetEbsBlockDeviceArgs { /** * Indicates whether the EBS volume is deleted on instance termination. For more information, see [Preserving Amazon EBS volumes on instance termination](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/terminating-instances.html#preserving-volumes-on-termination) in the *Amazon EC2 User Guide* . */ deleteOnTermination?: pulumi.Input; /** * Indicates whether the encryption state of an EBS volume is changed while being restored from a backing snapshot. The effect of setting the encryption state to `true` depends on the volume origin (new or from a snapshot), starting encryption state, ownership, and whether encryption by default is enabled. For more information, see [Amazon EBS Encryption](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#encryption-parameters) in the *Amazon EC2 User Guide* . * * In no case can you remove encryption from an encrypted volume. * * Encrypted volumes can only be attached to instances that support Amazon EBS encryption. For more information, see [Supported Instance Types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSEncryption.html#EBSEncryption_supported_instances) . * * This parameter is not returned by [DescribeImageAttribute](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeImageAttribute.html) . */ encrypted?: pulumi.Input; /** * The number of I/O operations per second (IOPS). For `gp3` , `io1` , and `io2` volumes, this represents the number of IOPS that are provisioned for the volume. For `gp2` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. * * The following are the supported values for each volume type: * * - `gp3` : 3,000 - 80,000 IOPS * - `io1` : 100 - 64,000 IOPS * - `io2` : 100 - 256,000 IOPS * * For `io2` volumes, you can achieve up to 256,000 IOPS on [instances built on the Nitro System](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html#ec2-nitro-instances) . On other instances, you can achieve performance up to 32,000 IOPS. * * This parameter is required for `io1` and `io2` volumes. The default for `gp3` volumes is 3,000 IOPS. */ iops?: pulumi.Input; /** * The ID of the snapshot. */ snapshotId?: pulumi.Input; /** * The size of the volume, in GiBs. You must specify either a snapshot ID or a volume size. If you specify a snapshot, the default is the snapshot size. You can specify a volume size that is equal to or larger than the snapshot size. * * The following are the supported sizes for each volume type: * * - `gp2` : 1 - 16,384 GiB * - `gp3` : 1 - 65,536 GiB * - `io1` : 4 - 16,384 GiB * - `io2` : 4 - 65,536 GiB * - `st1` and `sc1` : 125 - 16,384 GiB * - `standard` : 1 - 1024 GiB */ volumeSize?: pulumi.Input; /** * The volume type. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/ebs/latest/userguide/ebs-volume-types.html) in the *Amazon EBS User Guide* . */ volumeType?: pulumi.Input; } interface SpotFleetFleetLaunchTemplateSpecificationArgs { /** * The ID of the launch template. * * You must specify the `LaunchTemplateId` or the `LaunchTemplateName` , but not both. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template. * * You must specify the `LaunchTemplateName` or the `LaunchTemplateId` , but not both. */ launchTemplateName?: pulumi.Input; /** * The version number of the launch template. * * Specifying `$Latest` or `$Default` for the template version number is not supported. However, you can specify `LatestVersionNumber` or `DefaultVersionNumber` using the `Fn::GetAtt` intrinsic function. For more information, see [Fn::GetAtt](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-ec2-launchtemplate.html#aws-resource-ec2-launchtemplate-return-values-fn--getatt) . */ version: pulumi.Input; } interface SpotFleetGroupIdentifierArgs { /** * The ID of the security group. */ groupId: pulumi.Input; } interface SpotFleetIamInstanceProfileSpecificationArgs { /** * The Amazon Resource Name (ARN) of the instance profile. */ arn?: pulumi.Input; } interface SpotFleetInstanceIpv6AddressArgs { /** * The IPv6 address. */ ipv6Address: pulumi.Input; } interface SpotFleetInstanceNetworkInterfaceSpecificationArgs { /** * Indicates whether to assign a public IPv4 address to an instance you launch in a VPC. The public IP address can only be assigned to a network interface for eth0, and can only be assigned to a new network interface, not an existing one. You cannot specify more than one network interface in the request. If launching into a default subnet, the default value is `true` . * * AWS charges for all public IPv4 addresses, including public IPv4 addresses associated with running instances and Elastic IP addresses. For more information, see the *Public IPv4 Address* tab on the [Amazon VPC pricing page](https://docs.aws.amazon.com/vpc/pricing/) . */ associatePublicIpAddress?: pulumi.Input; /** * Indicates whether the network interface is deleted when the instance is terminated. */ deleteOnTermination?: pulumi.Input; /** * The description of the network interface. Applies only if creating a network interface when launching an instance. */ description?: pulumi.Input; /** * The position of the network interface in the attachment order. A primary network interface has a device index of 0. * * If you specify a network interface when launching an instance, you must specify the device index. */ deviceIndex?: pulumi.Input; /** * The IDs of the security groups for the network interface. Applies only if creating a network interface when launching an instance. */ groups?: pulumi.Input[]>; /** * A number of IPv6 addresses to assign to the network interface. Amazon EC2 chooses the IPv6 addresses from the range of the subnet. You cannot specify this option and the option to assign specific IPv6 addresses in the same request. You can specify this option if you've specified a minimum number of instances to launch. */ ipv6AddressCount?: pulumi.Input; /** * The IPv6 addresses to assign to the network interface. You cannot specify this option and the option to assign a number of IPv6 addresses in the same request. You cannot specify this option if you've specified a minimum number of instances to launch. */ ipv6Addresses?: pulumi.Input[]>; /** * The ID of the network interface. * * If you are creating a Spot Fleet, omit this parameter because you can’t specify a network interface ID in a launch specification. */ networkInterfaceId?: pulumi.Input; /** * The private IPv4 addresses to assign to the network interface. Only one private IPv4 address can be designated as primary. You cannot specify this option if you're launching more than one instance in a [RunInstances](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RunInstances.html) request. */ privateIpAddresses?: pulumi.Input[]>; /** * The number of secondary private IPv4 addresses. You can’t specify this parameter and also specify a secondary private IP address using the `PrivateIpAddress` parameter. */ secondaryPrivateIpAddressCount?: pulumi.Input; /** * The ID of the subnet associated with the network interface. */ subnetId?: pulumi.Input; } interface SpotFleetInstanceRequirementsRequestArgs { /** * The minimum and maximum number of accelerators (GPUs, FPGAs, or AWS Inferentia chips) on an instance. * * To exclude accelerator-enabled instance types, set `Max` to `0` . * * Default: No minimum or maximum limits */ acceleratorCount?: pulumi.Input; /** * Indicates whether instance types must have accelerators by specific manufacturers. * * - For instance types with AWS devices, specify `amazon-web-services` . * - For instance types with AMD devices, specify `amd` . * - For instance types with Habana devices, specify `habana` . * - For instance types with NVIDIA devices, specify `nvidia` . * - For instance types with Xilinx devices, specify `xilinx` . * * Default: Any manufacturer */ acceleratorManufacturers?: pulumi.Input[]>; /** * The accelerators that must be on the instance type. * * - For instance types with NVIDIA A10G GPUs, specify `a10g` . * - For instance types with NVIDIA A100 GPUs, specify `a100` . * - For instance types with NVIDIA H100 GPUs, specify `h100` . * - For instance types with AWS Inferentia chips, specify `inferentia` . * - For instance types with AWS Inferentia2 chips, specify `inferentia2` . * - For instance types with Habana Gaudi HL-205 GPUs, specify `gaudi-hl-205` . * - For instance types with NVIDIA GRID K520 GPUs, specify `k520` . * - For instance types with NVIDIA K80 GPUs, specify `k80` . * - For instance types with NVIDIA L4 GPUs, specify `l4` . * - For instance types with NVIDIA L40S GPUs, specify `l40s` . * - For instance types with NVIDIA M60 GPUs, specify `m60` . * - For instance types with AMD Radeon Pro V520 GPUs, specify `radeon-pro-v520` . * - For instance types with AWS Trainium chips, specify `trainium` . * - For instance types with AWS Trainium2 chips, specify `trainium2` . * - For instance types with NVIDIA T4 GPUs, specify `t4` . * - For instance types with NVIDIA T4G GPUs, specify `t4g` . * - For instance types with Xilinx U30 cards, specify `u30` . * - For instance types with Xilinx VU9P FPGAs, specify `vu9p` . * - For instance types with NVIDIA V100 GPUs, specify `v100` . * * Default: Any accelerator */ acceleratorNames?: pulumi.Input[]>; /** * The minimum and maximum amount of total accelerator memory, in MiB. * * Default: No minimum or maximum limits */ acceleratorTotalMemoryMiB?: pulumi.Input; /** * The accelerator types that must be on the instance type. * * - For instance types with FPGA accelerators, specify `fpga` . * - For instance types with GPU accelerators, specify `gpu` . * - For instance types with Inference accelerators, specify `inference` . * - For instance types with Media accelerators, specify `media` . * * Default: Any accelerator type */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to apply your specified attributes against. All other instance types are ignored, even if they match your specified attributes. * * You can use strings with one or more wild cards, represented by an asterisk ( `*` ), to allow an instance type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` . * * For example, if you specify `c5*` ,Amazon EC2 will allow the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will allow all the M5a instance types, but not the M5n instance types. * * > If you specify `AllowedInstanceTypes` , you can't specify `ExcludedInstanceTypes` . * * Default: All instance types */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether bare metal instance types must be included, excluded, or required. * * - To include bare metal instance types, specify `included` . * - To require only bare metal instance types, specify `required` . * - To exclude bare metal instance types, specify `excluded` . * * Default: `excluded` */ bareMetal?: pulumi.Input; /** * The minimum and maximum baseline bandwidth to Amazon EBS, in Mbps. For more information, see [Amazon EBS–optimized instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-optimized.html) in the *Amazon EC2 User Guide* . * * Default: No minimum or maximum limits */ baselineEbsBandwidthMbps?: pulumi.Input; /** * The baseline performance to consider, using an instance family as a baseline reference. The instance family establishes the lowest acceptable level of performance. Amazon EC2 uses this baseline to guide instance type selection, but there is no guarantee that the selected instance types will always exceed the baseline for every application. Currently, this parameter only supports CPU performance as a baseline performance factor. For more information, see [Performance protection](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-fleet-attribute-based-instance-type-selection.html#ec2fleet-abis-performance-protection) in the *Amazon EC2 User Guide* . */ baselinePerformanceFactors?: pulumi.Input; /** * Indicates whether burstable performance T instance types are included, excluded, or required. For more information, see [Burstable performance instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances.html) . * * - To include burstable performance instance types, specify `included` . * - To require only burstable performance instance types, specify `required` . * - To exclude burstable performance instance types, specify `excluded` . * * Default: `excluded` */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include. * * - For instance types with Intel CPUs, specify `intel` . * - For instance types with AMD CPUs, specify `amd` . * - For instance types with AWS CPUs, specify `amazon-web-services` . * - For instance types with Apple CPUs, specify `apple` . * * > Don't confuse the CPU manufacturer with the CPU architecture. Instances will be launched with a compatible CPU architecture based on the Amazon Machine Image (AMI) that you specify in your launch template. * * Default: Any manufacturer */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude. * * You can use strings with one or more wild cards, represented by an asterisk ( `*` ), to exclude an instance family, type, size, or generation. The following are examples: `m5.8xlarge` , `c5*.*` , `m5a.*` , `r*` , `*3*` . * * For example, if you specify `c5*` ,Amazon EC2 will exclude the entire C5 instance family, which includes all C5a and C5n instance types. If you specify `m5a.*` , Amazon EC2 will exclude all the M5a instance types, but not the M5n instance types. * * > If you specify `ExcludedInstanceTypes` , you can't specify `AllowedInstanceTypes` . * * Default: No excluded instance types */ excludedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether current or previous generation instance types are included. The current generation instance types are recommended for use. Current generation instance types are typically the latest two to three generations in each instance family. For more information, see [Instance types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-types.html) in the *Amazon EC2 User Guide* . * * For current generation instance types, specify `current` . * * For previous generation instance types, specify `previous` . * * Default: Current and previous generation instance types */ instanceGenerations?: pulumi.Input[]>; /** * Indicates whether instance types with instance store volumes are included, excluded, or required. For more information, [Amazon EC2 instance store](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/InstanceStorage.html) in the *Amazon EC2 User Guide* . * * - To include instance types with instance store volumes, specify `included` . * - To require only instance types with instance store volumes, specify `required` . * - To exclude instance types with instance store volumes, specify `excluded` . * * Default: `included` */ localStorage?: pulumi.Input; /** * The type of local storage that is required. * * - For instance types with hard disk drive (HDD) storage, specify `hdd` . * - For instance types with solid state drive (SSD) storage, specify `ssd` . * * Default: `hdd` and `ssd` */ localStorageTypes?: pulumi.Input[]>; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage of an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is based on the per vCPU or per memory price instead of the per instance price. * * > Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU, in GiB. * * Default: No minimum or maximum limits */ memoryGiBPerVCpu?: pulumi.Input; /** * The minimum and maximum amount of memory, in MiB. */ memoryMiB?: pulumi.Input; /** * The minimum and maximum amount of baseline network bandwidth, in gigabits per second (Gbps). For more information, see [Amazon EC2 instance network bandwidth](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-instance-network-bandwidth.html) in the *Amazon EC2 User Guide* . * * Default: No minimum or maximum limits */ networkBandwidthGbps?: pulumi.Input; /** * The minimum and maximum number of network interfaces. * * Default: No minimum or maximum limits */ networkInterfaceCount?: pulumi.Input; /** * [Price protection] The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * To indicate no price protection threshold, specify a high value, such as `999999` . * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) . * * > If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * * Default: `20` */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Specifies whether instance types must support encrypting in-transit traffic between instances. For more information, including the supported instance types, see [Encryption in transit](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/data-protection.html#encryption-transit) in the *Amazon EC2 User Guide* . * * Default: `false` */ requireEncryptionInTransit?: pulumi.Input; /** * Indicates whether instance types must support hibernation for On-Demand Instances. * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) . * * Default: `false` */ requireHibernateSupport?: pulumi.Input; /** * [Price protection] The price protection threshold for Spot Instances, as a percentage higher than an identified Spot price. The identified Spot price is the Spot price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified Spot price is from the lowest priced current generation instance types, and failing that, from the lowest priced previous generation instance types that match your attributes. When Amazon EC2 selects instance types with your attributes, it will exclude instance types whose Spot price exceeds your specified threshold. * * The parameter accepts an integer, which Amazon EC2 interprets as a percentage. * * If you set `TargetCapacityUnitType` to `vcpu` or `memory-mib` , the price protection threshold is applied based on the per-vCPU or per-memory price instead of the per-instance price. * * This parameter is not supported for [GetSpotPlacementScores](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetSpotPlacementScores.html) and [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) . * * > Only one of `SpotMaxPricePercentageOverLowestPrice` or `MaxSpotPriceAsPercentageOfOptimalOnDemandPrice` can be specified. If you don't specify either, Amazon EC2 will automatically apply optimal price protection to consistently select from a wide range of instance types. To indicate no price protection threshold for Spot Instances, meaning you want to consider all instance types that match your attributes, include one of these parameters and specify a high value, such as `999999` . * * Default: `100` */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * The minimum and maximum amount of total local storage, in GB. * * Default: No minimum or maximum limits */ totalLocalStorageGb?: pulumi.Input; /** * The minimum and maximum number of vCPUs. */ vCpuCount?: pulumi.Input; } interface SpotFleetLaunchSpecificationArgs { /** * One or more block devices that are mapped to the Spot Instances. You can't specify both a snapshot ID and an encryption value. This is because only blank volumes can be encrypted on creation. If a snapshot is the basis for a volume, it is not blank and its encryption status is used for the volume encryption status. */ blockDeviceMappings?: pulumi.Input[]>; /** * Indicates whether the instances are optimized for EBS I/O. This optimization provides dedicated throughput to Amazon EBS and an optimized configuration stack to provide optimal EBS I/O performance. This optimization isn't available with all instance types. Additional usage charges apply when using an EBS Optimized instance. * * Default: `false` */ ebsOptimized?: pulumi.Input; /** * The IAM instance profile. */ iamInstanceProfile?: pulumi.Input; /** * The ID of the AMI. */ imageId: pulumi.Input; /** * The attributes for the instance types. When you specify instance attributes, Amazon EC2 will identify instance types with those attributes. * * > If you specify `InstanceRequirements` , you can't specify `InstanceType` . */ instanceRequirements?: pulumi.Input; /** * The instance type. */ instanceType?: pulumi.Input; /** * The ID of the kernel. */ kernelId?: pulumi.Input; /** * The name of the key pair. */ keyName?: pulumi.Input; /** * Enable or disable monitoring for the instances. */ monitoring?: pulumi.Input; /** * The network interfaces. */ networkInterfaces?: pulumi.Input[]>; /** * The placement information. */ placement?: pulumi.Input; /** * The ID of the RAM disk. Some kernels require additional drivers at launch. Check the kernel requirements for information about whether you need to specify a RAM disk. To find kernel requirements, refer to the AWS Resource Center and search for the kernel ID. */ ramdiskId?: pulumi.Input; /** * The security groups. * * If you specify a network interface, you must specify any security groups as part of the network interface instead of using this parameter. */ securityGroups?: pulumi.Input[]>; /** * The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. * * > If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter. */ spotPrice?: pulumi.Input; /** * The IDs of the subnets in which to launch the instances. To specify multiple subnets, separate them using commas; for example, "subnet-1234abcdeexample1, subnet-0987cdef6example2". * * If you specify a network interface, you must specify any subnets as part of the network interface instead of using this parameter. */ subnetId?: pulumi.Input; /** * The tags to apply during creation. */ tagSpecifications?: pulumi.Input[]>; /** * The base64-encoded user data that instances use when starting up. User data is limited to 16 KB. */ userData?: pulumi.Input; /** * The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O. * * If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1. * * > When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour. */ weightedCapacity?: pulumi.Input; } interface SpotFleetLaunchTemplateConfigArgs { /** * The launch template to use. Make sure that the launch template does not contain the `NetworkInterfaceId` parameter because you can't specify a network interface ID in a Spot Fleet. */ launchTemplateSpecification?: pulumi.Input; /** * Any parameters that you specify override the same parameters in the launch template. */ overrides?: pulumi.Input[]>; } interface SpotFleetLaunchTemplateOverridesArgs { /** * The Availability Zone in which to launch the instances. For example, `us-east-2a` . * * Either `AvailabilityZone` or `AvailabilityZoneId` must be specified in the request, but not both. */ availabilityZone?: pulumi.Input; /** * The ID of the Availability Zone in which to launch the instances. For example, `use2-az1` . * * Either `AvailabilityZone` or `AvailabilityZoneId` must be specified in the request, but not both. */ availabilityZoneId?: pulumi.Input; /** * The instance requirements. When you specify instance requirements, Amazon EC2 will identify instance types with the provided requirements, and then use your On-Demand and Spot allocation strategies to launch instances from these instance types, in the same way as when you specify a list of instance types. * * > If you specify `InstanceRequirements` , you can't specify `InstanceType` . */ instanceRequirements?: pulumi.Input; /** * The instance type. */ instanceType?: pulumi.Input; /** * The priority for the launch template override. The highest priority is launched first. * * If `OnDemandAllocationStrategy` is set to `prioritized` , Spot Fleet uses priority to determine which launch template override to use first in fulfilling On-Demand capacity. * * If the Spot `AllocationStrategy` is set to `capacityOptimizedPrioritized` , Spot Fleet uses priority on a best-effort basis to determine which launch template override to use in fulfilling Spot capacity, but optimizes for capacity first. * * Valid values are whole numbers starting at `0` . The lower the number, the higher the priority. If no number is set, the launch template override has the lowest priority. You can set the same priority for different launch template overrides. */ priority?: pulumi.Input; /** * The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. * * > If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter. */ spotPrice?: pulumi.Input; /** * The ID of the subnet in which to launch the instances. */ subnetId?: pulumi.Input; /** * The number of units provided by the specified instance type. These are the same units that you chose to set the target capacity in terms of instances, or a performance characteristic such as vCPUs, memory, or I/O. * * If the target capacity divided by this value is not a whole number, Amazon EC2 rounds the number of instances to the next whole number. If this value is not specified, the default is 1. * * > When specifying weights, the price used in the `lowestPrice` and `priceCapacityOptimized` allocation strategies is per *unit* hour (where the instance price is divided by the specified weight). However, if all the specified weights are above the requested `TargetCapacity` , resulting in only 1 instance being launched, the price used is per *instance* hour. */ weightedCapacity?: pulumi.Input; } interface SpotFleetLoadBalancersConfigArgs { /** * The Classic Load Balancers. */ classicLoadBalancersConfig?: pulumi.Input; /** * The target groups. */ targetGroupsConfig?: pulumi.Input; } interface SpotFleetMemoryGiBPerVCpuRequestArgs { /** * The maximum amount of memory per vCPU, in GiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory per vCPU, in GiB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetMemoryMiBRequestArgs { /** * The maximum amount of memory, in MiB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of memory, in MiB. To specify no minimum limit, specify `0` . */ min?: pulumi.Input; } interface SpotFleetMonitoringArgs { /** * Enables monitoring for the instance. * * Default: `false` */ enabled?: pulumi.Input; } interface SpotFleetNetworkBandwidthGbpsRequestArgs { /** * The maximum amount of network bandwidth, in Gbps. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of network bandwidth, in Gbps. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetNetworkInterfaceCountRequestArgs { /** * The maximum number of network interfaces. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of network interfaces. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetPerformanceFactorReferenceRequestArgs { /** * The instance family to use as a baseline reference. * * > Ensure that you specify the correct value for the instance family. The instance family is everything before the period ( `.` ) in the instance type name. For example, in the instance type `c6i.large` , the instance family is `c6i` , not `c6` . For more information, see [Amazon EC2 instance type naming conventions](https://docs.aws.amazon.com/ec2/latest/instancetypes/instance-type-names.html) in *Amazon EC2 Instance Types* . * * The following instance families are *not supported* for performance protection: * * - `c1` * - `g3` | `g3s` * - `hpc7g` * - `m1` | `m2` * - `mac1` | `mac2` | `mac2-m1ultra` | `mac2-m2` | `mac2-m2pro` * - `p3dn` | `p4d` | `p5` * - `t1` * - `u-12tb1` | `u-18tb1` | `u-24tb1` | `u-3tb1` | `u-6tb1` | `u-9tb1` | `u7i-12tb` | `u7in-16tb` | `u7in-24tb` | `u7in-32tb` * * If you enable performance protection by specifying a supported instance family, the returned instance types will exclude the above unsupported instance families. * * If you specify an unsupported instance family as a value for baseline performance, the API returns an empty response for [GetInstanceTypesFromInstanceRequirements](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_GetInstanceTypesFromInstanceRequirements.html) and an exception for [CreateFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateFleet.html) , [RequestSpotFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_RequestSpotFleet.html) , [ModifyFleet](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyFleet.html) , and [ModifySpotFleetRequest](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifySpotFleetRequest.html) . */ instanceFamily?: pulumi.Input; } interface SpotFleetPrivateIpAddressSpecificationArgs { /** * Indicates whether the private IPv4 address is the primary private IPv4 address. Only one IPv4 address can be designated as primary. */ primary?: pulumi.Input; /** * The private IPv4 address. */ privateIpAddress: pulumi.Input; } interface SpotFleetRequestConfigDataArgs { /** * The strategy that determines how to allocate the target Spot Instance capacity across the Spot Instance pools specified by the Spot Fleet launch configuration. For more information, see [Allocation strategies for Spot Instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-allocation-strategy.html) in the *Amazon EC2 User Guide* . * * - **priceCapacityOptimized (recommended)** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. Spot Fleet then requests Spot Instances from the lowest priced of these pools. * - **capacityOptimized** - Spot Fleet identifies the pools with the highest capacity availability for the number of instances that are launching. This means that we will request Spot Instances from the pools that we believe have the lowest chance of interruption in the near term. To give certain instance types a higher chance of launching first, use `capacityOptimizedPrioritized` . Set a priority for each instance type by using the `Priority` parameter for `LaunchTemplateOverrides` . You can assign the same priority to different `LaunchTemplateOverrides` . EC2 implements the priorities on a best-effort basis, but optimizes for capacity first. `capacityOptimizedPrioritized` is supported only if your Spot Fleet uses a launch template. Note that if the `OnDemandAllocationStrategy` is set to `prioritized` , the same priority is applied when fulfilling On-Demand capacity. * - **diversified** - Spot Fleet requests instances from all of the Spot Instance pools that you specify. * - **lowestPrice (not recommended)** - > We don't recommend the `lowestPrice` allocation strategy because it has the highest risk of interruption for your Spot Instances. * * Spot Fleet requests instances from the lowest priced Spot Instance pool that has available capacity. If the lowest priced pool doesn't have available capacity, the Spot Instances come from the next lowest priced pool that has available capacity. If a pool runs out of capacity before fulfilling your desired capacity, Spot Fleet will continue to fulfill your request by drawing from the next lowest priced pool. To ensure that your desired capacity is met, you might receive Spot Instances from several pools. Because this strategy only considers instance price and not capacity availability, it might lead to high interruption rates. * * Default: `lowestPrice` */ allocationStrategy?: pulumi.Input; /** * Reserved. */ context?: pulumi.Input; /** * Indicates whether running Spot Instances should be terminated if you decrease the target capacity of the Spot Fleet request below the current size of the Spot Fleet. * * Supported only for fleets of type `maintain` . */ excessCapacityTerminationPolicy?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role that grants the Spot Fleet the permission to request, launch, terminate, and tag instances on your behalf. For more information, see [Spot Fleet Prerequisites](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-requests.html#spot-fleet-prerequisites) in the *Amazon EC2 User Guide* . Spot Fleet can terminate Spot Instances on your behalf when you cancel its Spot Fleet request or when the Spot Fleet request expires, if you set `TerminateInstancesWithExpiration` . */ iamFleetRole: pulumi.Input; /** * The behavior when a Spot Instance is interrupted. The default is `terminate` . */ instanceInterruptionBehavior?: pulumi.Input; /** * The number of Spot pools across which to allocate your target Spot capacity. Valid only when Spot *AllocationStrategy* is set to `lowest-price` . Spot Fleet selects the cheapest Spot pools and evenly allocates your target Spot capacity across the number of Spot pools that you specify. * * Note that Spot Fleet attempts to draw Spot Instances from the number of pools that you specify on a best effort basis. If a pool runs out of Spot capacity before fulfilling your target capacity, Spot Fleet will continue to fulfill your request by drawing from the next cheapest pool. To ensure that your target capacity is met, you might receive Spot Instances from more than the number of pools that you specified. Similarly, if most of the pools have no Spot capacity, you might receive your full target capacity from fewer than the number of pools that you specified. */ instancePoolsToUseCount?: pulumi.Input; /** * The launch specifications for the Spot Fleet request. If you specify `LaunchSpecifications` , you can't specify `LaunchTemplateConfigs` . */ launchSpecifications?: pulumi.Input[]>; /** * The launch template and overrides. If you specify `LaunchTemplateConfigs` , you can't specify `LaunchSpecifications` . */ launchTemplateConfigs?: pulumi.Input[]>; /** * One or more Classic Load Balancers and target groups to attach to the Spot Fleet request. Spot Fleet registers the running Spot Instances with the specified Classic Load Balancers and target groups. * * With Network Load Balancers, Spot Fleet cannot register instances that have the following instance types: C1, CC1, CC2, CG1, CG2, CR1, CS1, G1, G2, HI1, HS1, M1, M2, M3, and T1. */ loadBalancersConfig?: pulumi.Input; /** * The order of the launch template overrides to use in fulfilling On-Demand capacity. If you specify `lowestPrice` , Spot Fleet uses price to determine the order, launching the lowest price first. If you specify `prioritized` , Spot Fleet uses the priority that you assign to each Spot Fleet launch template override, launching the highest priority first. If you do not specify a value, Spot Fleet defaults to `lowestPrice` . */ onDemandAllocationStrategy?: pulumi.Input; /** * The maximum amount per hour for On-Demand Instances that you're willing to pay. You can use the `onDemandMaxTotalPrice` parameter, the `spotMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity. * * > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `onDemandMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `onDemandMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* . */ onDemandMaxTotalPrice?: pulumi.Input; /** * The number of On-Demand units to request. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later. */ onDemandTargetCapacity?: pulumi.Input; /** * Indicates whether Spot Fleet should replace unhealthy instances. */ replaceUnhealthyInstances?: pulumi.Input; /** * The strategies for managing your Spot Instances that are at an elevated risk of being interrupted. */ spotMaintenanceStrategies?: pulumi.Input; /** * The maximum amount per hour for Spot Instances that you're willing to pay. You can use the `spotMaxTotalPrice` parameter, the `onDemandMaxTotalPrice` parameter, or both parameters to ensure that your fleet cost does not exceed your budget. If you set a maximum price per hour for the On-Demand Instances and Spot Instances in your request, Spot Fleet will launch instances until it reaches the maximum amount you're willing to pay. When the maximum amount you're willing to pay is reached, the fleet stops launching instances even if it hasn’t met the target capacity. * * > If your fleet includes T instances that are configured as `unlimited` , and if their average CPU usage exceeds the baseline utilization, you will incur a charge for surplus credits. The `spotMaxTotalPrice` does not account for surplus credits, and, if you use surplus credits, your final cost might be higher than what you specified for `spotMaxTotalPrice` . For more information, see [Surplus credits can incur charges](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/burstable-performance-instances-unlimited-mode-concepts.html#unlimited-mode-surplus-credits) in the *Amazon EC2 User Guide* . */ spotMaxTotalPrice?: pulumi.Input; /** * The maximum price per unit hour that you are willing to pay for a Spot Instance. We do not recommend using this parameter because it can lead to increased interruptions. If you do not specify this parameter, you will pay the current Spot price. * * > If you specify a maximum price, your instances will be interrupted more frequently than if you do not specify this parameter. */ spotPrice?: pulumi.Input; /** * The key-value pair for tagging the Spot Fleet request on creation. The value for `ResourceType` must be `spot-fleet-request` , otherwise the Spot Fleet request fails. To tag instances at launch, specify the tags in the [launch template](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html#create-launch-template) (valid only if you use `LaunchTemplateConfigs` ) or in the `[SpotFleetTagSpecification](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetTagSpecification.html)` (valid only if you use `LaunchSpecifications` ). For information about tagging after launch, see [Tag your resources](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/Using_Tags.html#tag-resources) . */ tagSpecifications?: pulumi.Input[]>; /** * The number of units to request for the Spot Fleet. You can choose to set the target capacity in terms of instances or a performance characteristic that is important to your application workload, such as vCPUs, memory, or I/O. If the request type is `maintain` , you can specify a target capacity of 0 and add capacity later. */ targetCapacity: pulumi.Input; /** * The unit for the target capacity. You can specify this parameter only when using attribute-based instance type selection. * * Default: `units` (the number of instances) */ targetCapacityUnitType?: pulumi.Input; /** * Indicates whether running Spot Instances are terminated when the Spot Fleet request expires. */ terminateInstancesWithExpiration?: pulumi.Input; /** * The type of request. Indicates whether the Spot Fleet only requests the target capacity or also attempts to maintain it. When this value is `request` , the Spot Fleet only places the required requests. It does not attempt to replenish Spot Instances if capacity is diminished, nor does it submit requests in alternative Spot pools if capacity is not available. When this value is `maintain` , the Spot Fleet maintains the target capacity. The Spot Fleet places the required requests to meet capacity and automatically replenishes any interrupted instances. Default: `maintain` . `instant` is listed but is not used by Spot Fleet. */ type?: pulumi.Input; /** * The start date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). By default, Amazon EC2 starts fulfilling the request immediately. */ validFrom?: pulumi.Input; /** * The end date and time of the request, in UTC format ( *YYYY* - *MM* - *DD* T *HH* : *MM* : *SS* Z). After the end date and time, no new Spot Instance requests are placed or able to fulfill the request. If no value is specified, the Spot Fleet request remains until you cancel it. */ validUntil?: pulumi.Input; } interface SpotFleetSpotCapacityRebalanceArgs { /** * The replacement strategy to use. Only available for fleets of type `maintain` . * * `launch` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet. Spot Fleet does not terminate the instances that receive a rebalance notification. You can terminate the old instances, or you can leave them running. You are charged for all instances while they are running. * * `launch-before-terminate` - Spot Fleet launches a new replacement Spot Instance when a rebalance notification is emitted for an existing Spot Instance in the fleet, and then, after a delay that you specify (in `TerminationDelay` ), terminates the instances that received a rebalance notification. */ replacementStrategy?: pulumi.Input; /** * The amount of time (in seconds) that Amazon EC2 waits before terminating the old Spot Instance after launching a new replacement Spot Instance. * * Required when `ReplacementStrategy` is set to `launch-before-terminate` . * * Not valid when `ReplacementStrategy` is set to `launch` . * * Valid values: Minimum value of `120` seconds. Maximum value of `7200` seconds. */ terminationDelay?: pulumi.Input; } interface SpotFleetSpotMaintenanceStrategiesArgs { /** * The Spot Instance replacement strategy to use when Amazon EC2 emits a signal that your Spot Instance is at an elevated risk of being interrupted. For more information, see [Capacity rebalancing](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/spot-fleet-capacity-rebalance.html) in the *Amazon EC2 User Guide* . */ capacityRebalance?: pulumi.Input; } interface SpotFleetSpotPlacementArgs { /** * The Availability Zone. * * To specify multiple Availability Zones, separate them using commas; for example, "us-west-2a, us-west-2b". */ availabilityZone?: pulumi.Input; /** * The ID of the Availability Zone. For example, `use2-az1` . * * [Spot Fleet only] To specify multiple Availability Zones, separate them using commas; for example, " `use2-az1` , `use2-bz1` ". * * Either `AvailabilityZone` or `AvailabilityZoneId` must be specified in the request, but not both. */ availabilityZoneId?: pulumi.Input; /** * The name of the placement group. */ groupName?: pulumi.Input; /** * The tenancy of the instance (if the instance is running in a VPC). An instance with a tenancy of `dedicated` runs on single-tenant hardware. The `host` tenancy is not supported for Spot Instances. */ tenancy?: pulumi.Input; } interface SpotFleetTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } interface SpotFleetTagSpecificationArgs { /** * The type of resource. Currently, the only resource type that is supported is `instance` . To tag the Spot Fleet request on creation, use the `TagSpecifications` parameter in `[SpotFleetRequestConfigData](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_SpotFleetRequestConfigData.html)` . */ resourceType?: pulumi.Input; /** * The tags. */ tags?: pulumi.Input[]>; } interface SpotFleetTargetGroupArgs { /** * The Amazon Resource Name (ARN) of the target group. */ arn: pulumi.Input; } interface SpotFleetTargetGroupsConfigArgs { /** * One or more target groups. */ targetGroups: pulumi.Input[]>; } interface SpotFleetTotalLocalStorageGbRequestArgs { /** * The maximum amount of total local storage, in GB. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum amount of total local storage, in GB. To specify no minimum limit, omit this parameter. */ min?: pulumi.Input; } interface SpotFleetVCpuCountRangeRequestArgs { /** * The maximum number of vCPUs. To specify no maximum limit, omit this parameter. */ max?: pulumi.Input; /** * The minimum number of vCPUs. To specify no minimum limit, specify `0` . */ min?: pulumi.Input; } /** * The configuration options for customer provided KMS encryption. */ interface SseSpecificationPropertiesArgs { /** * Whether to encrypt the policy with the provided key or disable encryption */ customerManagedKeyEnabled?: pulumi.Input; /** * KMS Key Arn used to encrypt the group policy */ kmsKeyArn?: pulumi.Input; } /** * Specifies the tags to apply to resources that are created during instance launch. * ``TagSpecification`` is a property type of [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications). [TagSpecifications](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html#cfn-ec2-launchtemplate-launchtemplatedata-tagspecifications) is a property of [AWS::EC2::LaunchTemplate LaunchTemplateData](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ec2-launchtemplate-launchtemplatedata.html). */ interface TagSpecificationArgs { /** * The type of resource to tag. You can specify tags for the following resource types only: ``instance`` | ``volume`` | ``network-interface`` | ``spot-instances-request``. If the instance does not include the resource type that you specify, the instance launch fails. For example, not all instance types include a volume. * To tag a resource after it has been created, see [CreateTags](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateTags.html). */ resourceType?: pulumi.Input; /** * The tags to apply to the resource. */ tags?: pulumi.Input[]>; } interface TrafficMirrorFilterRuleTrafficMirrorPortRangeArgs { /** * The first port in the Traffic Mirror port range. */ fromPort: pulumi.Input; /** * The last port in the Traffic Mirror port range. */ toPort: pulumi.Input; } interface TransitGatewayConnectOptionsArgs { /** * The tunnel protocol. */ protocol?: pulumi.Input; } interface TransitGatewayConnectPeerConfigurationArgs { /** * The BGP configuration details. */ bgpConfigurations?: pulumi.Input[]>; /** * The range of interior BGP peer IP addresses. */ insideCidrBlocks: pulumi.Input[]>; /** * The peer IP address (GRE outer IP address) on the appliance side of the Connect peer. */ peerAddress: pulumi.Input; /** * The tunnel protocol. */ protocol?: pulumi.Input; /** * The Connect peer IP address on the transit gateway side of the tunnel. */ transitGatewayAddress?: pulumi.Input; } interface TransitGatewayConnectPeerTransitGatewayAttachmentBgpConfigurationArgs { /** * The BGP status. */ bgpStatus?: pulumi.Input; /** * The interior BGP peer IP address for the appliance. */ peerAddress?: pulumi.Input; /** * The peer Autonomous System Number (ASN). */ peerAsn?: pulumi.Input; /** * The interior BGP peer IP address for the transit gateway. */ transitGatewayAddress?: pulumi.Input; /** * The transit gateway Autonomous System Number (ASN). */ transitGatewayAsn?: pulumi.Input; } /** * The options for cidr type endpoint. */ interface VerifiedAccessEndpointCidrOptionsArgs { /** * The IP address range, in CIDR notation. */ cidr?: pulumi.Input; /** * The list of port range. */ portRanges?: pulumi.Input[]>; /** * The IP protocol. */ protocol?: pulumi.Input; /** * The IDs of the subnets. */ subnetIds?: pulumi.Input[]>; } /** * The load balancer details if creating the AWS Verified Access endpoint as load-balancertype. */ interface VerifiedAccessEndpointLoadBalancerOptionsArgs { /** * The ARN of the load balancer. */ loadBalancerArn?: pulumi.Input; /** * The IP port number. */ port?: pulumi.Input; /** * The list of port range. */ portRanges?: pulumi.Input[]>; /** * The IP protocol. */ protocol?: pulumi.Input; /** * The IDs of the subnets. */ subnetIds?: pulumi.Input[]>; } /** * The options for network-interface type endpoint. */ interface VerifiedAccessEndpointNetworkInterfaceOptionsArgs { /** * The ID of the network interface. */ networkInterfaceId?: pulumi.Input; /** * The IP port number. */ port?: pulumi.Input; /** * The list of port ranges. */ portRanges?: pulumi.Input[]>; /** * The IP protocol. */ protocol?: pulumi.Input; } /** * The IP port range. */ interface VerifiedAccessEndpointPortRangeArgs { /** * The first port in the range. */ fromPort?: pulumi.Input; /** * The last port in the range. */ toPort?: pulumi.Input; } /** * The options for rds type endpoint. */ interface VerifiedAccessEndpointRdsOptionsArgs { /** * The IP port number. */ port?: pulumi.Input; /** * The IP protocol. */ protocol?: pulumi.Input; /** * The ARN of the RDS DB cluster. */ rdsDbClusterArn?: pulumi.Input; /** * The ARN of the RDS DB instance. */ rdsDbInstanceArn?: pulumi.Input; /** * The ARN of the RDS DB proxy. */ rdsDbProxyArn?: pulumi.Input; /** * The RDS endpoint. */ rdsEndpoint?: pulumi.Input; /** * The IDs of the subnets. */ subnetIds?: pulumi.Input[]>; } /** * The configuration options for customer provided KMS encryption. */ interface VerifiedAccessEndpointSseSpecificationArgs { /** * Whether to encrypt the policy with the provided key or disable encryption */ customerManagedKeyEnabled?: pulumi.Input; /** * KMS Key Arn used to encrypt the group policy */ kmsKeyArn?: pulumi.Input; } /** * The configuration options for customer provided KMS encryption. */ interface VerifiedAccessGroupSseSpecificationArgs { /** * Whether to encrypt the policy with the provided key or disable encryption */ customerManagedKeyEnabled?: pulumi.Input; /** * KMS Key Arn used to encrypt the group policy */ kmsKeyArn?: pulumi.Input; } /** * The configuration options for AWS Verified Access instances. */ interface VerifiedAccessInstanceVerifiedAccessLogsArgs { /** * Sends Verified Access logs to CloudWatch Logs. */ cloudWatchLogs?: pulumi.Input; /** * Include claims from trust providers in Verified Access logs. */ includeTrustContext?: pulumi.Input; /** * Sends Verified Access logs to Kinesis. */ kinesisDataFirehose?: pulumi.Input; /** * Select log version for Verified Access logs. */ logVersion?: pulumi.Input; /** * Sends Verified Access logs to Amazon S3. */ s3?: pulumi.Input; } /** * Sends Verified Access logs to CloudWatch Logs. */ interface VerifiedAccessInstanceVerifiedAccessLogsCloudWatchLogsPropertiesArgs { /** * Indicates whether logging is enabled. */ enabled?: pulumi.Input; /** * The ID of the CloudWatch Logs log group. */ logGroup?: pulumi.Input; } /** * Sends Verified Access logs to Kinesis. */ interface VerifiedAccessInstanceVerifiedAccessLogsKinesisDataFirehosePropertiesArgs { /** * The ID of the delivery stream. */ deliveryStream?: pulumi.Input; /** * Indicates whether logging is enabled. */ enabled?: pulumi.Input; } /** * Sends Verified Access logs to Amazon S3. */ interface VerifiedAccessInstanceVerifiedAccessLogsS3PropertiesArgs { /** * The bucket name. */ bucketName?: pulumi.Input; /** * The ID of the AWS account that owns the Amazon S3 bucket. */ bucketOwner?: pulumi.Input; /** * Indicates whether logging is enabled. */ enabled?: pulumi.Input; /** * The bucket prefix. */ prefix?: pulumi.Input; } /** * A Verified Access Trust Provider. */ interface VerifiedAccessInstanceVerifiedAccessTrustProviderArgs { /** * The description of trust provider. */ description?: pulumi.Input; /** * The type of device-based trust provider. */ deviceTrustProviderType?: pulumi.Input; /** * The type of trust provider (user- or device-based). */ trustProviderType?: pulumi.Input; /** * The type of user-based trust provider. */ userTrustProviderType?: pulumi.Input; /** * The ID of the trust provider. */ verifiedAccessTrustProviderId?: pulumi.Input; } /** * The options for device identity based trust providers. */ interface VerifiedAccessTrustProviderDeviceOptionsArgs { /** * URL Verified Access will use to verify authenticity of the device tokens. */ publicSigningKeyUrl?: pulumi.Input; /** * The ID of the tenant application with the device-identity provider. */ tenantId?: pulumi.Input; } /** * The OpenID Connect details for an oidc -type, user-identity based trust provider for L4. */ interface VerifiedAccessTrustProviderNativeApplicationOidcOptionsArgs { /** * The OIDC authorization endpoint. */ authorizationEndpoint?: pulumi.Input; /** * The client identifier. */ clientId?: pulumi.Input; /** * The client secret. */ clientSecret?: pulumi.Input; /** * The OIDC issuer. */ issuer?: pulumi.Input; /** * The public signing key for endpoint */ publicSigningKeyEndpoint?: pulumi.Input; /** * OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes. */ scope?: pulumi.Input; /** * The OIDC token endpoint. */ tokenEndpoint?: pulumi.Input; /** * The OIDC user info endpoint. */ userInfoEndpoint?: pulumi.Input; } /** * The OpenID Connect details for an oidc -type, user-identity based trust provider. */ interface VerifiedAccessTrustProviderOidcOptionsArgs { /** * The OIDC authorization endpoint. */ authorizationEndpoint?: pulumi.Input; /** * The client identifier. */ clientId?: pulumi.Input; /** * The client secret. */ clientSecret?: pulumi.Input; /** * The OIDC issuer. */ issuer?: pulumi.Input; /** * OpenID Connect (OIDC) scopes are used by an application during authentication to authorize access to details of a user. Each scope returns a specific set of user attributes. */ scope?: pulumi.Input; /** * The OIDC token endpoint. */ tokenEndpoint?: pulumi.Input; /** * The OIDC user info endpoint. */ userInfoEndpoint?: pulumi.Input; } /** * Describes the DNS options for an endpoint. */ interface VpcEndpointDnsOptionsSpecificationArgs { /** * The DNS records created for the endpoint. */ dnsRecordIpType?: pulumi.Input; /** * Indicates whether to enable private DNS only for inbound endpoints. This option is available only for services that support both gateway and interface endpoints. It routes traffic that originates from the VPC to the gateway endpoint and traffic that originates from on-premises to the interface endpoint. */ privateDnsOnlyForInboundResolverEndpoint?: pulumi.Input; /** * The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource. */ privateDnsPreference?: pulumi.Input; /** * Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is ``VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS`` or ``SPECIFIED_DOMAINS_ONLY``. */ privateDnsSpecifiedDomains?: pulumi.Input[]>; } /** * Options for sending VPN tunnel logs to CloudWatch. */ interface VpnConnectionCloudwatchLogOptionsSpecificationArgs { /** * Specifies whether to enable BGP logging for the VPN connection. Default value is ``False``. * Valid values: ``True`` | ``False`` */ bgpLogEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the CloudWatch log group where BGP logs will be sent. */ bgpLogGroupArn?: pulumi.Input; /** * The desired output format for BGP logs to be sent to CloudWatch. Default format is ``json``. * Valid values: ``json`` | ``text`` */ bgpLogOutputFormat?: pulumi.Input; /** * Enable or disable VPN tunnel logging feature. Default value is ``False``. * Valid values: ``True`` | ``False`` */ logEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the CloudWatch log group to send logs to. */ logGroupArn?: pulumi.Input; /** * Set log format. Default format is ``json``. * Valid values: ``json`` | ``text`` */ logOutputFormat?: pulumi.Input; } /** * The IKE version that is permitted for the VPN tunnel. */ interface VpnConnectionIkeVersionsRequestListValueArgs { /** * The IKE version. */ value?: pulumi.Input; } /** * Specifies the encryption algorithm for the VPN tunnel for phase 1 IKE negotiations. */ interface VpnConnectionPhase1EncryptionAlgorithmsRequestListValueArgs { /** * The value for the encryption algorithm. */ value?: pulumi.Input; } /** * Specifies the integrity algorithm for the VPN tunnel for phase 1 IKE negotiations. */ interface VpnConnectionPhase1IntegrityAlgorithmsRequestListValueArgs { /** * The value for the integrity algorithm. */ value?: pulumi.Input; } /** * Specifies a Diffie-Hellman group number for the VPN tunnel for phase 1 IKE negotiations. */ interface VpnConnectionPhase1dhGroupNumbersRequestListValueArgs { /** * The Diffie-Hellmann group number. */ value?: pulumi.Input; } /** * Specifies the encryption algorithm for the VPN tunnel for phase 2 IKE negotiations. */ interface VpnConnectionPhase2EncryptionAlgorithmsRequestListValueArgs { /** * The encryption algorithm. */ value?: pulumi.Input; } /** * Specifies the integrity algorithm for the VPN tunnel for phase 2 IKE negotiations. */ interface VpnConnectionPhase2IntegrityAlgorithmsRequestListValueArgs { /** * The integrity algorithm. */ value?: pulumi.Input; } /** * Specifies a Diffie-Hellman group number for the VPN tunnel for phase 2 IKE negotiations. */ interface VpnConnectionPhase2dhGroupNumbersRequestListValueArgs { /** * The Diffie-Hellmann group number. */ value?: pulumi.Input; } /** * Options for logging VPN tunnel activity. */ interface VpnConnectionVpnTunnelLogOptionsSpecificationArgs { /** * Options for sending VPN tunnel logs to CloudWatch. */ cloudwatchLogOptions?: pulumi.Input; } /** * The tunnel options for a single VPN tunnel. */ interface VpnConnectionVpnTunnelOptionsSpecificationArgs { /** * The action to take after DPD timeout occurs. Specify ``restart`` to restart the IKE initiation. Specify ``clear`` to end the IKE session. * Valid Values: ``clear`` | ``none`` | ``restart`` * Default: ``clear`` */ dpdTimeoutAction?: pulumi.Input; /** * The number of seconds after which a DPD timeout occurs. * Constraints: A value greater than or equal to 30. * Default: ``30`` */ dpdTimeoutSeconds?: pulumi.Input; /** * Turn on or off tunnel endpoint lifecycle control feature. */ enableTunnelLifecycleControl?: pulumi.Input; /** * The IKE versions that are permitted for the VPN tunnel. * Valid values: ``ikev1`` | ``ikev2`` */ ikeVersions?: pulumi.Input[]>; /** * Options for logging VPN tunnel activity. */ logOptions?: pulumi.Input; /** * One or more encryption algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations. * Valid values: ``AES128`` | ``AES256`` | ``AES128-GCM-16`` | ``AES256-GCM-16`` */ phase1EncryptionAlgorithms?: pulumi.Input[]>; /** * One or more integrity algorithms that are permitted for the VPN tunnel for phase 1 IKE negotiations. * Valid values: ``SHA1`` | ``SHA2-256`` | ``SHA2-384`` | ``SHA2-512`` */ phase1IntegrityAlgorithms?: pulumi.Input[]>; /** * The lifetime for phase 1 of the IKE negotiation, in seconds. * Constraints: A value between 900 and 28,800. * Default: ``28800`` */ phase1LifetimeSeconds?: pulumi.Input; /** * One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 1 IKE negotiations. * Valid values: ``2`` | ``14`` | ``15`` | ``16`` | ``17`` | ``18`` | ``19`` | ``20`` | ``21`` | ``22`` | ``23`` | ``24`` */ phase1dhGroupNumbers?: pulumi.Input[]>; /** * One or more encryption algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations. * Valid values: ``AES128`` | ``AES256`` | ``AES128-GCM-16`` | ``AES256-GCM-16`` */ phase2EncryptionAlgorithms?: pulumi.Input[]>; /** * One or more integrity algorithms that are permitted for the VPN tunnel for phase 2 IKE negotiations. * Valid values: ``SHA1`` | ``SHA2-256`` | ``SHA2-384`` | ``SHA2-512`` */ phase2IntegrityAlgorithms?: pulumi.Input[]>; /** * The lifetime for phase 2 of the IKE negotiation, in seconds. * Constraints: A value between 900 and 3,600. The value must be less than the value for ``Phase1LifetimeSeconds``. * Default: ``3600`` */ phase2LifetimeSeconds?: pulumi.Input; /** * One or more Diffie-Hellman group numbers that are permitted for the VPN tunnel for phase 2 IKE negotiations. * Valid values: ``2`` | ``5`` | ``14`` | ``15`` | ``16`` | ``17`` | ``18`` | ``19`` | ``20`` | ``21`` | ``22`` | ``23`` | ``24`` */ phase2dhGroupNumbers?: pulumi.Input[]>; /** * The pre-shared key (PSK) to establish initial authentication between the virtual private gateway and customer gateway. * Constraints: Allowed characters are alphanumeric characters, periods (.), and underscores (_). Must be between 8 and 64 characters in length and cannot start with zero (0). */ preSharedKey?: pulumi.Input; /** * The percentage of the rekey window (determined by ``RekeyMarginTimeSeconds``) during which the rekey time is randomly selected. * Constraints: A value between 0 and 100. * Default: ``100`` */ rekeyFuzzPercentage?: pulumi.Input; /** * The margin time, in seconds, before the phase 2 lifetime expires, during which the AWS side of the VPN connection performs an IKE rekey. The exact time of the rekey is randomly selected based on the value for ``RekeyFuzzPercentage``. * Constraints: A value between 60 and half of ``Phase2LifetimeSeconds``. * Default: ``270`` */ rekeyMarginTimeSeconds?: pulumi.Input; /** * The number of packets in an IKE replay window. * Constraints: A value between 64 and 2048. * Default: ``1024`` */ replayWindowSize?: pulumi.Input; /** * The action to take when the establishing the tunnel for the VPN connection. By default, your customer gateway device must initiate the IKE negotiation and bring up the tunnel. Specify ``start`` for AWS to initiate the IKE negotiation. * Valid Values: ``add`` | ``start`` * Default: ``add`` */ startupAction?: pulumi.Input; /** * The range of inside IP addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same virtual private gateway. * Constraints: A size /30 CIDR block from the ``169.254.0.0/16`` range. The following CIDR blocks are reserved and cannot be used: * + ``169.254.0.0/30`` * + ``169.254.1.0/30`` * + ``169.254.2.0/30`` * + ``169.254.3.0/30`` * + ``169.254.4.0/30`` * + ``169.254.5.0/30`` * + ``169.254.169.252/30`` */ tunnelInsideCidr?: pulumi.Input; /** * The range of inside IPv6 addresses for the tunnel. Any specified CIDR blocks must be unique across all VPN connections that use the same transit gateway. * Constraints: A size /126 CIDR block from the local ``fd00::/8`` range. */ tunnelInsideIpv6Cidr?: pulumi.Input; } } export declare namespace ecr { /** * The filter settings used with image replication. Specifying a repository filter to a replication rule provides a method for controlling which repositories in a private registry are replicated. If no filters are added, the contents of all repositories are replicated. */ interface RegistryScanningConfigurationRepositoryFilterArgs { /** * The filter to use when scanning. */ filter: pulumi.Input; /** * The type associated with the filter. */ filterType: pulumi.Input; } /** * The scanning rules associated with the registry. */ interface RegistryScanningConfigurationScanningRuleArgs { /** * The details of a scanning repository filter. For more information on how to use filters, see [Using filters](https://docs.aws.amazon.com/AmazonECR/latest/userguide/image-scanning.html#image-scanning-filters) in the *Amazon Elastic Container Registry User Guide*. */ repositoryFilters: pulumi.Input[]>; /** * The frequency that scans are performed at for a private registry. When the ``ENHANCED`` scan type is specified, the supported scan frequencies are ``CONTINUOUS_SCAN`` and ``SCAN_ON_PUSH``. When the ``BASIC`` scan type is specified, the ``SCAN_ON_PUSH`` scan frequency is supported. If scan on push is not specified, then the ``MANUAL`` scan frequency is set by default. */ scanFrequency: pulumi.Input; } /** * The replication configuration for a registry. */ interface ReplicationConfigurationArgs { /** * An array of objects representing the replication destinations and repository filters for a replication configuration. */ rules: pulumi.Input[]>; } /** * An array of objects representing the destination for a replication rule. */ interface ReplicationConfigurationReplicationDestinationArgs { /** * The Region to replicate to. */ region: pulumi.Input; /** * The AWS account ID of the Amazon ECR private registry to replicate to. When configuring cross-Region replication within your own registry, specify your own account ID. */ registryId: pulumi.Input; } /** * An array of objects representing the replication destinations and repository filters for a replication configuration. */ interface ReplicationConfigurationReplicationRuleArgs { /** * An array of objects representing the destination for a replication rule. */ destinations: pulumi.Input[]>; /** * An array of objects representing the filters for a replication rule. Specifying a repository filter for a replication rule provides a method for controlling which repositories in a private registry are replicated. */ repositoryFilters?: pulumi.Input[]>; } /** * The filter settings used with image replication. Specifying a repository filter to a replication rule provides a method for controlling which repositories in a private registry are replicated. If no filters are added, the contents of all repositories are replicated. */ interface ReplicationConfigurationRepositoryFilterArgs { /** * The repository filter details. When the ``PREFIX_MATCH`` filter type is specified, this value is required and should be the repository name prefix to configure replication for. */ filter: pulumi.Input; /** * The repository filter type. The only supported value is ``PREFIX_MATCH``, which is a repository name prefix specified with the ``filter`` parameter. */ filterType: pulumi.Input; } /** * The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest. * By default, when no encryption configuration is set or the ``AES256`` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES256 encryption algorithm. This does not require any action on your part. * For more control over the encryption of the contents of your repository, you can use server-side encryption with KMSlong key stored in KMSlong (KMS) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide*. */ interface RepositoryCreationTemplateEncryptionConfigurationArgs { /** * The encryption type to use. * If you use the ``KMS`` encryption type, the contents of the repository will be encrypted using server-side encryption with KMSlong key stored in KMS. When you use KMS to encrypt your data, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you already created. * If you use the ``KMS_DSSE`` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the KMS Management Service key stored in KMS. Similar to the ``KMS`` encryption type, you can either use the default AWS managed KMS key for Amazon ECR, or specify your own KMS key, which you've already created. * If you use the ``AES256`` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. * For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide*. */ encryptionType: pulumi.Input; /** * If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used. */ kmsKey?: pulumi.Input; } /** * A filter that specifies which image tags should be excluded from the repository's image tag mutability setting. */ interface RepositoryCreationTemplateImageTagMutabilityExclusionFilterArgs { imageTagMutabilityExclusionFilterType: pulumi.Input; imageTagMutabilityExclusionFilterValue: pulumi.Input; } /** * The metadata to apply to a resource to help you categorize and organize them. Each tag consists of a key and a value, both of which you define. Tag keys can have a maximum character length of 128 characters, and tag values can have a maximum length of 256 characters. */ interface RepositoryCreationTemplateTagArgs { /** * One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values. */ key: pulumi.Input; /** * A ``value`` acts as a descriptor within a tag category (key). */ value: pulumi.Input; } /** * The encryption configuration for the repository. This determines how the contents of your repository are encrypted at rest. * By default, when no encryption configuration is set or the ``AES256`` encryption type is used, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts your data at rest using an AES256 encryption algorithm. This does not require any action on your part. * For more control over the encryption of the contents of your repository, you can use server-side encryption with KMSlong key stored in KMSlong (KMS) to encrypt your images. For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide*. */ interface RepositoryEncryptionConfigurationArgs { /** * The encryption type to use. * * If you use the `KMS` encryption type, the contents of the repository will be encrypted using server-side encryption with AWS Key Management Service key stored in AWS . When you use AWS to encrypt your data, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you already created. * * If you use the `KMS_DSSE` encryption type, the contents of the repository will be encrypted with two layers of encryption using server-side encryption with the AWS Management Service key stored in AWS . Similar to the `KMS` encryption type, you can either use the default AWS managed AWS key for Amazon ECR, or specify your own AWS key, which you've already created. * * If you use the `AES256` encryption type, Amazon ECR uses server-side encryption with Amazon S3-managed encryption keys which encrypts the images in the repository using an AES256 encryption algorithm. * * For more information, see [Amazon ECR encryption at rest](https://docs.aws.amazon.com/AmazonECR/latest/userguide/encryption-at-rest.html) in the *Amazon Elastic Container Registry User Guide* . */ encryptionType: pulumi.Input; /** * If you use the ``KMS`` encryption type, specify the KMS key to use for encryption. The alias, key ID, or full ARN of the KMS key can be specified. The key must exist in the same Region as the repository. If no key is specified, the default AWS managed KMS key for Amazon ECR will be used. */ kmsKey?: pulumi.Input; } /** * The image scanning configuration for a repository. */ interface RepositoryImageScanningConfigurationArgs { /** * The setting that determines whether images are scanned after being pushed to a repository. If set to ``true``, images will be scanned after being pushed. If this parameter is not specified, it will default to ``false`` and images will not be scanned unless a scan is manually started. */ scanOnPush?: pulumi.Input; } /** * A filter that specifies which image tags should be excluded from the repository's image tag mutability setting. */ interface RepositoryImageTagMutabilityExclusionFilterArgs { imageTagMutabilityExclusionFilterType: pulumi.Input; imageTagMutabilityExclusionFilterValue: pulumi.Input; } /** * The ``LifecyclePolicy`` property type specifies a lifecycle policy. For information about lifecycle policy syntax, see [Lifecycle policy template](https://docs.aws.amazon.com/AmazonECR/latest/userguide/LifecyclePolicies.html) in the *Amazon ECR User Guide*. */ interface RepositoryLifecyclePolicyArgs { /** * The JSON repository policy text to apply to the repository. */ lifecyclePolicyText?: pulumi.Input; /** * The AWS account ID associated with the registry that contains the repository. If you do * not specify a registry, the default registry is assumed. */ registryId?: pulumi.Input; } /** * An array of objects representing the details of a repository filter. */ interface SigningConfigurationRepositoryFilterArgs { /** * The filter value used to match repository names. When using `WILDCARD_MATCH` , the `*` character matches any sequence of characters. * * Examples: * * - `myapp/*` - Matches all repositories starting with `myapp/` * - `*/production` - Matches all repositories ending with `/production` * - `*prod*` - Matches all repositories containing `prod` */ filter: pulumi.Input; /** * The type of filter to apply. Currently, only `WILDCARD_MATCH` is supported, which uses wildcard patterns to match repository names. */ filterType: pulumi.Input; } interface SigningConfigurationRuleArgs { /** * Optional array of repository filters. If omitted, the rule matches all repositories. If provided, must contain at least one filter. Empty arrays are not allowed. */ repositoryFilters?: pulumi.Input[]>; /** * AWS Signer signing profile ARN to use for matched repositories. */ signingProfileArn: pulumi.Input; } } export declare namespace ecs { interface CapacityProviderAcceleratorCountRequestArgs { /** * The maximum number of accelerators. Instance types with more accelerators are excluded from selection. */ max?: pulumi.Input; /** * The minimum number of accelerators. Instance types with fewer accelerators are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderAcceleratorTotalMemoryMiBRequestArgs { /** * The maximum total accelerator memory in MiB. Instance types with more accelerator memory are excluded from selection. */ max?: pulumi.Input; /** * The minimum total accelerator memory in MiB. Instance types with less accelerator memory are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderAutoScalingGroupProviderArgs { /** * The Amazon Resource Name (ARN) that identifies the Auto Scaling group, or the Auto Scaling group name. */ autoScalingGroupArn: pulumi.Input; /** * The managed draining option for the Auto Scaling group capacity provider. When you enable this, Amazon ECS manages and gracefully drains the EC2 container instances that are in the Auto Scaling group capacity provider. */ managedDraining?: pulumi.Input; /** * The managed scaling settings for the Auto Scaling group capacity provider. */ managedScaling?: pulumi.Input; /** * The managed termination protection setting to use for the Auto Scaling group capacity provider. This determines whether the Auto Scaling group has managed termination protection. The default is off. * * > When using managed termination protection, managed scaling must also be used otherwise managed termination protection doesn't work. * * When managed termination protection is on, Amazon ECS prevents the Amazon EC2 instances in an Auto Scaling group that contain tasks from being terminated during a scale-in action. The Auto Scaling group and each instance in the Auto Scaling group must have instance protection from scale-in actions on as well. For more information, see [Instance Protection](https://docs.aws.amazon.com/autoscaling/ec2/userguide/as-instance-termination.html#instance-protection) in the *AWS Auto Scaling User Guide* . * * When managed termination protection is off, your Amazon EC2 instances aren't protected from termination when the Auto Scaling group scales in. */ managedTerminationProtection?: pulumi.Input; } interface CapacityProviderBaselineEbsBandwidthMbpsRequestArgs { /** * The maximum baseline Amazon EBS bandwidth in Mbps. Instance types with higher Amazon EBS bandwidth are excluded from selection. */ max?: pulumi.Input; /** * The minimum baseline Amazon EBS bandwidth in Mbps. Instance types with lower Amazon EBS bandwidth are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderCapacityReservationRequestArgs { reservationGroupArn?: pulumi.Input; reservationPreference?: pulumi.Input; } interface CapacityProviderInstanceLaunchTemplateArgs { /** * The capacity option type. This determines whether Amazon ECS launches On-Demand or Spot Instances for your managed instance capacity provider. * * Valid values are: * * - `ON_DEMAND` - Launches standard On-Demand Instances. On-Demand Instances provide predictable pricing and availability. * - `SPOT` - Launches Spot Instances that use spare Amazon EC2 capacity at reduced cost. Spot Instances can be interrupted by Amazon EC2 with a two-minute notification when the capacity is needed back. * * The default is On-Demand * * For more information about Amazon EC2 capacity options, see [Instance purchasing options](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/instance-purchasing-options.html) in the *Amazon EC2 User Guide* . */ capacityOptionType?: pulumi.Input; capacityReservations?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the instance profile that Amazon ECS applies to Amazon ECS Managed Instances. This instance profile must include the necessary permissions for your tasks to access AWS services and resources. * * For more information, see [Amazon ECS instance profile for Managed Instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/managed-instances-instance-profile.html) in the *Amazon ECS Developer Guide* . */ ec2InstanceProfileArn: pulumi.Input; fipsEnabled?: pulumi.Input; instanceMetadataTagsPropagation?: pulumi.Input; /** * The instance requirements. You can specify: * * - The instance types * - Instance requirements such as vCPU count, memory, network performance, and accelerator specifications * * Amazon ECS automatically selects the instances that match the specified criteria. */ instanceRequirements?: pulumi.Input; localStorageConfiguration?: pulumi.Input; /** * CloudWatch provides two categories of monitoring: basic monitoring and detailed monitoring. By default, your managed instance is configured for basic monitoring. You can optionally enable detailed monitoring to help you more quickly identify and act on operational issues. You can enable or turn off detailed monitoring at launch or when the managed instance is running or stopped. For more information, see [Detailed monitoring for Amazon ECS Managed Instances](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/detailed-monitoring-managed-instances.html) in the Amazon ECS Developer Guide. */ monitoring?: pulumi.Input; /** * The network configuration for Amazon ECS Managed Instances. This specifies the subnets and security groups that instances use for network connectivity. */ networkConfiguration: pulumi.Input; /** * The storage configuration for Amazon ECS Managed Instances. This defines the root volume size and type for the instances. */ storageConfiguration?: pulumi.Input; } interface CapacityProviderInstanceRequirementsRequestArgs { /** * The minimum and maximum number of accelerators for the instance types. This is used when you need instances with specific numbers of GPUs or other accelerators. */ acceleratorCount?: pulumi.Input; /** * The accelerator manufacturers to include. You can specify `nvidia` , `amd` , `amazon-web-services` , or `xilinx` depending on your accelerator requirements. */ acceleratorManufacturers?: pulumi.Input[]>; /** * The specific accelerator names to include. For example, you can specify `a100` , `v100` , `k80` , or other specific accelerator models. */ acceleratorNames?: pulumi.Input[]>; /** * The minimum and maximum total accelerator memory in mebibytes (MiB). This is important for GPU workloads that require specific amounts of video memory. */ acceleratorTotalMemoryMiB?: pulumi.Input; /** * The accelerator types to include. You can specify `gpu` for graphics processing units, `fpga` for field programmable gate arrays, or `inference` for machine learning inference accelerators. */ acceleratorTypes?: pulumi.Input[]>; /** * The instance types to include in the selection. When specified, Amazon ECS only considers these instance types, subject to the other requirements specified. */ allowedInstanceTypes?: pulumi.Input[]>; /** * Indicates whether to include bare metal instance types. Set to `included` to allow bare metal instances, `excluded` to exclude them, or `required` to use only bare metal instances. */ bareMetal?: pulumi.Input; /** * The minimum and maximum baseline Amazon EBS bandwidth in megabits per second (Mbps). This is important for workloads with high storage I/O requirements. */ baselineEbsBandwidthMbps?: pulumi.Input; /** * Indicates whether to include burstable performance instance types (T2, T3, T3a, T4g). Set to `included` to allow burstable instances, `excluded` to exclude them, or `required` to use only burstable instances. */ burstablePerformance?: pulumi.Input; /** * The CPU manufacturers to include or exclude. You can specify `intel` , `amd` , or `amazon-web-services` to control which CPU types are used for your workloads. */ cpuManufacturers?: pulumi.Input[]>; /** * The instance types to exclude from selection. Use this to prevent Amazon ECS from selecting specific instance types that may not be suitable for your workloads. */ excludedInstanceTypes?: pulumi.Input[]>; /** * The instance generations to include. You can specify `current` to use the latest generation instances, or `previous` to include previous generation instances for cost optimization. */ instanceGenerations?: pulumi.Input[]>; /** * Indicates whether to include instance types with local storage. Set to `included` to allow local storage, `excluded` to exclude it, or `required` to use only instances with local storage. */ localStorage?: pulumi.Input; /** * The local storage types to include. You can specify `hdd` for hard disk drives, `ssd` for solid state drives, or both. */ localStorageTypes?: pulumi.Input[]>; /** * The maximum price for Spot instances as a percentage of the optimal On-Demand price. This provides more precise cost control for Spot instance selection. */ maxSpotPriceAsPercentageOfOptimalOnDemandPrice?: pulumi.Input; /** * The minimum and maximum amount of memory per vCPU in gibibytes (GiB). This helps ensure that instance types have the appropriate memory-to-CPU ratio for your workloads. */ memoryGiBPerVCpu?: pulumi.Input; /** * The minimum and maximum amount of memory in mebibytes (MiB) for the instance types. Amazon ECS selects instance types that have memory within this range. */ memoryMiB: pulumi.Input; /** * The minimum and maximum network bandwidth in gigabits per second (Gbps). This is crucial for network-intensive workloads that require high throughput. */ networkBandwidthGbps?: pulumi.Input; /** * The minimum and maximum number of network interfaces for the instance types. This is useful for workloads that require multiple network interfaces. */ networkInterfaceCount?: pulumi.Input; /** * The price protection threshold for On-Demand Instances, as a percentage higher than an identified On-Demand price. The identified On-Demand price is the price of the lowest priced current generation C, M, or R instance type with your specified attributes. If no current generation C, M, or R instance type matches your attributes, then the identified price is from either the lowest priced current generation instance types or, failing that, the lowest priced previous generation instance types that match your attributes. When Amazon ECS selects instance types with your attributes, we will exclude instance types whose price exceeds your specified threshold. */ onDemandMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * Indicates whether the instance types must support hibernation. When set to `true` , only instance types that support hibernation are selected. */ requireHibernateSupport?: pulumi.Input; /** * The maximum price for Spot instances as a percentage over the lowest priced On-Demand instance. This helps control Spot instance costs while maintaining access to capacity. */ spotMaxPricePercentageOverLowestPrice?: pulumi.Input; /** * The minimum and maximum total local storage in gigabytes (GB) for instance types with local storage. */ totalLocalStorageGb?: pulumi.Input; /** * The minimum and maximum number of vCPUs for the instance types. Amazon ECS selects instance types that have vCPU counts within this range. */ vCpuCount: pulumi.Input; } interface CapacityProviderManagedInstancesLocalStorageConfigurationArgs { useLocalStorage?: pulumi.Input; } interface CapacityProviderManagedInstancesNetworkConfigurationArgs { /** * The list of security group IDs to apply to Amazon ECS Managed Instances. These security groups control the network traffic allowed to and from the instances. */ securityGroups: pulumi.Input[]>; /** * The list of subnet IDs where Amazon ECS can launch Amazon ECS Managed Instances. Instances are distributed across the specified subnets for high availability. All subnets must be in the same VPC. */ subnets: pulumi.Input[]>; } interface CapacityProviderManagedInstancesProviderArgs { /** * Defines how Amazon ECS Managed Instances optimizes the infrastructure in your capacity provider. Configure it to turn on or off the infrastructure optimization in your capacity provider, and to control the idle EC2 instances optimization delay. */ infrastructureOptimization?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the infrastructure role that Amazon ECS assumes to manage instances. This role must include permissions for Amazon EC2 instance lifecycle management, networking, and any additional AWS services required for your workloads. * * For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide* . */ infrastructureRoleArn: pulumi.Input; /** * The launch template that defines how Amazon ECS launches Amazon ECS Managed Instances. This includes the instance profile for your tasks, network and storage configuration, and instance requirements that determine which Amazon EC2 instance types can be used. * * For more information, see [Store instance launch parameters in Amazon EC2 launch templates](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-launch-templates.html) in the *Amazon EC2 User Guide* . */ instanceLaunchTemplate: pulumi.Input; /** * Determines whether tags from the capacity provider are automatically applied to Amazon ECS Managed Instances. This helps with cost allocation and resource management by ensuring consistent tagging across your infrastructure. */ propagateTags?: pulumi.Input; } /** * Defines how Amazon ECS Managed Instances optimizes the infrastructure in your capacity provider. Configure it to turn on or off the infrastructure optimization in your capacity provider, and to control the idle EC2 instances optimization delay. */ interface CapacityProviderManagedInstancesProviderInfrastructureOptimizationPropertiesArgs { /** * This parameter defines the number of seconds Amazon ECS Managed Instances waits before optimizing EC2 instances that have become idle or underutilized. A longer delay increases the likelihood of placing new tasks on idle instances, reducing startup time. A shorter delay helps reduce infrastructure costs by optimizing idle instances more quickly. Valid values are: Not set (null) - Uses the default optimization behavior, `-1` - Disables automatic infrastructure optimization, `0` to `3600` (inclusive) - Specifies the number of seconds to wait before optimizing instances. */ scaleInAfter?: pulumi.Input; } interface CapacityProviderManagedInstancesStorageConfigurationArgs { /** * The size of the tasks volume. */ storageSizeGiB: pulumi.Input; } /** * The managed scaling settings for the Auto Scaling group capacity provider. */ interface CapacityProviderManagedScalingArgs { /** * The period of time, in seconds, after a newly launched Amazon EC2 instance can contribute to CloudWatch metrics for Auto Scaling group. If this parameter is omitted, the default value of `300` seconds is used. */ instanceWarmupPeriod?: pulumi.Input; /** * The maximum number of Amazon EC2 instances that Amazon ECS will scale out at one time. If this parameter is omitted, the default value of `10000` is used. */ maximumScalingStepSize?: pulumi.Input; /** * The minimum number of Amazon EC2 instances that Amazon ECS will scale out at one time. The scale in process is not affected by this parameter If this parameter is omitted, the default value of `1` is used. * * When additional capacity is required, Amazon ECS will scale up the minimum scaling step size even if the actual demand is less than the minimum scaling step size. */ minimumScalingStepSize?: pulumi.Input; /** * Determines whether to use managed scaling for the capacity provider. */ status?: pulumi.Input; /** * The target capacity utilization as a percentage for the capacity provider. The specified value must be greater than `0` and less than or equal to `100` . For example, if you want the capacity provider to maintain 10% spare capacity, then that means the utilization is 90%, so use a `targetCapacity` of `90` . The default value of `100` percent results in the Amazon EC2 instances in your Auto Scaling group being completely used. */ targetCapacity?: pulumi.Input; } interface CapacityProviderMemoryGiBPerVCpuRequestArgs { /** * The maximum amount of memory per vCPU in GiB. Instance types with a higher memory-to-vCPU ratio are excluded from selection. */ max?: pulumi.Input; /** * The minimum amount of memory per vCPU in GiB. Instance types with a lower memory-to-vCPU ratio are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderMemoryMiBRequestArgs { /** * The maximum amount of memory in MiB. Instance types with more memory than this value are excluded from selection. */ max?: pulumi.Input; /** * The minimum amount of memory in MiB. Instance types with less memory than this value are excluded from selection. */ min: pulumi.Input; } interface CapacityProviderNetworkBandwidthGbpsRequestArgs { /** * The maximum network bandwidth in Gbps. Instance types with higher network bandwidth are excluded from selection. */ max?: pulumi.Input; /** * The minimum network bandwidth in Gbps. Instance types with lower network bandwidth are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderNetworkInterfaceCountRequestArgs { /** * The maximum number of network interfaces. Instance types that support more network interfaces are excluded from selection. */ max?: pulumi.Input; /** * The minimum number of network interfaces. Instance types that support fewer network interfaces are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderTotalLocalStorageGbRequestArgs { /** * The maximum total local storage in GB. Instance types with more local storage are excluded from selection. */ max?: pulumi.Input; /** * The minimum total local storage in GB. Instance types with less local storage are excluded from selection. */ min?: pulumi.Input; } interface CapacityProviderVCpuCountRangeRequestArgs { /** * The maximum number of vCPUs. Instance types with more vCPUs than this value are excluded from selection. */ max?: pulumi.Input; /** * The minimum number of vCPUs. Instance types with fewer vCPUs than this value are excluded from selection. */ min: pulumi.Input; } interface ClusterCapacityProviderAssociationsCapacityProviderStrategyArgs { base?: pulumi.Input; capacityProvider: pulumi.Input; weight?: pulumi.Input; } /** * The ``CapacityProviderStrategyItem`` property specifies the details of the default capacity provider strategy for the cluster. When services or tasks are run in the cluster with no launch type or capacity provider strategy specified, the default capacity provider strategy is used. */ interface ClusterCapacityProviderStrategyItemArgs { /** * The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider for each service. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of ``0`` is used. * Base value characteristics: * + Only one capacity provider in a strategy can have a base defined * + The default value is ``0`` if not specified * + The valid range is 0 to 100,000 * + Base requirements are satisfied first before weight distribution */ base?: pulumi.Input; /** * The short name of the capacity provider. This can be either an AWS managed capacity provider (``FARGATE`` or ``FARGATE_SPOT``) or the name of a custom capacity provider that you created. */ capacityProvider?: pulumi.Input; /** * The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The ``weight`` value is taken into consideration after the ``base`` value, if defined, is satisfied. * If no ``weight`` value is specified, the default value of ``0`` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of ``0`` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of ``0``, any ``RunTask`` or ``CreateService`` actions using the capacity provider strategy will fail. * Weight value characteristics: * + Weight is considered after the base value is satisfied * + The default value is ``0`` if not specified * + The valid range is 0 to 1,000 * + At least one capacity provider must have a weight greater than zero * + Capacity providers with weight of ``0`` cannot place tasks * * Task distribution logic: * 1. Base satisfaction: The minimum number of tasks specified by the base value are placed on that capacity provider * 1. Weight distribution: After base requirements are met, additional tasks are distributed according to weight ratios * * Examples: * Equal Distribution: Two capacity providers both with weight ``1`` will split tasks evenly after base requirements are met. * Weighted Distribution: If capacityProviderA has weight ``1`` and capacityProviderB has weight ``4``, then for every 1 task on A, 4 tasks will run on B. */ weight?: pulumi.Input; } /** * The execute command and managed storage configuration for the cluster. */ interface ClusterConfigurationArgs { /** * The details of the execute command configuration. */ executeCommandConfiguration?: pulumi.Input; /** * The details of the managed storage configuration. */ managedStorageConfiguration?: pulumi.Input; } /** * The details of the execute command configuration. */ interface ClusterExecuteCommandConfigurationArgs { /** * Specify an KMSlong key ID to encrypt the data between the local client and the container. */ kmsKeyId?: pulumi.Input; /** * The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. When ``logging=OVERRIDE`` is specified, a ``logConfiguration`` must be provided. */ logConfiguration?: pulumi.Input; /** * The log setting to use for redirecting logs for your execute command results. The following log settings are available. * + ``NONE``: The execute command session is not logged. * + ``DEFAULT``: The ``awslogs`` configuration in the task definition is used. If no logging parameter is specified, it defaults to this value. If no ``awslogs`` log driver is configured in the task definition, the output won't be logged. * + ``OVERRIDE``: Specify the logging details as a part of ``logConfiguration``. If the ``OVERRIDE`` logging option is specified, the ``logConfiguration`` is required. */ logging?: pulumi.Input; } /** * The log configuration for the results of the execute command actions. The logs can be sent to CloudWatch Logs or an Amazon S3 bucket. */ interface ClusterExecuteCommandLogConfigurationArgs { /** * Determines whether to use encryption on the CloudWatch logs. If not specified, encryption will be off. */ cloudWatchEncryptionEnabled?: pulumi.Input; /** * The name of the CloudWatch log group to send logs to. * The CloudWatch log group must already be created. */ cloudWatchLogGroupName?: pulumi.Input; /** * The name of the S3 bucket to send logs to. * The S3 bucket must already be created. */ s3BucketName?: pulumi.Input; /** * Determines whether to use encryption on the S3 logs. If not specified, encryption is not used. */ s3EncryptionEnabled?: pulumi.Input; /** * An optional folder in the S3 bucket to place logs in. */ s3KeyPrefix?: pulumi.Input; } /** * The managed storage configuration for the cluster. */ interface ClusterManagedStorageConfigurationArgs { /** * Specify the KMSlong key ID for Fargate ephemeral storage. * When you specify a ``fargateEphemeralStorageKmsKeyId``, AWS Fargate uses the key to encrypt data at rest in ephemeral storage. For more information about Fargate ephemeral storage encryption, see [Customer managed keys for Fargate ephemeral storage for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/fargate-storage-encryption.html) in the *Amazon Elastic Container Service Developer Guide*. * The key must be a single Region key. */ fargateEphemeralStorageKmsKeyId?: pulumi.Input; /** * Specify a KMSlong key ID to encrypt Amazon ECS managed storage. * When you specify a ``kmsKeyId``, Amazon ECS uses the key to encrypt data volumes managed by Amazon ECS that are attached to tasks in the cluster. The following data volumes are managed by Amazon ECS: Amazon EBS. For more information about encryption of Amazon EBS volumes attached to Amazon ECS tasks, see [Encrypt data stored in Amazon EBS volumes for Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html) in the *Amazon Elastic Container Service Developer Guide*. * The key must be a single Region key. */ kmsKeyId?: pulumi.Input; } /** * Use this parameter to set a default Service Connect namespace. After you set a default Service Connect namespace, any new services with Service Connect turned on that are created in the cluster are added as client services in the namespace. This setting only applies to new services that set the ``enabled`` parameter to ``true`` in the ``ServiceConnectConfiguration``. You can set the namespace of each service individually in the ``ServiceConnectConfiguration`` to override this default parameter. * Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ClusterServiceConnectDefaultsArgs { /** * The namespace name or full Amazon Resource Name (ARN) of the CMAPlong namespace that's used when you create a service and don't specify a Service Connect configuration. The namespace name can include up to 1024 characters. The name is case-sensitive. The name can't include greater than (>), less than (<), double quotation marks ("), or slash (/). * If you enter an existing namespace name or ARN, then that namespace will be used. Any namespace type is supported. The namespace must be in this account and this AWS Region. * If you enter a new name, a CMAPlong namespace will be created. Amazon ECS creates a CMAP namespace with the "API calls" method of instance discovery only. This instance discovery method is the "HTTP" namespace type in the CLIlong. Other types of instance discovery aren't used by Service Connect. * If you update the cluster with an empty string ``""`` for the namespace name, the cluster configuration for Service Connect is removed. Note that the namespace will remain in CMAP and must be deleted separately. * For more information about CMAPlong, see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *Developer Guide*. */ namespace?: pulumi.Input; } /** * The settings to use when creating a cluster. This parameter is used to turn on CloudWatch Container Insights with enhanced observability or CloudWatch Container Insights for a cluster. * Container Insights with enhanced observability provides all the Container Insights metrics, plus additional task and container metrics. This version supports enhanced observability for Amazon ECS clusters using the Amazon EC2 and Fargate launch types. After you configure Container Insights with enhanced observability on Amazon ECS, Container Insights auto-collects detailed infrastructure telemetry from the cluster level down to the container level in your environment and displays these critical performance data in curated dashboards removing the heavy lifting in observability set-up. * For more information, see [Monitor Amazon ECS containers using Container Insights with enhanced observability](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cloudwatch-container-insights.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ClusterSettingsArgs { /** * The name of the cluster setting. The value is ``containerInsights``. */ name?: pulumi.Input; /** * The value to set for the cluster setting. The supported values are ``enhanced``, ``enabled``, and ``disabled``. * To use Container Insights with enhanced observability, set the ``containerInsights`` account setting to ``enhanced``. * To use Container Insights, set the ``containerInsights`` account setting to ``enabled``. * If a cluster value is specified, it will override the ``containerInsights`` value set with [PutAccountSetting](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSetting.html) or [PutAccountSettingDefault](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_PutAccountSettingDefault.html). */ value?: pulumi.Input; } /** * The CloudWatch alarm configuration for a daemon. When enabled, CloudWatch alarms determine whether a daemon deployment has failed. */ interface DaemonAlarmConfigurationArgs { /** * The CloudWatch alarm names to monitor during a daemon deployment. */ alarmNames?: pulumi.Input[]>; /** * Determines whether to use the CloudWatch alarm option in the daemon deployment process. The default value is ``false``. */ enable?: pulumi.Input; } /** * Optional deployment parameters that control how a daemon rolls out updates across container instances. */ interface DaemonDeploymentConfigurationArgs { /** * The CloudWatch alarm configuration for the daemon deployment. When alarms are triggered during a deployment, the deployment can be automatically rolled back. */ alarms?: pulumi.Input; /** * The amount of time (in minutes) to wait after a successful deployment step before proceeding. This allows time to monitor for issues before continuing. The default value is 0. */ bakeTimeInMinutes?: pulumi.Input; /** * The percentage of container instances to drain simultaneously during a daemon deployment. Valid values are between 0.0 and 100.0. */ drainPercent?: pulumi.Input; } /** * The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. * Your Amazon ECS container instances require at least version 1.26.0 of the container agent to use container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. * For tasks that use the Fargate launch type, the task or service requires the following platforms: * + Linux platform version ``1.3.0`` or later. * + Windows platform version ``1.0.0`` or later. * * For more information about how to create a container dependency, see [Container dependency](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/example_task_definitions.html#example_task_definition-containerdependency) in the *Amazon Elastic Container Service Developer Guide*. */ interface DaemonTaskDefinitionContainerDependencyArgs { /** * The dependency condition of the container. The following are the available conditions and their behavior: * + ``START`` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start. * + ``COMPLETE`` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container. * + ``SUCCESS`` - This condition is the same as ``COMPLETE``, but it also requires that the container exits with a ``zero`` status. This condition can't be set on an essential container. * + ``HEALTHY`` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup. */ condition?: pulumi.Input; /** * The name of a container. */ containerName?: pulumi.Input; } /** * A container definition for a daemon task. Daemon container definitions describe the containers that run as part of a daemon task on container instances managed by capacity providers. */ interface DaemonTaskDefinitionDaemonContainerDefinitionArgs { /** * The command that's passed to the container. */ command?: pulumi.Input[]>; /** * The number of ``cpu`` units reserved for the container. */ cpu?: pulumi.Input; /** * The dependencies defined for container startup and shutdown. A container can contain multiple dependencies on other containers in a task definition. */ dependsOn?: pulumi.Input[]>; /** * The entry point that's passed to the container. */ entryPoint?: pulumi.Input[]>; /** * The environment variables to pass to a container. */ environment?: pulumi.Input[]>; /** * A list of files containing the environment variables to pass to a container. */ environmentFiles?: pulumi.Input[]>; /** * If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. */ essential?: pulumi.Input; /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. */ firelensConfiguration?: pulumi.Input; /** * The container health check command and associated configuration parameters for the container. */ healthCheck?: pulumi.Input; /** * The image used to start the container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. */ image: pulumi.Input; /** * When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. */ interactive?: pulumi.Input; /** * Linux-specific modifications that are applied to the container configuration, such as Linux kernel capabilities. */ linuxParameters?: pulumi.Input; /** * The log configuration specification for the container. */ logConfiguration?: pulumi.Input; /** * The amount (in MiB) of memory to present to the container. If the container attempts to exceed the memory specified here, the container is killed. */ memory?: pulumi.Input; /** * The soft limit (in MiB) of memory to reserve for the container. */ memoryReservation?: pulumi.Input; /** * The mount points for data volumes in your container. */ mountPoints?: pulumi.Input[]>; /** * The name of the container. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. */ name: pulumi.Input; /** * When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). */ privileged?: pulumi.Input; /** * When this parameter is ``true``, a TTY is allocated. */ pseudoTerminal?: pulumi.Input; /** * When this parameter is true, the container is given read-only access to its root file system. */ readonlyRootFilesystem?: pulumi.Input; /** * The private repository authentication credentials to use. */ repositoryCredentials?: pulumi.Input; /** * The restart policy for the container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. */ restartPolicy?: pulumi.Input; /** * The secrets to pass to the container. */ secrets?: pulumi.Input[]>; /** * Time duration (in seconds) to wait before giving up on resolving dependencies for a container. */ startTimeout?: pulumi.Input; /** * Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own. */ stopTimeout?: pulumi.Input; /** * A list of namespaced kernel parameters to set in the container. */ systemControls?: pulumi.Input[]>; /** * A list of ``ulimits`` to set in the container. */ ulimits?: pulumi.Input[]>; /** * The user to use inside the container. */ user?: pulumi.Input; /** * The working directory to run commands inside the container in. */ workingDirectory?: pulumi.Input; } /** * An object representing a container instance host device. */ interface DaemonTaskDefinitionDeviceArgs { /** * The path inside the container at which to expose the host device. */ containerPath?: pulumi.Input; /** * The path for the device on the host container instance. */ hostPath?: pulumi.Input; /** * The explicit permissions to provide to the container for the device. By default, the container has permissions for ``read``, ``write``, and ``mknod`` for the device. */ permissions?: pulumi.Input[]>; } /** * A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file should contain an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. * If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Use a file to pass environment variables to a container](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/use-environment-file.html) in the *Amazon Elastic Container Service Developer Guide*. * Environment variable files are objects in Amazon S3 and all Amazon S3 security considerations apply. * You must use the following platforms for the Fargate launch type: * + Linux platform version ``1.4.0`` or later. * + Windows platform version ``1.0.0`` or later. * * Consider the following when using the Fargate launch type: * + The file is handled like a native Docker env-file. * + There is no support for shell escape handling. * + The container entry point interperts the ``VARIABLE`` values. */ interface DaemonTaskDefinitionEnvironmentFileArgs { /** * The file type to use. Environment files are objects in Amazon S3. The only supported value is ``s3``. */ type?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file. */ value?: pulumi.Input; } /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface DaemonTaskDefinitionFirelensConfigurationArgs { /** * The options to use when configuring the log router. This field is optional and can be used to specify a custom configuration file or to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. If specified, the syntax to use is ``"options":{"enable-ecs-log-metadata":"true|false","config-file-type:"s3|file","config-file-value":"arn:aws:s3:::mybucket/fluent.conf|filepath"}``. For more information, see [Creating a task definition that uses a FireLens configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html#firelens-taskdef) in the *Amazon Elastic Container Service Developer Guide*. * Tasks hosted on FARGATElong only support the ``file`` configuration file type. */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The log router to use. The valid values are ``fluentd`` or ``fluentbit``. */ type?: pulumi.Input; } /** * An object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the ``HEALTHCHECK`` parameter of docker run. * The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image. * You can view the health status of both individual containers and a task with the DescribeTasks API operation or when viewing the task details in the console. * The health check is designed to make sure that your containers survive agent restarts, upgrades, or temporary unavailability. * Amazon ECS performs health checks on containers with the default that launched the container instance or the task. * The following describes the possible ``healthStatus`` values for a container: * + ``HEALTHY``-The container health check has passed successfully. * + ``UNHEALTHY``-The container health check has failed. * + ``UNKNOWN``-The container health check is being evaluated, there's no container health check defined, or Amazon ECS doesn't have the health status of the container. * * The following describes the possible ``healthStatus`` values based on the container health checker status of essential containers in the task with the following priority order (high to low): * + ``UNHEALTHY``-One or more essential containers have failed their health check. * + ``UNKNOWN``-Any essential container running within the task is in an ``UNKNOWN`` state and no other essential containers have an ``UNHEALTHY`` state. * + ``HEALTHY``-All essential containers within the task have passed their health checks. * * Consider the following task health example with 2 containers. * + If Container1 is ``UNHEALTHY`` and Container2 is ``UNKNOWN``, the task health is ``UNHEALTHY``. * + If Container1 is ``UNHEALTHY`` and Container2 is ``HEALTHY``, the task health is ``UNHEALTHY``. * + If Container1 is ``HEALTHY`` and Container2 is ``UNKNOWN``, the task health is ``UNKNOWN``. * + If Container1 is ``HEALTHY`` and Container2 is ``HEALTHY``, the task health is ``HEALTHY``. * * Consider the following task health example with 3 containers. * + If Container1 is ``UNHEALTHY`` and Container2 is ``UNKNOWN``, and Container3 is ``UNKNOWN``, the task health is ``UNHEALTHY``. * + If Container1 is ``UNHEALTHY`` and Container2 is ``UNKNOWN``, and Container3 is ``HEALTHY``, the task health is ``UNHEALTHY``. * + If Container1 is ``UNHEALTHY`` and Container2 is ``HEALTHY``, and Container3 is ``HEALTHY``, the task health is ``UNHEALTHY``. * + If Container1 is ``HEALTHY`` and Container2 is ``UNKNOWN``, and Container3 is ``HEALTHY``, the task health is ``UNKNOWN``. * + If Container1 is ``HEALTHY`` and Container2 is ``UNKNOWN``, and Container3 is ``UNKNOWN``, the task health is ``UNKNOWN``. * + If Container1 is ``HEALTHY`` and Container2 is ``HEALTHY``, and Container3 is ``HEALTHY``, the task health is ``HEALTHY``. * * If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it. * When a container health check fails for a task that is part of a service, the following process occurs: * 1. The task is marked as ``UNHEALTHY``. * 1. The unhealthy task will be stopped, and during the stopping process, it will go through the following states: * + ``DEACTIVATING`` - In this state, Amazon ECS performs additional steps before stopping the task. For example, for tasks that are part of services configured to use Elastic Load Balancing target groups, target groups will be deregistered in this state. * + ``STOPPING`` - The task is in the process of being stopped. * + ``DEPROVISIONING`` - Resources associated with the task are being cleaned up. * + ``STOPPED`` - The task has been completely stopped. * * 1. After the old task stops, a new task will be launched to ensure service operation, and the new task will go through the following lifecycle: * + ``PROVISIONING`` - Resources required for the task are being provisioned. * + ``PENDING`` - The task is waiting to be placed on a container instance. * + ``ACTIVATING`` - In this state, Amazon ECS pulls container images, creates containers, configures task networking, registers load balancer target groups, and configures service discovery status. * + ``RUNNING`` - The task is running and performing its work. * * * For more detailed information about task lifecycle states, see [Task lifecycle](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-lifecycle-explanation.html) in the *Amazon Elastic Container Service Developer Guide*. * The following are notes about container health check support: * + If the Amazon ECS container agent becomes disconnected from the Amazon ECS service, this won't cause a container to transition to an ``UNHEALTHY`` status. This is by design, to ensure that containers remain running during agent restarts or temporary unavailability. The health check status is the "last heard from" response from the Amazon ECS agent, so if the container was considered ``HEALTHY`` prior to the disconnect, that status will remain until the agent reconnects and another health check occurs. There are no assumptions made about the status of the container health checks. * + Container health checks require version ``1.17.0`` or greater of the Amazon ECS container agent. For more information, see [Updating the Amazon ECS container agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html). * + Container health checks are supported for Fargate tasks if you're using platform version ``1.1.0`` or greater. For more information, see [platform versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html). * + Container health checks aren't supported for tasks that are part of a service that's configured to use a Classic Load Balancer. * * For an example of how to specify a task definition with multiple containers where container dependency is specified, see [Container dependency](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/example_task_definitions.html#example_task_definition-containerdependency) in the *Amazon Elastic Container Service Developer Guide*. */ interface DaemonTaskDefinitionHealthCheckArgs { /** * A string array representing the command that the container runs to determine if it is healthy. The string array must start with ``CMD`` to run the command arguments directly, or ``CMD-SHELL`` to run the command with the container's default shell. * When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. * ``[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]`` * You don't include the double quotes and brackets when you use the AWS Management Console. * ``CMD-SHELL, curl -f http://localhost/ || exit 1`` * An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in the docker container create command. */ command?: pulumi.Input[]>; /** * The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a ``command``. */ interval?: pulumi.Input; /** * The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a ``command``. */ retries?: pulumi.Input; /** * The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off. This value applies only when you specify a ``command``. * If a health check succeeds within the ``startPeriod``, then the container is considered healthy and any subsequent failures count toward the maximum number of retries. */ startPeriod?: pulumi.Input; /** * The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a ``command``. */ timeout?: pulumi.Input; } /** * Details on a container instance bind mount host volume. */ interface DaemonTaskDefinitionHostVolumePropertiesArgs { /** * When the ``host`` parameter is used, specify a ``sourcePath`` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the ``host`` parameter contains a ``sourcePath`` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the ``sourcePath`` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. * If you're using the Fargate launch type, the ``sourcePath`` parameter is not supported. */ sourcePath?: pulumi.Input; } /** * The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition. For more detailed information about these Linux capabilities, see the [capabilities(7)](https://docs.aws.amazon.com/http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page. * The following describes how Docker processes the Linux capabilities specified in the ``add`` and ``drop`` request parameters. For information about the latest behavior, see [Docker Compose: order of cap_drop and cap_add](https://docs.aws.amazon.com/https://forums.docker.com/t/docker-compose-order-of-cap-drop-and-cap-add/97136/1) in the Docker Community Forum. * + When the container is a privleged container, the container capabilities are all of the default Docker capabilities. The capabilities specified in the ``add`` request parameter, and the ``drop`` request parameter are ignored. * + When the ``add`` request parameter is set to ALL, the container capabilities are all of the default Docker capabilities, excluding those specified in the ``drop`` request parameter. * + When the ``drop`` request parameter is set to ALL, the container capabilities are the capabilities specified in the ``add`` request parameter. * + When the ``add`` request parameter and the ``drop`` request parameter are both empty, the capabilities the container capabilities are all of the default Docker capabilities. * + The default is to first drop the capabilities specified in the ``drop`` request parameter, and then add the capabilities specified in the ``add`` request parameter. */ interface DaemonTaskDefinitionKernelCapabilitiesArgs { /** * The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker container create command and the ``--cap-add`` option to docker run. * Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability. * Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"`` */ add?: pulumi.Input[]>; /** * The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker container create command and the ``--cap-drop`` option to docker run. * Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"`` */ drop?: pulumi.Input[]>; } /** * A key-value pair object. */ interface DaemonTaskDefinitionKeyValuePairArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ name?: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value?: pulumi.Input; } /** * The Linux-specific options that are applied to the container, such as Linux [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html). */ interface DaemonTaskDefinitionLinuxParametersArgs { /** * The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. * For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later. */ capabilities?: pulumi.Input; /** * Any host devices to expose to the container. This parameter maps to ``Devices`` in the docker container create command and the ``--device`` option to docker run. * If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported. */ devices?: pulumi.Input[]>; /** * Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ initProcessEnabled?: pulumi.Input; /** * The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the ``--tmpfs`` option to docker run. * If you're using tasks that use the Fargate launch type, the ``tmpfs`` parameter isn't supported. */ tmpfs?: pulumi.Input[]>; } /** * The log configuration for the container. This parameter maps to ``LogConfig`` in the docker container create command and the ``--log-driver`` option to docker run. * By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. * Understand the following when specifying a log configuration for your containers. * + Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``,``syslog``, ``splunk``, and ``awsfirelens``. * + This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. * + For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*. * + For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to. */ interface DaemonTaskDefinitionLogConfigurationArgs { /** * The log driver to use for the container. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``syslog``, ``splunk``, and ``awsfirelens``. * For more information about using the ``awslogs`` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*. * For more information about using the ``awsfirelens`` log driver, see [Send Amazon ECS logs to an service or Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html). * If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software. */ logDriver: pulumi.Input; /** * The configuration options to send to the log driver. * The options you can specify depend on the log driver. Some of the options you can specify when you use the ``awslogs`` log driver to route logs to Amazon CloudWatch include the following: * + awslogs-create-group Required: No Specify whether you want the log group to be created automatically. If this option isn't specified, it defaults to false. Your IAM policy must include the logs:CreateLogGroup permission before you attempt to use awslogs-create-group. + awslogs-region Required: Yes Specify the Region that the awslogs log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option. + awslogs-group Required: Yes Make sure to specify a log group that the awslogs log driver sends its log streams to. + awslogs-stream-prefix Required: Yes, when using Fargate.Optional when using EC2. Use the awslogs-stream-prefix option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format prefix-name/container-name/ecs-task-id. If you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option. For Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to. You must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console. + awslogs-datetime-format Required: No This option defines a multiline start pattern in Python strftime format. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. One example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry. For more information, see awslogs-datetime-format. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. + awslogs-multiline-pattern Required: No This option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. For more information, see awslogs-multiline-pattern. This option is ignored if awslogs-datetime-format is also configured. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. * The following options apply to all supported log drivers. * + mode Required: No Valid values: non-blocking | blocking This option defines the delivery mode of log messages from the container to the log driver specified using logDriver. The delivery mode you choose affects application availability when the flow of logs from container is interrupted. If you use the blocking mode and the flow of logs is interrupted, calls from container code to write to the stdout and stderr streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure. If you use the non-blocking mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the max-buffer-size option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see Preventing log loss with non-blocking mode in the awslogs container log driver. You can set a default mode for all containers in a specific Region by using the defaultLogDriverMode account setting. If you don't specify the mode option or configure the account setting, Amazon ECS will default to the non-blocking mode. For more information about the account setting, see Default log driver mode in the Amazon Elastic Container Service Developer Guide. On June 25, 2025, Amazon ECS changed the default log driver mode from blocking to non-blocking to prioritize task availability over logging. To continue using the blocking mode after this change, do one of the following: Set the mode option in your container definition's logConfiguration as blocking. Set the defaultLogDriverMode account setting to blocking. + max-buffer-size Required: No Default value: 10m When non-blocking mode is used, the max-buffer-size log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost. * To route logs using the ``splunk`` log router, you need to specify a ``splunk-token`` and a ``splunk-url``. * When you use the ``awsfirelens`` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the ``log-driver-buffer-limit`` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker. * Other options you can specify when using ``awsfirelens`` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with ``region`` and a name for the log stream with ``delivery_stream``. * When you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with ``region`` and a data stream name with ``stream``. * When you export logs to Amazon OpenSearch Service, you can specify options like ``Name``, ``Host`` (OpenSearch Service endpoint without protocol), ``Port``, ``Index``, ``Type``, ``Aws_auth``, ``Aws_region``, ``Suppress_Type_Name``, and ``tls``. For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/). * When you export logs to Amazon S3, you can specify the bucket using the ``bucket`` option. You can also specify ``region``, ``total_file_size``, ``upload_timeout``, and ``use_put_object`` as options. * This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ secretOptions?: pulumi.Input[]>; } /** * The details for a volume mount point that's used in a container definition. */ interface DaemonTaskDefinitionMountPointArgs { /** * The path on the container to mount the host volume at. */ containerPath?: pulumi.Input; /** * If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``. */ readOnly?: pulumi.Input; /** * The name of the volume to mount. Must be a volume name referenced in the ``name`` parameter of task definition ``volume``. */ sourceVolume?: pulumi.Input; } /** * The repository credentials for private registry authentication. */ interface DaemonTaskDefinitionRepositoryCredentialsArgs { /** * The Amazon Resource Name (ARN) of the secret containing the private repository credentials. * When you use the Amazon ECS API, CLI, or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret. */ credentialsParameter?: pulumi.Input; } interface DaemonTaskDefinitionRestartPolicyArgs { enabled?: pulumi.Input; ignoredExitCodes?: pulumi.Input[]>; restartAttemptPeriod?: pulumi.Input; } /** * An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways: * + To inject sensitive data into your containers as environment variables, use the ``secrets`` container definition parameter. * + To reference sensitive information in the log configuration of a container, use the ``secretOptions`` container definition parameter. * * For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface DaemonTaskDefinitionSecretArgs { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store. * For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*. * If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. */ valueFrom: pulumi.Input; } /** * A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the docker container create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. * We don't recommend that you specify network-related ``systemControls`` parameters for multiple containers in a single task that also uses either the ``awsvpc`` or ``host`` network mode. Doing this has the following disadvantages: * + For tasks that use the ``awsvpc`` network mode including Fargate, if you set ``systemControls`` for any container, it applies to all containers in the task. If you set different ``systemControls`` for multiple containers in a single task, the container that's started last determines which ``systemControls`` take effect. * + For tasks that use the ``host`` network mode, the network namespace ``systemControls`` aren't supported. * * If you're setting an IPC resource namespace to use for the containers in the task, the following conditions apply to your system controls. For more information, see [IPC mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_definition_ipcmode). * + For tasks that use the ``host`` IPC mode, IPC namespace ``systemControls`` aren't supported. * + For tasks that use the ``task`` IPC mode, IPC namespace ``systemControls`` values apply to all containers within a task. * * This parameter is not supported for Windows containers. * This parameter is only supported for tasks that are hosted on FARGATElong if the tasks are using platform version ``1.4.0`` or later (Linux). This isn't supported for Windows containers on Fargate. */ interface DaemonTaskDefinitionSystemControlArgs { /** * The namespaced kernel parameter to set a ``value`` for. */ namespace?: pulumi.Input; /** * The namespaced kernel parameter to set a ``value`` for. * Valid IPC namespace values: ``"kernel.msgmax" | "kernel.msgmnb" | "kernel.msgmni" | "kernel.sem" | "kernel.shmall" | "kernel.shmmax" | "kernel.shmmni" | "kernel.shm_rmid_forced"``, and ``Sysctls`` that start with ``"fs.mqueue.*"`` * Valid network namespace values: ``Sysctls`` that start with ``"net.*"``. Only namespaced ``Sysctls`` that exist within the container starting with "net.* are accepted. * All of these values are supported by Fargate. */ value?: pulumi.Input; } /** * The container path, mount options, and size of the tmpfs mount. */ interface DaemonTaskDefinitionTmpfsArgs { /** * The absolute file path where the tmpfs volume is to be mounted. */ containerPath?: pulumi.Input; /** * The list of tmpfs volume mount options. * Valid values: ``"defaults" | "ro" | "rw" | "suid" | "nosuid" | "dev" | "nodev" | "exec" | "noexec" | "sync" | "async" | "dirsync" | "remount" | "mand" | "nomand" | "atime" | "noatime" | "diratime" | "nodiratime" | "bind" | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime" | "norelatime" | "strictatime" | "nostrictatime" | "mode" | "uid" | "gid" | "nr_inodes" | "nr_blocks" | "mpol"`` */ mountOptions?: pulumi.Input[]>; /** * The maximum size (in MiB) of the tmpfs volume. */ size: pulumi.Input; } /** * The ``ulimit`` settings to pass to the container. * Amazon ECS tasks hosted on FARGATElong use the default resource limit values set by the operating system with the exception of the ``nofile`` resource limit parameter which FARGATElong overrides. The ``nofile`` resource limit sets a restriction on the number of open files that a container can use. The default ``nofile`` soft limit is ``65535`` and the default hard limit is ``65535``. * You can specify the ``ulimit`` settings for a container in a task definition. */ interface DaemonTaskDefinitionUlimitArgs { /** * The hard limit for the ``ulimit`` type. The value can be specified in bytes, seconds, or as a count, depending on the ``type`` of the ``ulimit``. */ hardLimit: pulumi.Input; /** * The ``type`` of the ``ulimit``. */ name: pulumi.Input; /** * The soft limit for the ``ulimit`` type. The value can be specified in bytes, seconds, or as a count, depending on the ``type`` of the ``ulimit``. */ softLimit: pulumi.Input; } /** * The data volume configuration for tasks launched using this task definition. Specifying a volume configuration in a task definition is optional. The volume configuration may contain multiple volumes but only one volume configured at launch is supported. Each volume defined in the volume configuration may only specify a ``name`` and one of either ``configuredAtLaunch``, ``dockerVolumeConfiguration``, ``efsVolumeConfiguration``, ``fsxWindowsFileServerVolumeConfiguration``, or ``host``. If an empty volume configuration is specified, by default Amazon ECS uses a host volume. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html). */ interface DaemonTaskDefinitionVolumeArgs { /** * This parameter is specified when you use bind mount host volumes. The contents of the ``host`` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the ``host`` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running. * Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount ``C:\my\path:C:\my\path`` and ``D:\:D:\``, but not ``D:\my\path:C:\my\path`` or ``D:\:C:\my\path``. */ host?: pulumi.Input; /** * The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. * When using a volume configured at launch, the ``name`` is required and must also be specified as the volume name in the ``ServiceVolumeConfiguration`` or ``TaskVolumeConfiguration`` parameter when creating your service or standalone task. * For all other types of volumes, this name is referenced in the ``sourceVolume`` parameter of the ``mountPoints`` object in the container definition. * When a volume is using the ``efsVolumeConfiguration``, the name is required. */ name?: pulumi.Input; } interface ExpressGatewayServiceAwsLogsConfigurationArgs { /** * The name of the CloudWatch Logs log group to send container logs to. */ logGroup: pulumi.Input; /** * The prefix for the CloudWatch Logs log stream names. The default for an Express service is `ecs` . */ logStreamPrefix: pulumi.Input; } interface ExpressGatewayServiceExpressGatewayContainerArgs { /** * The log configuration for the container. */ awsLogsConfiguration?: pulumi.Input; /** * The command that is passed to the container. */ command?: pulumi.Input[]>; /** * The port number on the container that receives traffic from the load balancer. Default is 80. */ containerPort?: pulumi.Input; /** * The environment variables to pass to the container. */ environment?: pulumi.Input[]>; /** * The image used to start a container. This string is passed directly to the Docker daemon. Images in the Docker Hub registry are available by default. Other repositories are specified with either `repository-url/image:tag` or `repository-url/image@digest` . * * For Express services, the image typically contains a web application that listens on the specified container port. The image can be stored in Amazon ECR, Docker Hub, or any other container registry accessible to your execution role. */ image: pulumi.Input; /** * The configuration for repository credentials for private registry authentication. */ repositoryCredentials?: pulumi.Input; /** * The secrets to pass to the container. */ secrets?: pulumi.Input[]>; } interface ExpressGatewayServiceExpressGatewayRepositoryCredentialsArgs { /** * The Amazon Resource Name (ARN) of the secret containing the private repository credentials. */ credentialsParameter: pulumi.Input; } interface ExpressGatewayServiceExpressGatewayScalingTargetArgs { /** * The metric used for auto-scaling decisions. The default metric used for an Express service is `CPUUtilization` . */ autoScalingMetric?: pulumi.Input; /** * The target value for the auto-scaling metric. The default value for an Express service is 60. */ autoScalingTargetValue?: pulumi.Input; /** * The maximum number of tasks to run in the Express service. */ maxTaskCount?: pulumi.Input; /** * The minimum number of tasks to run in the Express service. */ minTaskCount?: pulumi.Input; } interface ExpressGatewayServiceKeyValuePairArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ name: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value: pulumi.Input; } interface ExpressGatewayServiceNetworkConfigurationArgs { /** * The IDs of the security groups associated with the Express service. */ securityGroups?: pulumi.Input[]>; /** * The IDs of the subnets associated with the Express service. */ subnets?: pulumi.Input[]>; } interface ExpressGatewayServiceSecretArgs { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full ARN of the AWS Secrets Manager secret or the full ARN of the parameter in the SSM Parameter Store. * * For information about the require AWS Identity and Access Management permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide* . * * > If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. */ valueFrom: pulumi.Input; } /** * The advanced settings for a load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments. For more information, see [Required resources for Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-deployment-implementation.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceAdvancedConfigurationArgs { /** * The Amazon Resource Name (ARN) of the alternate target group for Amazon ECS blue/green deployments. */ alternateTargetGroupArn: pulumi.Input; /** * The Amazon Resource Name (ARN) that that identifies the production listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing production traffic. */ productionListenerRule?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call the Elastic Load Balancing APIs for you. */ roleArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) that identifies ) that identifies the test listener rule (in the case of an Application Load Balancer) or listener (in the case for an Network Load Balancer) for routing test traffic. */ testListenerRule?: pulumi.Input; } /** * An object representing the networking details for a task or service. For example ``awsVpcConfiguration={subnets=["subnet-12344321"],securityGroups=["sg-12344321"]}``. */ interface ServiceAwsVpcConfigurationArgs { /** * Whether the task's elastic network interface receives a public IP address. * Consider the following when you set this value: * + When you use ``create-service`` or ``update-service``, the default is ``DISABLED``. * + When the service ``deploymentController`` is ``ECS``, the value must be ``DISABLED``. */ assignPublicIp?: pulumi.Input; /** * The IDs of the security groups associated with the task or service. If you don't specify a security group, the default security group for the VPC is used. There's a limit of 5 security groups that can be specified. * All specified security groups must be from the same VPC. */ securityGroups?: pulumi.Input[]>; /** * The IDs of the subnets associated with the task or service. There's a limit of 16 subnets that can be specified. * All specified subnets must be from the same VPC. */ subnets?: pulumi.Input[]>; } /** * Configuration for a canary deployment strategy that shifts a fixed percentage of traffic to the new service revision, waits for a specified bake time, then shifts the remaining traffic. * The following validation applies only to Canary deployments created through CFN. CFN operations time out after 36 hours. Canary deployments can approach this limit because of their extended duration. This can cause CFN to roll back the deployment. To prevent timeout-related rollbacks, CFN rejects deployments when the calculated deployment time exceeds 33 hours based on your template configuration: * ``BakeTimeInMinutes + CanaryBakeTimeInMinutes`` * Additional backend processes (such as task scaling and running lifecycle hooks) can extend deployment time beyond these calculations. Even deployments under the 33-hour threshold might still time out if these processes cause the total duration to exceed 36 hours. */ interface ServiceCanaryConfigurationArgs { /** * The amount of time in minutes to wait during the canary phase before shifting the remaining production traffic to the new service revision. Valid values are 0 to 1440 minutes (24 hours). The default value is 10. */ canaryBakeTimeInMinutes?: pulumi.Input; /** * The percentage of production traffic to shift to the new service revision during the canary phase. Valid values are multiples of 0.1 from 0.1 to 100.0. The default value is 5.0. */ canaryPercent?: pulumi.Input; } /** * The details of a capacity provider strategy. A capacity provider strategy can be set when using the ``RunTask`` or ``CreateService`` APIs or as the default capacity provider strategy for a cluster with the ``CreateCluster`` API. * Only capacity providers that are already associated with a cluster and have an ``ACTIVE`` or ``UPDATING`` status can be used in a capacity provider strategy. The ``PutClusterCapacityProviders`` API is used to associate a capacity provider with a cluster. * If specifying a capacity provider that uses an Auto Scaling group, the capacity provider must already be created. New Auto Scaling group capacity providers can be created with the ``CreateCapacityProvider`` API operation. * To use an FARGATElong capacity provider, specify either the ``FARGATE`` or ``FARGATE_SPOT`` capacity providers. The FARGATElong capacity providers are available to all accounts and only need to be associated with a cluster to be used in a capacity provider strategy. */ interface ServiceCapacityProviderStrategyItemArgs { /** * The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider for each service. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of ``0`` is used. * Base value characteristics: * + Only one capacity provider in a strategy can have a base defined * + The default value is ``0`` if not specified * + The valid range is 0 to 100,000 * + Base requirements are satisfied first before weight distribution */ base?: pulumi.Input; /** * The short name of the capacity provider. This can be either an AWS managed capacity provider (``FARGATE`` or ``FARGATE_SPOT``) or the name of a custom capacity provider that you created. */ capacityProvider?: pulumi.Input; /** * The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The ``weight`` value is taken into consideration after the ``base`` value, if defined, is satisfied. * If no ``weight`` value is specified, the default value of ``0`` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of ``0`` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of ``0``, any ``RunTask`` or ``CreateService`` actions using the capacity provider strategy will fail. * Weight value characteristics: * + Weight is considered after the base value is satisfied * + The default value is ``0`` if not specified * + The valid range is 0 to 1,000 * + At least one capacity provider must have a weight greater than zero * + Capacity providers with weight of ``0`` cannot place tasks * * Task distribution logic: * 1. Base satisfaction: The minimum number of tasks specified by the base value are placed on that capacity provider * 1. Weight distribution: After base requirements are met, additional tasks are distributed according to weight ratios * * Examples: * Equal Distribution: Two capacity providers both with weight ``1`` will split tasks evenly after base requirements are met. * Weighted Distribution: If capacityProviderA has weight ``1`` and capacityProviderB has weight ``4``, then for every 1 task on A, 4 tasks will run on B. */ weight?: pulumi.Input; } /** * Configuration for Service Connect access logging. Access logs provide detailed information about requests made to your service, including request patterns, response codes, and timing data for debugging and monitoring purposes. * To enable access logs, you must also specify a ``logConfiguration`` in the ``serviceConnectConfiguration``. */ interface ServiceConnectAccessLogConfigurationArgs { /** * The format for Service Connect access log output. Choose TEXT for human-readable logs or JSON for structured data that integrates well with log analysis tools. */ format: pulumi.Input; /** * Specifies whether to include query parameters in Service Connect access logs. * When enabled, query parameters from HTTP requests are included in the access logs. Consider security and privacy implications when enabling this feature, as query parameters may contain sensitive information such as request IDs and tokens. By default, this parameter is ``DISABLED``. */ includeQueryParameters?: pulumi.Input; } /** * Each alias ("endpoint") is a fully-qualified name and port number that other tasks ("clients") can use to connect to this service. * Each name and port mapping must be unique within the namespace. * Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceConnectClientAliasArgs { /** * The ``dnsName`` is the name that you use in the applications of client tasks to connect to this service. The name must be a valid DNS name but doesn't need to be fully-qualified. The name can include up to 127 characters. The name can include lowercase letters, numbers, underscores (_), hyphens (-), and periods (.). The name can't start with a hyphen. * If this parameter isn't specified, the default value of ``discoveryName.namespace`` is used. If the ``discoveryName`` isn't specified, the port mapping name from the task definition is used in ``portName.namespace``. * To avoid changing your applications in client Amazon ECS services, set this to the same name that the client application uses by default. For example, a few common names are ``database``, ``db``, or the lowercase name of a database, such as ``mysql`` or ``redis``. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ dnsName?: pulumi.Input; /** * The listening port number for the Service Connect proxy. This port is available inside of all of the tasks within the same namespace. * To avoid changing your applications in client Amazon ECS services, set this to the same port that the client application uses by default. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ port: pulumi.Input; /** * The configuration for test traffic routing rules used during blue/green deployments with Amazon ECS Service Connect. This allows you to route a portion of traffic to the new service revision of your service for testing before shifting all production traffic. */ testTrafficRules?: pulumi.Input; } /** * The Service Connect configuration of your Amazon ECS service. The configuration for this service to discover and connect to services, and be discovered by, and connected from, other services within a namespace. * Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceConnectConfigurationArgs { /** * The configuration for Service Connect access logging. Access logs capture detailed information about requests made to your service, including request patterns, response codes, and timing data. They can be useful for debugging connectivity issues, monitoring service performance, and auditing service-to-service communication for security and compliance purposes. * To enable access logs, you must also specify a ``logConfiguration`` in the ``serviceConnectConfiguration``. */ accessLogConfiguration?: pulumi.Input; /** * Specifies whether to use Service Connect with this service. */ enabled: pulumi.Input; /** * The log configuration for the container. This parameter maps to ``LogConfig`` in the docker container create command and the ``--log-driver`` option to docker run. * By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. * Understand the following when specifying a log configuration for your containers. * + Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``,``syslog``, ``splunk``, and ``awsfirelens``. * + This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. * + For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*. * + For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to. */ logConfiguration?: pulumi.Input; /** * The namespace name or full Amazon Resource Name (ARN) of the CMAPlong namespace for use with Service Connect. The namespace must be in the same AWS Region as the Amazon ECS service and cluster. The type of namespace doesn't affect Service Connect. For more information about CMAPlong, see [Working with Services](https://docs.aws.amazon.com/cloud-map/latest/dg/working-with-services.html) in the *Developer Guide*. */ namespace?: pulumi.Input; /** * The list of Service Connect service objects. These are names and aliases (also known as endpoints) that are used by other Amazon ECS services to connect to this service. * This field is not required for a "client" Amazon ECS service that's a member of a namespace only to connect to other services within the namespace. An example of this would be a frontend application that accepts incoming requests from either a load balancer that's attached to the service or by other means. * An object selects a port from the task definition, assigns a name for the CMAPlong service, and a list of aliases (endpoints) and ports for client applications to refer to this service. */ services?: pulumi.Input[]>; } /** * The Service Connect service object configuration. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceConnectServiceArgs { /** * The list of client aliases for this Service Connect service. You use these to assign names that can be used by client applications. The maximum number of client aliases that you can have in this list is 1. * Each alias ("endpoint") is a fully-qualified name and port number that other Amazon ECS tasks ("clients") can use to connect to this service. * Each name and port mapping must be unique within the namespace. * For each ``ServiceConnectService``, you must provide at least one ``clientAlias`` with one ``port``. */ clientAliases?: pulumi.Input[]>; /** * The ``discoveryName`` is the name of the new CMAP service that Amazon ECS creates for this Amazon ECS service. This must be unique within the CMAP namespace. The name can contain up to 64 characters. The name can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen. * If the ``discoveryName`` isn't specified, the port mapping name from the task definition is used in ``portName.namespace``. */ discoveryName?: pulumi.Input; /** * The port number for the Service Connect proxy to listen on. * Use the value of this field to bypass the proxy for traffic on the port number specified in the named ``portMapping`` in the task definition of this application, and then use it in your VPC security groups to allow traffic into the proxy for this Amazon ECS service. * In ``awsvpc`` mode and Fargate, the default value is the container port number. The container port number is in the ``portMapping`` in the task definition. In bridge mode, the default value is the ephemeral port of the Service Connect proxy. */ ingressPortOverride?: pulumi.Input; /** * The ``portName`` must match the name of one of the ``portMappings`` from all the containers in the task definition of this Amazon ECS service. */ portName: pulumi.Input; /** * A reference to an object that represents the configured timeouts for Service Connect. */ timeout?: pulumi.Input; /** * A reference to an object that represents a Transport Layer Security (TLS) configuration. */ tls?: pulumi.Input; } /** * The test traffic routing configuration for Amazon ECS blue/green deployments. This configuration allows you to define rules for routing specific traffic to the new service revision during the deployment process, allowing for safe testing before full production traffic shift. * For more information, see [Service Connect for Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect-blue-green.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceConnectTestTrafficRulesArgs { /** * The HTTP header-based routing rules that determine which requests should be routed to the new service version during blue/green deployment testing. These rules provide fine-grained control over test traffic routing based on request headers. */ header: pulumi.Input; } interface ServiceConnectTestTrafficRulesHeaderArgs { name: pulumi.Input; value?: pulumi.Input; } interface ServiceConnectTestTrafficRulesHeaderValueArgs { exact: pulumi.Input; } /** * The certificate root authority that secures your service. */ interface ServiceConnectTlsCertificateAuthorityArgs { /** * The ARN of the AWS Private Certificate Authority certificate. */ awsPcaAuthorityArn?: pulumi.Input; } /** * The key that encrypts and decrypts your resources for Service Connect TLS. */ interface ServiceConnectTlsConfigurationArgs { /** * The signer certificate authority. */ issuerCertificateAuthority: pulumi.Input; /** * The AWS Key Management Service key. */ kmsKey?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that's associated with the Service Connect TLS. */ roleArn?: pulumi.Input; } /** * One of the methods which provide a way for you to quickly identify when a deployment has failed, and then to optionally roll back the failure to the last working deployment. * When the alarms are generated, Amazon ECS sets the service deployment to failed. Set the rollback parameter to have Amazon ECS to roll back your service to the last completed deployment after a failure. * You can only use the ``DeploymentAlarms`` method to detect failures when the ``DeploymentController`` is set to ``ECS``. * For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceDeploymentAlarmsArgs { /** * One or more CloudWatch alarm names. Use a "," to separate the alarms. */ alarmNames: pulumi.Input[]>; /** * Determines whether to use the CloudWatch alarm option in the service deployment process. */ enable: pulumi.Input; /** * Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is used, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. */ rollback: pulumi.Input; } /** * The deployment circuit breaker can only be used for services using the rolling update (``ECS``) deployment type. * The *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If it is turned on, a service deployment will transition to a failed state and stop launching new tasks. You can also configure Amazon ECS to roll back your service to the last completed deployment after a failure. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide*. * For more information about API failure reasons, see [API failure reasons](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/api_failures_messages.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceDeploymentCircuitBreakerArgs { /** * Determines whether to use the deployment circuit breaker logic for the service. */ enable: pulumi.Input; /** * Determines whether to configure Amazon ECS to roll back the service if a service deployment fails. If rollback is on, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. */ rollback: pulumi.Input; } /** * Optional deployment parameters that control how many tasks run during a deployment and the ordering of stopping and starting tasks. */ interface ServiceDeploymentConfigurationArgs { /** * Information about the CloudWatch alarms. */ alarms?: pulumi.Input; /** * The duration waiting before terminating the previous service revision and marking a deployment complete. * The following rules apply when you don't specify a value: * + For blue/green, linear, and canary deployments, the value is set to 15 minutes. * + For rolling deployments, there is no bake time set by default. * + The external deployment controller (``EXTERNAL``) and the ACD blue/green deployment controller (``CODE_DEPLOY``) do not support the ``BakeTimeInMinutes`` parameter. * * If you provide a bake time for a rolling deployment, the CloudFormation handler timeout is increased to the maximum of 36 hours, matching the timeout for blue/green, linear, and canary deployments. */ bakeTimeInMinutes?: pulumi.Input; /** * Configuration for canary deployment strategy. Only valid when the deployment strategy is ``CANARY``. This configuration enables shifting a fixed percentage of traffic for testing, followed by shifting the remaining traffic after a bake period. */ canaryConfiguration?: pulumi.Input; /** * The deployment circuit breaker can only be used for services using the rolling update (``ECS``) deployment type. * The *deployment circuit breaker* determines whether a service deployment will fail if the service can't reach a steady state. If you use the deployment circuit breaker, a service deployment will transition to a failed state and stop launching new tasks. If you use the rollback option, when a service deployment fails, the service is rolled back to the last deployment that completed successfully. For more information, see [Rolling update](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html) in the *Amazon Elastic Container Service Developer Guide* */ deploymentCircuitBreaker?: pulumi.Input; /** * An array of deployment lifecycle hook objects to run custom logic at specific stages of the deployment lifecycle. */ lifecycleHooks?: pulumi.Input[]>; /** * Configuration for linear deployment strategy. Only valid when the deployment strategy is ``LINEAR``. This configuration enables progressive traffic shifting in equal percentage increments with configurable bake times between each step. */ linearConfiguration?: pulumi.Input; /** * If a service is using the rolling update (``ECS``) deployment type, the ``maximumPercent`` parameter represents an upper limit on the number of your service's tasks that are allowed in the ``RUNNING`` or ``PENDING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded down to the nearest integer). This parameter enables you to define the deployment batch size. For example, if your service is using the ``REPLICA`` service scheduler and has a ``desiredCount`` of four tasks and a ``maximumPercent`` value of 200%, the scheduler may start four new tasks before stopping the four older tasks (provided that the cluster resources required to do this are available). The default ``maximumPercent`` value for a service using the ``REPLICA`` service scheduler is 200%. * The Amazon ECS scheduler uses this parameter to replace unhealthy tasks by starting replacement tasks first and then stopping the unhealthy tasks, as long as cluster resources for starting replacement tasks are available. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html). * If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types, and tasks in the service use the EC2 launch type, the *maximum percent* value is set to the default value. The *maximum percent* value is used to define the upper limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. * You can't specify a custom ``maximumPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type. * If the service uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types, and the tasks in the service use the Fargate launch type, the maximum percent value is not used. The value is still returned when describing your service. */ maximumPercent?: pulumi.Input; /** * If a service is using the rolling update (``ECS``) deployment type, the ``minimumHealthyPercent`` represents a lower limit on the number of your service's tasks that must remain in the ``RUNNING`` state during a deployment, as a percentage of the ``desiredCount`` (rounded up to the nearest integer). This parameter enables you to deploy without using additional cluster capacity. For example, if your service has a ``desiredCount`` of four tasks and a ``minimumHealthyPercent`` of 50%, the service scheduler may stop two existing tasks to free up cluster capacity before starting two new tasks. * If any tasks are unhealthy and if ``maximumPercent`` doesn't allow the Amazon ECS scheduler to start replacement tasks, the scheduler stops the unhealthy tasks one-by-one — using the ``minimumHealthyPercent`` as a constraint — to clear up capacity to launch replacement tasks. For more information about how the scheduler replaces unhealthy tasks, see [Amazon ECS services](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs_services.html). * For services that *do not* use a load balancer, the following should be noted: * + A service is considered healthy if all essential containers within the tasks in the service pass their health checks. * + If a task has no essential containers with a health check defined, the service scheduler will wait for 40 seconds after a task reaches a ``RUNNING`` state before the task is counted towards the minimum healthy percent total. * + If a task has one or more essential containers with a health check defined, the service scheduler will wait for the task to reach a healthy status before counting it towards the minimum healthy percent total. A task is considered healthy when all essential containers within the task have passed their health checks. The amount of time the service scheduler can wait for is determined by the container health check settings. * * For services that *do* use a load balancer, the following should be noted: * + If a task has no essential containers with a health check defined, the service scheduler will wait for the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total. * + If a task has an essential container with a health check defined, the service scheduler will wait for both the task to reach a healthy status and the load balancer target group health check to return a healthy status before counting the task towards the minimum healthy percent total. * * The default value for a replica service for ``minimumHealthyPercent`` is 100%. The default ``minimumHealthyPercent`` value for a service using the ``DAEMON`` service schedule is 0% for the CLI, the AWS SDKs, and the APIs and 50% for the AWS Management Console. * The minimum number of healthy tasks during a deployment is the ``desiredCount`` multiplied by the ``minimumHealthyPercent``/100, rounded up to the nearest integer value. * If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the EC2 launch type, the *minimum healthy percent* value is set to the default value. The *minimum healthy percent* value is used to define the lower limit on the number of the tasks in the service that remain in the ``RUNNING`` state while the container instances are in the ``DRAINING`` state. * You can't specify a custom ``minimumHealthyPercent`` value for a service that uses either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and has tasks that use the EC2 launch type. * If a service is using either the blue/green (``CODE_DEPLOY``) or ``EXTERNAL`` deployment types and is running tasks that use the Fargate launch type, the minimum healthy percent value is not used, although it is returned when describing your service. */ minimumHealthyPercent?: pulumi.Input; /** * The deployment strategy for the service. Choose from these valid values: * + ``ROLLING`` - When you create a service which uses the rolling update (``ROLLING``) deployment strategy, the Amazon ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that Amazon ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration. * + ``BLUE_GREEN`` - A blue/green deployment strategy (``BLUE_GREEN``) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With Amazon ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed. * + ``LINEAR`` - A *linear* deployment strategy (``LINEAR``) gradually shifts traffic from the current production environment to a new environment in equal percentages over time. With Amazon ECS linear deployments, you can control the pace of traffic shifting and validate new service revisions with increasing amounts of production traffic. * + ``CANARY`` - A *canary* deployment strategy (``CANARY``) shifts a small percentage of traffic to the new service revision first, then shifts the remaining traffic all at once after a specified time period. This allows you to test the new version with a subset of users before full deployment. */ strategy?: pulumi.Input; } /** * The deployment controller to use for the service. */ interface ServiceDeploymentControllerArgs { /** * The deployment controller type to use. * The deployment controller is the mechanism that determines how tasks are deployed for your service. The valid options are: * + ECS * When you create a service which uses the ``ECS`` deployment controller, you can choose between the following deployment strategies: * + ``ROLLING``: When you create a service which uses the *rolling update* (``ROLLING``) deployment strategy, the ECS service scheduler replaces the currently running tasks with new tasks. The number of tasks that ECS adds or removes from the service during a rolling update is controlled by the service deployment configuration. * Rolling update deployments are best suited for the following scenarios: * + Gradual service updates: You need to update your service incrementally without taking the entire service offline at once. * + Limited resource requirements: You want to avoid the additional resource costs of running two complete environments simultaneously (as required by blue/green deployments). * + Acceptable deployment time: Your application can tolerate a longer deployment process, as rolling updates replace tasks one by one. * + No need for instant roll back: Your service can tolerate a rollback process that takes minutes rather than seconds. * + Simple deployment process: You prefer a straightforward deployment approach without the complexity of managing multiple environments, target groups, and listeners. * + No load balancer requirement: Your service doesn't use or require a load balancer, ALB, NLB, or Service Connect (which are required for blue/green deployments). * + Stateful applications: Your application maintains state that makes it difficult to run two parallel environments. * + Cost sensitivity: You want to minimize deployment costs by not running duplicate environments during deployment. * * Rolling updates are the default deployment strategy for services and provide a balance between deployment safety and resource efficiency for many common application scenarios. * + ``BLUE_GREEN``: A *blue/green* deployment strategy (``BLUE_GREEN``) is a release methodology that reduces downtime and risk by running two identical production environments called blue and green. With ECS blue/green deployments, you can validate new service revisions before directing production traffic to them. This approach provides a safer way to deploy changes with the ability to quickly roll back if needed. * ECS blue/green deployments are best suited for the following scenarios: * + Service validation: When you need to validate new service revisions before directing production traffic to them * + Zero downtime: When your service requires zero-downtime deployments * + Instant roll back: When you need the ability to quickly roll back if issues are detected * + Load balancer requirement: When your service uses ALB, NLB, or Service Connect * * * + External * Use a third-party deployment controller. * + Blue/green deployment (powered by ACD) * ACD installs an updated version of the application as a new replacement task set and reroutes production traffic from the original application task set to the replacement task set. The original task set is terminated after a successful deployment. Use this deployment controller to verify a new deployment of a service before sending production traffic to it. * * When updating the deployment controller for a service, consider the following depending on the type of migration you're performing. * + If you have a template that contains the ``EXTERNAL`` deployment controller information as well as ``TaskSet`` and ``PrimaryTaskSet`` resources, and you remove the task set resources from the template when updating from ``EXTERNAL`` to ``ECS``, the ``DescribeTaskSet`` and ``DeleteTaskSet`` API calls will return a 400 error after the deployment controller is updated to ``ECS``. This results in a delete failure on the task set resources, even though the stack transitions to ``UPDATE_COMPLETE`` status. For more information, see [Resource removed from stack but not deleted](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/troubleshooting.html#troubleshooting-errors-resource-removed-not-deleted) in the CFNlong User Guide. To fix this issue, delete the task sets directly using the ECS``DeleteTaskSet`` API. For more information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the ECSlong API Reference. * + If you're migrating from ``CODE_DEPLOY`` to ``ECS`` with a new task definition and CFN performs a rollback operation, the ECS``UpdateService`` request fails with the following error: * Resource handler returned message: "Invalid request provided: Unable to update task definition on services with a CODE_DEPLOY deployment controller. * + After a successful migration from ``ECS`` to ``EXTERNAL`` deployment controller, you need to manually remove the ``ACTIVE`` task set, because ECS no longer manages the deployment. For information about how to delete a task set, see [DeleteTaskSet](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DeleteTaskSet.html) in the ECSlong API Reference. */ type?: pulumi.Input; } /** * A deployment lifecycle hook runs custom logic at specific stages of the deployment process. Currently, you can use Lambda functions as hook targets. * For more information, see [Lifecycle hooks for Amazon ECS service deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-lifecycle-hooks.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceDeploymentLifecycleHookArgs { /** * Use this field to specify custom parameters that ECS passes to your hook target invocations (such as a Lambda function). * This field must be a JSON object as a string. */ hookDetails?: any; /** * The Amazon Resource Name (ARN) of the hook target. Currently, only Lambda function ARNs are supported. * You must provide this parameter when configuring a deployment lifecycle hook. */ hookTargetArn: pulumi.Input; /** * The lifecycle stages at which to run the hook. Choose from these valid values: * + RECONCILE_SERVICE * The reconciliation stage that only happens when you start a new service deployment with more than 1 service revision in an ACTIVE state. * You can use a lifecycle hook for this stage. * + PRE_SCALE_UP * The green service revision has not started. The blue service revision is handling 100% of the production traffic. There is no test traffic. * You can use a lifecycle hook for this stage. * + POST_SCALE_UP * The green service revision has started. The blue service revision is handling 100% of the production traffic. There is no test traffic. * You can use a lifecycle hook for this stage. * + TEST_TRAFFIC_SHIFT * The blue and green service revisions are running. The blue service revision handles 100% of the production traffic. The green service revision is migrating from 0% to 100% of test traffic. * You can use a lifecycle hook for this stage. * + POST_TEST_TRAFFIC_SHIFT * The test traffic shift is complete. The green service revision handles 100% of the test traffic. * You can use a lifecycle hook for this stage. * + PRODUCTION_TRAFFIC_SHIFT * Production traffic is shifting to the green service revision. The green service revision is migrating from 0% to 100% of production traffic. * You can use a lifecycle hook for this stage. * + POST_PRODUCTION_TRAFFIC_SHIFT * The production traffic shift is complete. * You can use a lifecycle hook for this stage. * * You must provide this parameter when configuring a deployment lifecycle hook. */ lifecycleStages: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the IAM role that grants Amazon ECS permission to call Lambda functions on your behalf. * For more information, see [Permissions required for Lambda functions in Amazon ECS blue/green deployments](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/blue-green-permissions.html) in the *Amazon Elastic Container Service Developer Guide*. */ roleArn: pulumi.Input; } /** * The tag specifications of an Amazon EBS volume. */ interface ServiceEbsTagSpecificationArgs { /** * Determines whether to propagate the tags from the task definition to the Amazon EBS volume. Tags can only propagate to a ``SERVICE`` specified in ``ServiceVolumeConfiguration``. If no value is specified, the tags aren't propagated. */ propagateTags?: pulumi.Input; /** * The type of volume resource. */ resourceType: pulumi.Input; /** * The tags applied to this Amazon EBS volume. ``AmazonECSCreated`` and ``AmazonECSManaged`` are reserved tags that can't be used. */ tags?: pulumi.Input[]>; } /** * Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination (``my_image:latest``) or to roll Fargate tasks onto a newer platform version. */ interface ServiceForceNewDeploymentArgs { /** * Determines whether to force a new deployment of the service. By default, deployments aren't forced. You can use this option to start a new deployment with no service definition changes. For example, you can update a service's tasks to use a newer Docker image with the same image/tag combination (``my_image:latest``) or to roll Fargate tasks onto a newer platform version. */ enableForceNewDeployment: pulumi.Input; /** * When you change the``ForceNewDeploymentNonce`` value in your template, it signals ECS to start a new deployment even though no other service parameters have changed. The value must be a unique, time- varying value like a timestamp, random string, or sequence number. Use this property when you want to ensure your tasks pick up the latest version of a Docker image that uses the same tag but has been updated in the registry. */ forceNewDeploymentNonce?: pulumi.Input; } /** * Configuration for a linear deployment strategy that shifts production traffic in equal percentage increments with configurable wait times between each step until 100 percent of traffic is shifted to the new service revision. * The following validation applies only to Linear deployments created through CFN. CFN operations time out after 36 hours. Linear deployments can approach this limit because of their extended duration. This can cause CFN to roll back the deployment. To prevent timeout-related rollbacks, CFN rejects deployments when the calculated deployment time exceeds 33 hours based on your template configuration: * ``BakeTimeInMinutes + (StepBakeTimeInMinutes × Number of deployment steps)`` * Where the number of deployment steps is calculated as follows: * + *If StepPercent evenly divides by 100*: The number of deployment steps equals ``(100 ÷ StepPercent) - 1`` * + *Otherwise*: The number of deployment steps equals the floor of ``100 ÷ StepPercent``. For example, if ``StepPercent`` is 11, the number of deployment steps is 9 (not 9.1). * * This calculation reflects that CFN doesn't apply the step bake time after the final traffic shift reaches 100%. For example, with a ``StepPercent`` of 50%, there are actually two traffic shifts, but only one deployment step is counted for validation purposes because the bake time is applied only after the first 50% shift, not after reaching 100%. * Additional backend processes (such as task scaling and running lifecycle hooks) can extend deployment time beyond these calculations. Even deployments under the 33-hour threshold might still time out if these processes cause the total duration to exceed 36 hours. */ interface ServiceLinearConfigurationArgs { /** * The amount of time in minutes to wait between each traffic shifting step during a linear deployment. Valid values are 0 to 1440 minutes (24 hours). The default value is 6. This bake time is not applied after reaching 100 percent traffic. */ stepBakeTimeInMinutes?: pulumi.Input; /** * The percentage of production traffic to shift in each step during a linear deployment. Valid values are multiples of 0.1 from 3.0 to 100.0. The default value is 10.0. */ stepPercent?: pulumi.Input; } /** * The ``LoadBalancer`` property specifies details on a load balancer that is used with a service. * If the service is using the ``CODE_DEPLOY`` deployment controller, the service is required to use either an Application Load Balancer or Network Load Balancer. When you are creating an ACDlong deployment group, you specify two target groups (referred to as a ``targetGroupPair``). Each target group binds to a separate task set in the deployment. The load balancer can also have up to two listeners, a required listener for production traffic and an optional listener that allows you to test new revisions of the service before routing production traffic to it. * Services with tasks that use the ``awsvpc`` network mode (for example, those with the Fargate launch type) only support Application Load Balancers and Network Load Balancers. Classic Load Balancers are not supported. Also, when you create any target groups for these services, you must choose ``ip`` as the target type, not ``instance``. Tasks that use the ``awsvpc`` network mode are associated with an elastic network interface, not an Amazon EC2 instance. */ interface ServiceLoadBalancerArgs { /** * The advanced settings for the load balancer used in blue/green deployments. Specify the alternate target group, listener rules, and IAM role required for traffic shifting during blue/green deployments. */ advancedConfiguration?: pulumi.Input; /** * The name of the container (as it appears in a container definition) to associate with the load balancer. * You need to specify the container name when configuring the target group for an Amazon ECS load balancer. */ containerName?: pulumi.Input; /** * The port on the container to associate with the load balancer. This port must correspond to a ``containerPort`` in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they're launched on must allow ingress traffic on the ``hostPort`` of the port mapping. */ containerPort?: pulumi.Input; /** * The name of the load balancer to associate with the Amazon ECS service or task set. * If you are using an Application Load Balancer or a Network Load Balancer the load balancer name parameter should be omitted. */ loadBalancerName?: pulumi.Input; /** * The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. * A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. * For services using the ``ECS`` deployment controller, you can specify one or multiple target groups. For more information, see [Registering multiple target groups with a service](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html) in the *Amazon Elastic Container Service Developer Guide*. * For services using the ``CODE_DEPLOY`` deployment controller, you're required to define two target groups for the load balancer. For more information, see [Blue/green deployment with CodeDeploy](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html) in the *Amazon Elastic Container Service Developer Guide*. * If your service's task definition uses the ``awsvpc`` network mode, you must choose ``ip`` as the target type, not ``instance``. Do this when creating your target groups because tasks that use the ``awsvpc`` network mode are associated with an elastic network interface, not an Amazon EC2 instance. This network mode is required for the Fargate launch type. */ targetGroupArn?: pulumi.Input; } /** * The log configuration for the container. This parameter maps to ``LogConfig`` in the docker container create command and the ``--log-driver`` option to docker run. * By default, containers use the same logging driver that the Docker daemon uses. However, the container might use a different logging driver than the Docker daemon by specifying a log driver configuration in the container definition. * Understand the following when specifying a log configuration for your containers. * + Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon. Additional log drivers may be available in future releases of the Amazon ECS container agent. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``,``syslog``, ``splunk``, and ``awsfirelens``. * + This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. * + For tasks that are hosted on Amazon EC2 instances, the Amazon ECS container agent must register the available logging drivers with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Amazon ECS container agent configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*. * + For tasks that are on FARGATElong, because you don't have access to the underlying infrastructure your tasks are hosted on, any additional software needed must be installed outside of the task. For example, the Fluentd output aggregators or a remote host running Logstash to send Gelf logs to. */ interface ServiceLogConfigurationArgs { /** * The log driver to use for the container. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``syslog``, ``splunk``, and ``awsfirelens``. * For more information about using the ``awslogs`` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*. * For more information about using the ``awsfirelens`` log driver, see [Send Amazon ECS logs to an service or Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html). * If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software. */ logDriver?: pulumi.Input; /** * The configuration options to send to the log driver. * The options you can specify depend on the log driver. Some of the options you can specify when you use the ``awslogs`` log driver to route logs to Amazon CloudWatch include the following: * + awslogs-create-group Required: No Specify whether you want the log group to be created automatically. If this option isn't specified, it defaults to false. Your IAM policy must include the logs:CreateLogGroup permission before you attempt to use awslogs-create-group. + awslogs-region Required: Yes Specify the Region that the awslogs log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option. + awslogs-group Required: Yes Make sure to specify a log group that the awslogs log driver sends its log streams to. + awslogs-stream-prefix Required: Yes, when using Fargate.Optional when using EC2. Use the awslogs-stream-prefix option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format prefix-name/container-name/ecs-task-id. If you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option. For Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to. You must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console. + awslogs-datetime-format Required: No This option defines a multiline start pattern in Python strftime format. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. One example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry. For more information, see awslogs-datetime-format. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. + awslogs-multiline-pattern Required: No This option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. For more information, see awslogs-multiline-pattern. This option is ignored if awslogs-datetime-format is also configured. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. * The following options apply to all supported log drivers. * + mode Required: No Valid values: non-blocking | blocking This option defines the delivery mode of log messages from the container to the log driver specified using logDriver. The delivery mode you choose affects application availability when the flow of logs from container is interrupted. If you use the blocking mode and the flow of logs is interrupted, calls from container code to write to the stdout and stderr streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure. If you use the non-blocking mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the max-buffer-size option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see Preventing log loss with non-blocking mode in the awslogs container log driver. You can set a default mode for all containers in a specific Region by using the defaultLogDriverMode account setting. If you don't specify the mode option or configure the account setting, Amazon ECS will default to the non-blocking mode. For more information about the account setting, see Default log driver mode in the Amazon Elastic Container Service Developer Guide. On June 25, 2025, Amazon ECS changed the default log driver mode from blocking to non-blocking to prioritize task availability over logging. To continue using the blocking mode after this change, do one of the following: Set the mode option in your container definition's logConfiguration as blocking. Set the defaultLogDriverMode account setting to blocking. + max-buffer-size Required: No Default value: 10m When non-blocking mode is used, the max-buffer-size log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost. * To route logs using the ``splunk`` log router, you need to specify a ``splunk-token`` and a ``splunk-url``. * When you use the ``awsfirelens`` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the ``log-driver-buffer-limit`` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker. * Other options you can specify when using ``awsfirelens`` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with ``region`` and a name for the log stream with ``delivery_stream``. * When you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with ``region`` and a data stream name with ``stream``. * When you export logs to Amazon OpenSearch Service, you can specify options like ``Name``, ``Host`` (OpenSearch Service endpoint without protocol), ``Port``, ``Index``, ``Type``, ``Aws_auth``, ``Aws_region``, ``Suppress_Type_Name``, and ``tls``. For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/). * When you export logs to Amazon S3, you can specify the bucket using the ``bucket`` option. You can also specify ``region``, ``total_file_size``, ``upload_timeout``, and ``use_put_object`` as options. * This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ secretOptions?: pulumi.Input[]>; } /** * The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. For information about the supported launch types and operating systems, see [Supported operating systems and launch types](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-volumes.html#ebs-volumes-configuration) in the*Amazon Elastic Container Service Developer Guide*. * Many of these parameters map 1:1 with the Amazon EBS ``CreateVolume`` API request parameters. */ interface ServiceManagedEbsVolumeConfigurationArgs { /** * Indicates whether the volume should be encrypted. If you turn on Region-level Amazon EBS encryption by default but set this value as ``false``, the setting is overridden and the volume is encrypted with the KMS key specified for Amazon EBS encryption by default. This parameter maps 1:1 with the ``Encrypted`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. */ encrypted?: pulumi.Input; /** * The filesystem type for the volume. For volumes created from a snapshot, you must specify the same filesystem type that the volume was using when the snapshot was created. If there is a filesystem type mismatch, the tasks will fail to start. * The available Linux filesystem types are ``ext3``, ``ext4``, and ``xfs``. If no value is specified, the ``xfs`` filesystem type is used by default. * The available Windows filesystem types are ``NTFS``. */ filesystemType?: pulumi.Input; /** * The number of I/O operations per second (IOPS). For ``gp3``, ``io1``, and ``io2`` volumes, this represents the number of IOPS that are provisioned for the volume. For ``gp2`` volumes, this represents the baseline performance of the volume and the rate at which the volume accumulates I/O credits for bursting. * The following are the supported values for each volume type. * + ``gp3``: 3,000 - 16,000 IOPS * + ``io1``: 100 - 64,000 IOPS * + ``io2``: 100 - 256,000 IOPS * * This parameter is required for ``io1`` and ``io2`` volume types. The default for ``gp3`` volumes is ``3,000 IOPS``. This parameter is not supported for ``st1``, ``sc1``, or ``standard`` volume types. * This parameter maps 1:1 with the ``Iops`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. */ iops?: pulumi.Input; /** * The Amazon Resource Name (ARN) identifier of the AWS Key Management Service key to use for Amazon EBS encryption. When a key is specified using this parameter, it overrides Amazon EBS default encryption or any KMS key that you specified for cluster-level managed storage encryption. This parameter maps 1:1 with the ``KmsKeyId`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. For more information about encrypting Amazon EBS volumes attached to tasks, see [Encrypt data stored in Amazon EBS volumes attached to Amazon ECS tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ebs-kms-encryption.html). * AWS authenticates the AWS Key Management Service key asynchronously. Therefore, if you specify an ID, alias, or ARN that is invalid, the action can appear to complete, but eventually fails. */ kmsKeyId?: pulumi.Input; /** * The ARN of the IAM role to associate with this volume. This is the Amazon ECS infrastructure IAM role that is used to manage your AWS infrastructure. We recommend using the Amazon ECS-managed ``AmazonECSInfrastructureRolePolicyForVolumes`` IAM policy with this role. For more information, see [Amazon ECS infrastructure IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/infrastructure_IAM_role.html) in the *Amazon ECS Developer Guide*. */ roleArn: pulumi.Input; /** * The size of the volume in GiB. You must specify either a volume size or a snapshot ID. If you specify a snapshot ID, the snapshot size is used for the volume size by default. You can optionally specify a volume size greater than or equal to the snapshot size. This parameter maps 1:1 with the ``Size`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. * The following are the supported volume size values for each volume type. * + ``gp2`` and ``gp3``: 1-16,384 * + ``io1`` and ``io2``: 4-16,384 * + ``st1`` and ``sc1``: 125-16,384 * + ``standard``: 1-1,024 */ sizeInGiB?: pulumi.Input; /** * The snapshot that Amazon ECS uses to create volumes for attachment to tasks maintained by the service. You must specify either ``snapshotId`` or ``sizeInGiB`` in your volume configuration. This parameter maps 1:1 with the ``SnapshotId`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. */ snapshotId?: pulumi.Input; /** * The tags to apply to the volume. Amazon ECS applies service-managed tags by default. This parameter maps 1:1 with the ``TagSpecifications.N`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. */ tagSpecifications?: pulumi.Input[]>; /** * The throughput to provision for a volume, in MiB/s, with a maximum of 1,000 MiB/s. This parameter maps 1:1 with the ``Throughput`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. * This parameter is only supported for the ``gp3`` volume type. */ throughput?: pulumi.Input; /** * The rate, in MiB/s, at which data is fetched from a snapshot of an existing EBS volume to create new volumes for attachment to the tasks maintained by the service. This property can be specified only if you specify a ``snapshotId``. For more information, see [Initialize Amazon EBS volumes](https://docs.aws.amazon.com/ebs/latest/userguide/initalize-volume.html) in the *Amazon EBS User Guide*. */ volumeInitializationRate?: pulumi.Input; /** * The volume type. This parameter maps 1:1 with the ``VolumeType`` parameter of the [CreateVolume API](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_CreateVolume.html) in the *Amazon EC2 API Reference*. For more information, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ebs-volume-types.html) in the *Amazon EC2 User Guide*. * The following are the supported volume types. * + General Purpose SSD: ``gp2``|``gp3`` * + Provisioned IOPS SSD: ``io1``|``io2`` * + Throughput Optimized HDD: ``st1`` * + Cold HDD: ``sc1`` * + Magnetic: ``standard`` * The magnetic volume type is not supported on Fargate. */ volumeType?: pulumi.Input; } /** * The network configuration for a task or service. */ interface ServiceNetworkConfigurationArgs { /** * The VPC subnets and security groups that are associated with a task. * All specified subnets and security groups must be from the same VPC. */ awsvpcConfiguration?: pulumi.Input; } /** * An object representing a constraint on task placement. For more information, see [Task placement constraints](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the *Amazon Elastic Container Service Developer Guide*. * If you're using the Fargate launch type, task placement constraints aren't supported. */ interface ServicePlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. The expression can have a maximum length of 2000 characters. You can't specify an expression if the constraint type is ``distinctInstance``. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide*. */ expression?: pulumi.Input; /** * The type of constraint. Use ``distinctInstance`` to ensure that each task in a particular group is running on a different container instance. Use ``memberOf`` to restrict the selection to a group of valid candidates. */ type: pulumi.Input; } /** * The task placement strategy for a task or service. For more information, see [Task placement strategies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-strategies.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServicePlacementStrategyArgs { /** * The field to apply the placement strategy against. For the ``spread`` placement strategy, valid values are ``instanceId`` (or ``host``, which has the same effect), or any platform or custom attribute that's applied to a container instance, such as ``attribute:ecs.availability-zone``. For the ``binpack`` placement strategy, valid values are ``cpu`` and ``memory``. For the ``random`` placement strategy, this field is not used. */ field?: pulumi.Input; /** * The type of placement strategy. The ``random`` placement strategy randomly places tasks on available candidates. The ``spread`` placement strategy spreads placement across available candidates evenly based on the ``field`` parameter. The ``binpack`` strategy places tasks on available candidates that have the least available amount of the resource that's specified with the ``field`` parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory but still enough to run the task. */ type: pulumi.Input; } /** * The details for the service registry. * Each service may be associated with one service registry. Multiple service registries for each service are not supported. * When you add, update, or remove the service registries configuration, Amazon ECS starts a new deployment. New tasks are registered and deregistered to the updated service registry configuration. */ interface ServiceRegistryArgs { /** * The container name value to be used for your service discovery service. It's already specified in the task definition. If the task definition that your service task specifies uses the ``bridge`` or ``host`` network mode, you must specify a ``containerName`` and ``containerPort`` combination from the task definition. If the task definition that your service task specifies uses the ``awsvpc`` network mode and a type SRV DNS record is used, you must specify either a ``containerName`` and ``containerPort`` combination or a ``port`` value. However, you can't specify both. */ containerName?: pulumi.Input; /** * The port value to be used for your service discovery service. It's already specified in the task definition. If the task definition your service task specifies uses the ``bridge`` or ``host`` network mode, you must specify a ``containerName`` and ``containerPort`` combination from the task definition. If the task definition your service task specifies uses the ``awsvpc`` network mode and a type SRV DNS record is used, you must specify either a ``containerName`` and ``containerPort`` combination or a ``port`` value. However, you can't specify both. */ containerPort?: pulumi.Input; /** * The port value used if your service discovery service specified an SRV record. This field might be used if both the ``awsvpc`` network mode and SRV records are used. */ port?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is CMAP. For more information, see [CreateService](https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html). */ registryArn?: pulumi.Input; } /** * An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways: * + To inject sensitive data into your containers as environment variables, use the ``secrets`` container definition parameter. * + To reference sensitive information in the log configuration of a container, use the ``secretOptions`` container definition parameter. * * For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface ServiceSecretArgs { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store. * For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*. * If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. */ valueFrom: pulumi.Input; } /** * The metadata that you apply to a resource to help you categorize and organize them. Each tag consists of a key and an optional value. You define them. * The following basic restrictions apply to tags: * + Maximum number of tags per resource - 50 * + For each resource, each tag key must be unique, and each tag key can have only one value. * + Maximum key length - 128 Unicode characters in UTF-8 * + Maximum value length - 256 Unicode characters in UTF-8 * + If your tagging schema is used across multiple services and resources, remember that other services may have restrictions on allowed characters. Generally allowed characters are: letters, numbers, and spaces representable in UTF-8, and the following characters: + - = . _ : / @. * + Tag keys and values are case-sensitive. * + Do not use ``aws:``, ``AWS:``, or any upper or lowercase combination of such as a prefix for either keys or values as it is reserved for AWS use. You cannot edit or delete tag keys or values with this prefix. Tags with this prefix do not count against your tags per resource limit. * * In order to tag a service that has the following ARN format, you need to migrate the service to the long ARN. You must use the API, CLI or console to migrate the service ARN. For more information, see [Migrate an short service ARN to a long ARN](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-arn-migration.html) in the *Developer Guide*. * ``arn:aws:ecs:region:aws_account_id:service/service-name`` * After the migration is complete, the following are true: * + The service ARN is: ``arn:aws:ecs:region:aws_account_id:service/cluster-name/service-name`` * + You can use CFN to tag the service as you would a service with a long ARN format. * + When the ``PhysicalResourceId`` in the CFN stack represents a service, the value does not change and will be the short service ARN. */ interface ServiceTagArgs { /** * One part of a key-value pair that make up a tag. A ``key`` is a general label that acts like a category for more specific tag values. */ key?: pulumi.Input; /** * The optional part of a key-value pair that make up a tag. A ``value`` acts as a descriptor within a tag category (key). */ value?: pulumi.Input; } /** * An object that represents the timeout configurations for Service Connect. * If ``idleTimeout`` is set to a time that is less than ``perRequestTimeout``, the connection will close when the ``idleTimeout`` is reached and not the ``perRequestTimeout``. */ interface ServiceTimeoutConfigurationArgs { /** * The amount of time in seconds a connection will stay active while idle. A value of ``0`` can be set to disable ``idleTimeout``. * The ``idleTimeout`` default for ``HTTP``/``HTTP2``/``GRPC`` is 5 minutes. * The ``idleTimeout`` default for ``TCP`` is 1 hour. */ idleTimeoutSeconds?: pulumi.Input; /** * The amount of time waiting for the upstream to respond with a complete response per request. A value of ``0`` can be set to disable ``perRequestTimeout``. ``perRequestTimeout`` can only be set if Service Connect ``appProtocol`` isn't ``TCP``. Only ``idleTimeout`` is allowed for ``TCP````appProtocol``. */ perRequestTimeoutSeconds?: pulumi.Input; } /** * The configuration for a volume specified in the task definition as a volume that is configured at launch time. Currently, the only supported volume type is an Amazon EBS volume. */ interface ServiceVolumeConfigurationArgs { /** * The configuration for the Amazon EBS volume that Amazon ECS creates and manages on your behalf. These settings are used to create each Amazon EBS volume, with one volume created for each task in the service. The Amazon EBS volumes are visible in your account in the Amazon EC2 console once they are created. */ managedEbsVolume?: pulumi.Input; /** * The name of the volume. This value must match the volume name from the ``Volume`` object in the task definition. */ name: pulumi.Input; } /** * The VPC Lattice configuration for your service that holds the information for the target group(s) Amazon ECS tasks will be registered to. */ interface ServiceVpcLatticeConfigurationArgs { /** * The name of the port mapping to register in the VPC Lattice target group. This is the name of the ``portMapping`` you defined in your task definition. */ portName: pulumi.Input; /** * The ARN of the IAM role to associate with this VPC Lattice configuration. This is the Amazon ECS infrastructure IAM role that is used to manage your VPC Lattice infrastructure. */ roleArn: pulumi.Input; /** * The full Amazon Resource Name (ARN) of the target group or groups associated with the VPC Lattice configuration that the Amazon ECS tasks will be registered to. */ targetGroupArn: pulumi.Input; } /** * The authorization configuration details for the Amazon EFS file system. */ interface TaskDefinitionAuthorizationConfigArgs { /** * The Amazon EFS access point ID to use. If an access point is specified, the root directory value specified in the ``EFSVolumeConfiguration`` must either be omitted or set to ``/`` which will enforce the path set on the EFS access point. If an access point is used, transit encryption must be on in the ``EFSVolumeConfiguration``. For more information, see [Working with Amazon EFS access points](https://docs.aws.amazon.com/efs/latest/ug/efs-access-points.html) in the *Amazon Elastic File System User Guide*. */ accessPointId?: pulumi.Input; /** * Determines whether to use the Amazon ECS task role defined in a task definition when mounting the Amazon EFS file system. If it is turned on, transit encryption must be turned on in the ``EFSVolumeConfiguration``. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Using Amazon EFS access points](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html#efs-volume-accesspoints) in the *Amazon Elastic Container Service Developer Guide*. */ iam?: pulumi.Input; } /** * The ``ContainerDefinition`` property specifies a container definition. Container definitions are used in task definitions to describe the different containers that are launched as part of a task. */ interface TaskDefinitionContainerDefinitionArgs { /** * The command that's passed to the container. This parameter maps to ``Cmd`` in the docker container create command and the ``COMMAND`` parameter to docker run. If there are multiple arguments, each argument is a separated string in the array. */ command?: pulumi.Input[]>; /** * The number of ``cpu`` units reserved for the container. This parameter maps to ``CpuShares`` in the docker container create command and the ``--cpu-shares`` option to docker run. * This field is optional for tasks using the Fargate launch type, and the only requirement is that the total amount of CPU reserved for all containers within a task be lower than the task-level ``cpu`` value. * You can determine the number of CPU units that are available per EC2 instance type by multiplying the vCPUs listed for that instance type on the [Amazon EC2 Instances](https://docs.aws.amazon.com/ec2/instance-types/) detail page by 1,024. * Linux containers share unallocated CPU units with other containers on the container instance with the same ratio as their allocated amount. For example, if you run a single-container task on a single-core instance type with 512 CPU units specified for that container, and that's the only task running on the container instance, that container could use the full 1,024 CPU unit share at any given time. However, if you launched another copy of the same task on that container instance, each task is guaranteed a minimum of 512 CPU units when needed. Moreover, each container could float to higher CPU usage if the other container was not using it. If both tasks were 100% active all of the time, they would be limited to 512 CPU units. * On Linux container instances, the Docker daemon on the container instance uses the CPU value to calculate the relative CPU share ratios for running containers. The minimum valid CPU share value that the Linux kernel allows is 2, and the maximum valid CPU share value that the Linux kernel allows is 262144. However, the CPU parameter isn't required, and you can use CPU values below 2 or above 262144 in your container definitions. For CPU values below 2 (including null) or above 262144, the behavior varies based on your Amazon ECS container agent version: * + *Agent versions less than or equal to 1.1.0:* Null and zero CPU values are passed to Docker as 0, which Docker then converts to 1,024 CPU shares. CPU values of 1 are passed to Docker as 1, which the Linux kernel converts to two CPU shares. * + *Agent versions greater than or equal to 1.2.0:* Null, zero, and CPU values of 1 are passed to Docker as 2. * + *Agent versions greater than or equal to 1.84.0:* CPU values greater than 256 vCPU are passed to Docker as 256, which is equivalent to 262144 CPU shares. * * On Windows container instances, the CPU limit is enforced as an absolute limit, or a quota. Windows containers only have access to the specified amount of CPU that's described in the task definition. A null or zero CPU value is passed to Docker as ``0``, which Windows interprets as 1% of one CPU. */ cpu?: pulumi.Input; /** * A list of ARNs in SSM or Amazon S3 to a credential spec (``CredSpec``) file that configures the container for Active Directory authentication. We recommend that you use this parameter instead of the ``dockerSecurityOptions``. The maximum number of ARNs is 1. * There are two formats for each ARN. * + credentialspecdomainless:MyARN You use credentialspecdomainless:MyARN to provide a CredSpec with an additional section for a secret in . You provide the login credentials to the domain in the secret. Each task that runs on any container instance can join different domains. You can use this format without joining the container instance to a domain. + credentialspec:MyARN You use credentialspec:MyARN to provide a CredSpec for a single domain. You must join the container instance to the domain before you start any tasks that use this task definition. * In both formats, replace ``MyARN`` with the ARN in SSM or Amazon S3. * If you provide a ``credentialspecdomainless:MyARN``, the ``credspec`` must provide a ARN in ASMlong for a secret containing the username, password, and the domain to connect to. For better security, the instance isn't joined to the domain for domainless authentication. Other applications on the instance can't use the domainless credentials. You can use this parameter to run tasks on the same instance, even it the tasks need to join different domains. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html). */ credentialSpecs?: pulumi.Input[]>; /** * The dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. * For tasks using the EC2 launch type, the container instances require at least version 1.26.0 of the container agent to turn on container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. * For tasks using the Fargate launch type, the task or service requires the following platforms: * + Linux platform version ``1.3.0`` or later. * + Windows platform version ``1.0.0`` or later. * * If the task definition is used in a blue/green deployment that uses [AWS::CodeDeploy::DeploymentGroup BlueGreenDeploymentConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-codedeploy-deploymentgroup-bluegreendeploymentconfiguration.html), the ``dependsOn`` parameter is not supported. */ dependsOn?: pulumi.Input[]>; /** * When this parameter is true, networking is off within the container. This parameter maps to ``NetworkDisabled`` in the docker container create command. * This parameter is not supported for Windows containers. */ disableNetworking?: pulumi.Input; /** * A list of DNS search domains that are presented to the container. This parameter maps to ``DnsSearch`` in the docker container create command and the ``--dns-search`` option to docker run. * This parameter is not supported for Windows containers. */ dnsSearchDomains?: pulumi.Input[]>; /** * A list of DNS servers that are presented to the container. This parameter maps to ``Dns`` in the docker container create command and the ``--dns`` option to docker run. * This parameter is not supported for Windows containers. */ dnsServers?: pulumi.Input[]>; /** * A key/value map of labels to add to the container. This parameter maps to ``Labels`` in the docker container create command and the ``--label`` option to docker run. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ dockerLabels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A list of strings to provide custom configuration for multiple security systems. This field isn't valid for containers in tasks using the Fargate launch type. * For Linux tasks on EC2, this parameter can be used to reference custom labels for SELinux and AppArmor multi-level security systems. * For any tasks on EC2, this parameter can be used to reference a credential spec file that configures a container for Active Directory authentication. For more information, see [Using gMSAs for Windows Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/windows-gmsa.html) and [Using gMSAs for Linux Containers](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/linux-gmsa.html) in the *Amazon Elastic Container Service Developer Guide*. * This parameter maps to ``SecurityOpt`` in the docker container create command and the ``--security-opt`` option to docker run. * The Amazon ECS container agent running on a container instance must register with the ``ECS_SELINUX_CAPABLE=true`` or ``ECS_APPARMOR_CAPABLE=true`` environment variables before containers placed on that instance can use these security options. For more information, see [Amazon ECS Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Amazon Elastic Container Service Developer Guide*. * Valid values: "no-new-privileges" | "apparmor:PROFILE" | "label:value" | "credentialspec:CredentialSpecFilePath" */ dockerSecurityOptions?: pulumi.Input[]>; /** * Early versions of the Amazon ECS container agent don't properly handle ``entryPoint`` parameters. If you have problems using ``entryPoint``, update your container agent or enter your commands and arguments as ``command`` array items instead. * The entry point that's passed to the container. This parameter maps to ``Entrypoint`` in the docker container create command and the ``--entrypoint`` option to docker run. */ entryPoint?: pulumi.Input[]>; /** * The environment variables to pass to a container. This parameter maps to ``Env`` in the docker container create command and the ``--env`` option to docker run. * We don't recommend that you use plaintext environment variables for sensitive information, such as credential data. */ environment?: pulumi.Input[]>; /** * A list of files containing the environment variables to pass to a container. This parameter maps to the ``--env-file`` option to docker run. * You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file contains an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. * If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Specifying Environment Variables](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/taskdef-envfiles.html) in the *Amazon Elastic Container Service Developer Guide*. */ environmentFiles?: pulumi.Input[]>; /** * If the ``essential`` parameter of a container is marked as ``true``, and that container fails or stops for any reason, all other containers that are part of the task are stopped. If the ``essential`` parameter of a container is marked as ``false``, its failure doesn't affect the rest of the containers in a task. If this parameter is omitted, a container is assumed to be essential. * All tasks must have at least one essential container. If you have an application that's composed of multiple containers, group containers that are used for a common purpose into components, and separate the different components into multiple task definitions. For more information, see [Application Architecture](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/application_architecture.html) in the *Amazon Elastic Container Service Developer Guide*. */ essential?: pulumi.Input; /** * A list of hostnames and IP address mappings to append to the ``/etc/hosts`` file on the container. This parameter maps to ``ExtraHosts`` in the docker container create command and the ``--add-host`` option to docker run. * This parameter isn't supported for Windows containers or tasks that use the ``awsvpc`` network mode. */ extraHosts?: pulumi.Input[]>; /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom Log Routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. */ firelensConfiguration?: pulumi.Input; /** * The container health check command and associated configuration parameters for the container. This parameter maps to ``HealthCheck`` in the docker container create command and the ``HEALTHCHECK`` parameter of docker run. */ healthCheck?: pulumi.Input; /** * The hostname to use for your container. This parameter maps to ``Hostname`` in the docker container create command and the ``--hostname`` option to docker run. * The ``hostname`` parameter is not supported if you're using the ``awsvpc`` network mode. */ hostname?: pulumi.Input; /** * The image used to start a container. This string is passed directly to the Docker daemon. By default, images in the Docker Hub registry are available. Other repositories are specified with either ``repository-url/image:tag`` or ``repository-url/image@digest``. For images using tags (repository-url/image:tag), up to 255 characters total are allowed, including letters (uppercase and lowercase), numbers, hyphens, underscores, colons, periods, forward slashes, and number signs (#). For images using digests (repository-url/image@digest), the 255 character limit applies only to the repository URL and image name (everything before the @ sign). The only supported hash function is sha256, and the hash value after sha256: must be exactly 64 characters (only letters A-F, a-f, and numbers 0-9 are allowed). This parameter maps to ``Image`` in the docker container create command and the ``IMAGE`` parameter of docker run. * + When a new task starts, the Amazon ECS container agent pulls the latest version of the specified image and tag for the container to use. However, subsequent updates to a repository image aren't propagated to already running tasks. * + Images in Amazon ECR repositories can be specified by either using the full ``registry/repository:tag`` or ``registry/repository@digest``. For example, ``012345678910.dkr.ecr..amazonaws.com/:latest`` or ``012345678910.dkr.ecr..amazonaws.com/@sha256:94afd1f2e64d908bc90dbca0035a5b567EXAMPLE``. * + Images in official repositories on Docker Hub use a single name (for example, ``ubuntu`` or ``mongo``). * + Images in other repositories on Docker Hub are qualified with an organization name (for example, ``amazon/amazon-ecs-agent``). * + Images in other online repositories are qualified further by a domain name (for example, ``quay.io/assemblyline/ubuntu``). */ image: pulumi.Input; /** * When this parameter is ``true``, you can deploy containerized applications that require ``stdin`` or a ``tty`` to be allocated. This parameter maps to ``OpenStdin`` in the docker container create command and the ``--interactive`` option to docker run. */ interactive?: pulumi.Input; /** * The ``links`` parameter allows containers to communicate with each other without the need for port mappings. This parameter is only supported if the network mode of a task definition is ``bridge``. The ``name:internalName`` construct is analogous to ``name:alias`` in Docker links. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed.. This parameter maps to ``Links`` in the docker container create command and the ``--link`` option to docker run. * This parameter is not supported for Windows containers. * Containers that are collocated on a single container instance may be able to communicate with each other without requiring links or host port mappings. Network isolation is achieved on the container instance using security groups and VPC settings. */ links?: pulumi.Input[]>; /** * Linux-specific modifications that are applied to the container, such as Linux kernel capabilities. For more information see [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html). * This parameter is not supported for Windows containers. */ linuxParameters?: pulumi.Input; /** * The log configuration specification for the container. * This parameter maps to ``LogConfig`` in the docker Create a container command and the ``--log-driver`` option to docker run. By default, containers use the same logging driver that the Docker daemon uses. However, the container may use a different logging driver than the Docker daemon by specifying a log driver with this parameter in the container definition. To use a different logging driver for a container, the log system must be configured properly on the container instance (or on a different log server for remote logging options). For more information on the options for different supported log drivers, see [Configure logging drivers](https://docs.aws.amazon.com/https://docs.docker.com/engine/admin/logging/overview/) in the Docker documentation. * Amazon ECS currently supports a subset of the logging drivers available to the Docker daemon (shown in the [LogConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_LogConfiguration.html) data type). Additional log drivers may be available in future releases of the Amazon ECS container agent. * This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` * The Amazon ECS container agent running on a container instance must register the logging drivers available on that instance with the ``ECS_AVAILABLE_LOGGING_DRIVERS`` environment variable before containers placed on that instance can use these log configuration options. For more information, see [Container Agent Configuration](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-config.html) in the *Developer Guide*. */ logConfiguration?: pulumi.Input; /** * The amount (in MiB) of memory to present to the container. If your container attempts to exceed the memory specified here, the container is killed. The total amount of memory reserved for all containers within a task must be lower than the task ``memory`` value, if one is specified. This parameter maps to ``Memory`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--memory`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/#security-configuration). * If using the Fargate launch type, this parameter is optional. * If using the EC2 launch type, you must specify either a task-level memory value or a container-level memory value. If you specify both a container-level ``memory`` and ``memoryReservation`` value, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used. * The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container, so you should not specify fewer than 6 MiB of memory for your containers. * The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container, so you should not specify fewer than 4 MiB of memory for your containers. */ memory?: pulumi.Input; /** * The soft limit (in MiB) of memory to reserve for the container. When system memory is under heavy contention, Docker attempts to keep the container memory to this soft limit. However, your container can consume more memory when it needs to, up to either the hard limit specified with the ``memory`` parameter (if applicable), or all of the available memory on the container instance, whichever comes first. This parameter maps to ``MemoryReservation`` in the docker container create command and the ``--memory-reservation`` option to docker run. * If a task-level memory value is not specified, you must specify a non-zero integer for one or both of ``memory`` or ``memoryReservation`` in a container definition. If you specify both, ``memory`` must be greater than ``memoryReservation``. If you specify ``memoryReservation``, then that value is subtracted from the available memory resources for the container instance where the container is placed. Otherwise, the value of ``memory`` is used. * For example, if your container normally uses 128 MiB of memory, but occasionally bursts to 256 MiB of memory for short periods of time, you can set a ``memoryReservation`` of 128 MiB, and a ``memory`` hard limit of 300 MiB. This configuration would allow the container to only reserve 128 MiB of memory from the remaining resources on the container instance, but also allow the container to consume more memory resources when needed. * The Docker 20.10.0 or later daemon reserves a minimum of 6 MiB of memory for a container. So, don't specify less than 6 MiB of memory for your containers. * The Docker 19.03.13-ce or earlier daemon reserves a minimum of 4 MiB of memory for a container. So, don't specify less than 4 MiB of memory for your containers. */ memoryReservation?: pulumi.Input; /** * The mount points for data volumes in your container. * This parameter maps to ``Volumes`` in the docker container create command and the ``--volume`` option to docker run. * Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. */ mountPoints?: pulumi.Input[]>; /** * The name of a container. If you're linking multiple containers together in a task definition, the ``name`` of one container can be entered in the ``links`` of another container to connect the containers. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. This parameter maps to ``name`` in the docker container create command and the ``--name`` option to docker run. */ name: pulumi.Input; /** * The list of port mappings for the container. Port mappings allow containers to access ports on the host container instance to send or receive traffic. * For task definitions that use the ``awsvpc`` network mode, you should only specify the ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``. * Port mappings on Windows use the ``NetNAT`` gateway address rather than ``localhost``. There is no loopback for port mappings on Windows, so you cannot access a container's mapped port from the host itself. * This parameter maps to ``PortBindings`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--publish`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). If the network mode of a task definition is set to ``none``, then you can't specify port mappings. If the network mode of a task definition is set to ``host``, then host ports must either be undefined or they must match the container port in the port mapping. * After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the *Network Bindings* section of a container description for a selected task in the Amazon ECS console. The assignments are also visible in the ``networkBindings`` section [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) responses. */ portMappings?: pulumi.Input[]>; /** * When this parameter is true, the container is given elevated privileges on the host container instance (similar to the ``root`` user). This parameter maps to ``Privileged`` in the docker container create command and the ``--privileged`` option to docker run * This parameter is not supported for Windows containers or tasks run on FARGATElong. */ privileged?: pulumi.Input; /** * When this parameter is ``true``, a TTY is allocated. This parameter maps to ``Tty`` in the docker container create command and the ``--tty`` option to docker run. */ pseudoTerminal?: pulumi.Input; /** * When this parameter is true, the container is given read-only access to its root file system. This parameter maps to ``ReadonlyRootfs`` in the docker container create command and the ``--read-only`` option to docker run. * This parameter is not supported for Windows containers. */ readonlyRootFilesystem?: pulumi.Input; /** * The private repository authentication credentials to use. */ repositoryCredentials?: pulumi.Input; /** * The type and amount of a resource to assign to a container. The only supported resource is a GPU. */ resourceRequirements?: pulumi.Input[]>; /** * The restart policy for a container. When you set up a restart policy, Amazon ECS can restart the container without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide*. */ restartPolicy?: pulumi.Input; /** * The secrets to pass to the container. For more information, see [Specifying Sensitive Data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ secrets?: pulumi.Input[]>; /** * Time duration (in seconds) to wait before giving up on resolving dependencies for a container. For example, you specify two containers in a task definition with containerA having a dependency on containerB reaching a ``COMPLETE``, ``SUCCESS``, or ``HEALTHY`` status. If a ``startTimeout`` value is specified for containerB and it doesn't reach the desired status within that time then containerA gives up and not start. This results in the task transitioning to a ``STOPPED`` state. * When the ``ECS_CONTAINER_START_TIMEOUT`` container agent configuration variable is used, it's enforced independently from this start timeout value. * For tasks using the Fargate launch type, the task or service requires the following platforms: * + Linux platform version ``1.3.0`` or later. * + Windows platform version ``1.0.0`` or later. * * For tasks using the EC2 launch type, your container instances require at least version ``1.26.0`` of the container agent to use a container start timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version ``1.26.0-1`` of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. * The valid values for Fargate are 2-120 seconds. */ startTimeout?: pulumi.Input; /** * Time duration (in seconds) to wait before the container is forcefully killed if it doesn't exit normally on its own. * For tasks using the Fargate launch type, the task or service requires the following platforms: * + Linux platform version ``1.3.0`` or later. * + Windows platform version ``1.0.0`` or later. * * For tasks that use the Fargate launch type, the max stop timeout value is 120 seconds and if the parameter is not specified, the default value of 30 seconds is used. * For tasks that use the EC2 launch type, if the ``stopTimeout`` parameter isn't specified, the value set for the Amazon ECS container agent configuration variable ``ECS_CONTAINER_STOP_TIMEOUT`` is used. If neither the ``stopTimeout`` parameter or the ``ECS_CONTAINER_STOP_TIMEOUT`` agent configuration variable are set, then the default values of 30 seconds for Linux containers and 30 seconds on Windows containers are used. Your container instances require at least version 1.26.0 of the container agent to use a container stop timeout value. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you're using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. * The valid values for Fargate are 2-120 seconds. */ stopTimeout?: pulumi.Input; /** * A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the docker container create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. */ systemControls?: pulumi.Input[]>; /** * A list of ``ulimits`` to set in the container. This parameter maps to ``Ulimits`` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/#operation/ContainerCreate) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.35/) and the ``--ulimit`` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/). Valid naming values are displayed in the [Ulimit](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_Ulimit.html) data type. This parameter requires version 1.18 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` * This parameter is not supported for Windows containers. */ ulimits?: pulumi.Input[]>; /** * The user to use inside the container. This parameter maps to ``User`` in the docker container create command and the ``--user`` option to docker run. * When running tasks using the ``host`` network mode, don't run containers using the root user (UID 0). We recommend using a non-root user for better security. * You can specify the ``user`` using the following formats. If specifying a UID or GID, you must specify it as a positive integer. * + ``user`` * + ``user:group`` * + ``uid`` * + ``uid:gid`` * + ``user:gid`` * + ``uid:group`` * * This parameter is not supported for Windows containers. */ user?: pulumi.Input; /** * Specifies whether Amazon ECS will resolve the container image tag provided in the container definition to an image digest. By default, the value is ``enabled``. If you set the value for a container as ``disabled``, Amazon ECS will not resolve the provided container image tag to a digest and will use the original image URI specified in the container definition for deployment. For more information about container image resolution, see [Container image resolution](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-ecs.html#deployment-container-image-stability) in the *Amazon ECS Developer Guide*. */ versionConsistency?: pulumi.Input; /** * Data volumes to mount from another container. This parameter maps to ``VolumesFrom`` in the docker container create command and the ``--volumes-from`` option to docker run. */ volumesFrom?: pulumi.Input[]>; /** * The working directory to run commands inside the container in. This parameter maps to ``WorkingDir`` in the docker container create command and the ``--workdir`` option to docker run. */ workingDirectory?: pulumi.Input; } /** * The ``ContainerDependency`` property specifies the dependencies defined for container startup and shutdown. A container can contain multiple dependencies. When a dependency is defined for container startup, for container shutdown it is reversed. * Your Amazon ECS container instances require at least version 1.26.0 of the container agent to enable container dependencies. However, we recommend using the latest container agent version. For information about checking your agent version and updating to the latest version, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html) in the *Amazon Elastic Container Service Developer Guide*. If you are using an Amazon ECS-optimized Linux AMI, your instance needs at least version 1.26.0-1 of the ``ecs-init`` package. If your container instances are launched from version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) in the *Amazon Elastic Container Service Developer Guide*. * For tasks using the Fargate launch type, this parameter requires that the task or service uses platform version 1.3.0 or later. */ interface TaskDefinitionContainerDependencyArgs { /** * The dependency condition of the container. The following are the available conditions and their behavior: * + ``START`` - This condition emulates the behavior of links and volumes today. It validates that a dependent container is started before permitting other containers to start. * + ``COMPLETE`` - This condition validates that a dependent container runs to completion (exits) before permitting other containers to start. This can be useful for nonessential containers that run a script and then exit. This condition can't be set on an essential container. * + ``SUCCESS`` - This condition is the same as ``COMPLETE``, but it also requires that the container exits with a ``zero`` status. This condition can't be set on an essential container. * + ``HEALTHY`` - This condition validates that the dependent container passes its Docker health check before permitting other containers to start. This requires that the dependent container has health checks configured. This condition is confirmed only at task startup. */ condition?: pulumi.Input; /** * The name of a container. */ containerName?: pulumi.Input; } /** * The ``Device`` property specifies an object representing a container instance host device. */ interface TaskDefinitionDeviceArgs { /** * The path inside the container at which to expose the host device. */ containerPath?: pulumi.Input; /** * The path for the device on the host container instance. */ hostPath?: pulumi.Input; /** * The explicit permissions to provide to the container for the device. By default, the container has permissions for ``read``, ``write``, and ``mknod`` for the device. */ permissions?: pulumi.Input[]>; } /** * The ``DockerVolumeConfiguration`` property specifies a Docker volume configuration and is used when you use Docker volumes. Docker volumes are only supported when you are using the EC2 launch type. Windows containers only support the use of the ``local`` driver. To use bind mounts, specify a ``host`` instead. */ interface TaskDefinitionDockerVolumeConfigurationArgs { /** * If this value is ``true``, the Docker volume is created if it doesn't already exist. * This field is only used if the ``scope`` is ``shared``. */ autoprovision?: pulumi.Input; /** * The Docker volume driver to use. The driver value must match the driver name provided by Docker because it is used for task placement. If the driver was installed using the Docker plugin CLI, use ``docker plugin ls`` to retrieve the driver name from your container instance. If the driver was installed using another method, use Docker plugin discovery to retrieve the driver name. This parameter maps to ``Driver`` in the docker container create command and the ``xxdriver`` option to docker volume create. */ driver?: pulumi.Input; /** * A map of Docker driver-specific options passed through. This parameter maps to ``DriverOpts`` in the docker create-volume command and the ``xxopt`` option to docker volume create. */ driverOpts?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Custom metadata to add to your Docker volume. This parameter maps to ``Labels`` in the docker container create command and the ``xxlabel`` option to docker volume create. */ labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The scope for the Docker volume that determines its lifecycle. Docker volumes that are scoped to a ``task`` are automatically provisioned when the task starts and destroyed when the task stops. Docker volumes that are scoped as ``shared`` persist after the task stops. */ scope?: pulumi.Input; } /** * This parameter is specified when you're using an Amazon Elastic File System file system for task storage. For more information, see [Amazon EFS volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/efs-volumes.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionEfsVolumeConfigurationArgs { /** * The authorization configuration details for the Amazon EFS file system. */ authorizationConfig?: pulumi.Input; /** * The Amazon EFS file system ID to use. */ filesystemId: pulumi.Input; /** * The directory within the Amazon EFS file system to mount as the root directory inside the host. If this parameter is omitted, the root of the Amazon EFS volume will be used. Specifying ``/`` will have the same effect as omitting this parameter. * If an EFS access point is specified in the ``authorizationConfig``, the root directory parameter must either be omitted or set to ``/`` which will enforce the path set on the EFS access point. */ rootDirectory?: pulumi.Input; /** * Determines whether to use encryption for Amazon EFS data in transit between the Amazon ECS host and the Amazon EFS server. Transit encryption must be turned on if Amazon EFS IAM authorization is used. If this parameter is omitted, the default value of ``DISABLED`` is used. For more information, see [Encrypting data in transit](https://docs.aws.amazon.com/efs/latest/ug/encryption-in-transit.html) in the *Amazon Elastic File System User Guide*. */ transitEncryption?: pulumi.Input; /** * The port to use when sending encrypted data between the Amazon ECS host and the Amazon EFS server. If you do not specify a transit encryption port, it will use the port selection strategy that the Amazon EFS mount helper uses. For more information, see [EFS mount helper](https://docs.aws.amazon.com/efs/latest/ug/efs-mount-helper.html) in the *Amazon Elastic File System User Guide*. */ transitEncryptionPort?: pulumi.Input; } /** * A list of files containing the environment variables to pass to a container. You can specify up to ten environment files. The file must have a ``.env`` file extension. Each line in an environment file should contain an environment variable in ``VARIABLE=VALUE`` format. Lines beginning with ``#`` are treated as comments and are ignored. * If there are environment variables specified using the ``environment`` parameter in a container definition, they take precedence over the variables contained within an environment file. If multiple environment files are specified that contain the same variable, they're processed from the top down. We recommend that you use unique variable names. For more information, see [Use a file to pass environment variables to a container](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/use-environment-file.html) in the *Amazon Elastic Container Service Developer Guide*. * Environment variable files are objects in Amazon S3 and all Amazon S3 security considerations apply. * You must use the following platforms for the Fargate launch type: * + Linux platform version ``1.4.0`` or later. * + Windows platform version ``1.0.0`` or later. * * Consider the following when using the Fargate launch type: * + The file is handled like a native Docker env-file. * + There is no support for shell escape handling. * + The container entry point interperts the ``VARIABLE`` values. */ interface TaskDefinitionEnvironmentFileArgs { /** * The file type to use. Environment files are objects in Amazon S3. The only supported value is ``s3``. */ type?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file. */ value?: pulumi.Input; } /** * The amount of ephemeral storage to allocate for the task. This parameter is used to expand the total amount of ephemeral storage available, beyond the default amount, for tasks hosted on FARGATElong. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html) in the *Amazon ECS Developer Guide;*. * For tasks using the Fargate launch type, the task requires the following platforms: * + Linux platform version ``1.4.0`` or later. * + Windows platform version ``1.0.0`` or later. */ interface TaskDefinitionEphemeralStorageArgs { /** * The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is ``21`` GiB and the maximum supported value is ``200`` GiB. */ sizeInGiB?: pulumi.Input; } /** * The authorization configuration details for Amazon FSx for Windows File Server file system. See [FSxWindowsFileServerVolumeConfiguration](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_FSxWindowsFileServerVolumeConfiguration.html) in the *Amazon ECS API Reference*. * For more information and the input format, see [Amazon FSx for Windows File Server Volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionFSxAuthorizationConfigArgs { /** * The authorization credential option to use. The authorization credential options can be provided using either the Amazon Resource Name (ARN) of an ASMlong secret or SSM Parameter Store parameter. The ARN refers to the stored credentials. */ credentialsParameter: pulumi.Input; /** * A fully qualified domain name hosted by an [](https://docs.aws.amazon.com/directoryservice/latest/admin-guide/directory_microsoft_ad.html) Managed Microsoft AD (Active Directory) or self-hosted AD on Amazon EC2. */ domain: pulumi.Input; } /** * This parameter is specified when you're using [Amazon FSx for Windows File Server](https://docs.aws.amazon.com/fsx/latest/WindowsGuide/what-is.html) file system for task storage. * For more information and the input format, see [Amazon FSx for Windows File Server volumes](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/wfsx-volumes.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionFSxWindowsFileServerVolumeConfigurationArgs { /** * The authorization configuration details for the Amazon FSx for Windows File Server file system. */ authorizationConfig?: pulumi.Input; /** * The Amazon FSx for Windows File Server file system ID to use. */ fileSystemId: pulumi.Input; /** * The directory within the Amazon FSx for Windows File Server file system to mount as the root directory inside the host. */ rootDirectory: pulumi.Input; } /** * The FireLens configuration for the container. This is used to specify and configure a log router for container logs. For more information, see [Custom log routing](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionFirelensConfigurationArgs { /** * The options to use when configuring the log router. This field is optional and can be used to add additional metadata, such as the task, task definition, cluster, and container instance details to the log event. * If specified, valid option keys are: * + ``enable-ecs-log-metadata``, which can be ``true`` or ``false`` * + ``config-file-type``, which can be ``s3`` or ``file`` * + ``config-file-value``, which is either an S3 ARN or a file path */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The log router to use. The valid values are ``fluentd`` or ``fluentbit``. */ type?: pulumi.Input; } /** * The ``HealthCheck`` property specifies an object representing a container health check. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image (such as those specified in a parent image or from the image's Dockerfile). This configuration maps to the ``HEALTHCHECK`` parameter of docker run. * The Amazon ECS container agent only monitors and reports on the health checks specified in the task definition. Amazon ECS does not monitor Docker health checks that are embedded in a container image and not specified in the container definition. Health check parameters that are specified in a container definition override any Docker health checks that exist in the container image. * If a task is run manually, and not as part of a service, the task will continue its lifecycle regardless of its health status. For tasks that are part of a service, if the task reports as unhealthy then the task will be stopped and the service scheduler will replace it. * The following are notes about container health check support: * + Container health checks require version 1.17.0 or greater of the Amazon ECS container agent. For more information, see [Updating the Amazon ECS Container Agent](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-agent-update.html). * + Container health checks are supported for Fargate tasks if you are using platform version 1.1.0 or greater. For more information, see [Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html). * + Container health checks are not supported for tasks that are part of a service that is configured to use a Classic Load Balancer. */ interface TaskDefinitionHealthCheckArgs { /** * A string array representing the command that the container runs to determine if it is healthy. The string array must start with ``CMD`` to run the command arguments directly, or ``CMD-SHELL`` to run the command with the container's default shell. * When you use the AWS Management Console JSON panel, the CLIlong, or the APIs, enclose the list of commands in double quotes and brackets. * ``[ "CMD-SHELL", "curl -f http://localhost/ || exit 1" ]`` * You don't include the double quotes and brackets when you use the AWS Management Console. * ``CMD-SHELL, curl -f http://localhost/ || exit 1`` * An exit code of 0 indicates success, and non-zero exit code indicates failure. For more information, see ``HealthCheck`` in the docker container create command. */ command?: pulumi.Input[]>; /** * The time period in seconds between each health check execution. You may specify between 5 and 300 seconds. The default value is 30 seconds. This value applies only when you specify a ``command``. */ interval?: pulumi.Input; /** * The number of times to retry a failed health check before the container is considered unhealthy. You may specify between 1 and 10 retries. The default value is 3. This value applies only when you specify a ``command``. */ retries?: pulumi.Input; /** * The optional grace period to provide containers time to bootstrap before failed health checks count towards the maximum number of retries. You can specify between 0 and 300 seconds. By default, the ``startPeriod`` is off. This value applies only when you specify a ``command``. * If a health check succeeds within the ``startPeriod``, then the container is considered healthy and any subsequent failures count toward the maximum number of retries. */ startPeriod?: pulumi.Input; /** * The time period in seconds to wait for a health check to succeed before it is considered a failure. You may specify between 2 and 60 seconds. The default value is 5. This value applies only when you specify a ``command``. */ timeout?: pulumi.Input; } /** * The ``HostEntry`` property specifies a hostname and an IP address that are added to the ``/etc/hosts`` file of a container through the ``extraHosts`` parameter of its ``ContainerDefinition`` resource. */ interface TaskDefinitionHostEntryArgs { /** * The hostname to use in the ``/etc/hosts`` entry. */ hostname?: pulumi.Input; /** * The IP address to use in the ``/etc/hosts`` entry. */ ipAddress?: pulumi.Input; } /** * The ``HostVolumeProperties`` property specifies details on a container instance bind mount host volume. */ interface TaskDefinitionHostVolumePropertiesArgs { /** * When the ``host`` parameter is used, specify a ``sourcePath`` to declare the path on the host container instance that's presented to the container. If this parameter is empty, then the Docker daemon has assigned a host path for you. If the ``host`` parameter contains a ``sourcePath`` file location, then the data volume persists at the specified location on the host container instance until you delete it manually. If the ``sourcePath`` value doesn't exist on the host container instance, the Docker daemon creates it. If the location does exist, the contents of the source path folder are exported. * If you're using the Fargate launch type, the ``sourcePath`` parameter is not supported. */ sourcePath?: pulumi.Input; } interface TaskDefinitionInferenceAcceleratorArgs { deviceName?: pulumi.Input; deviceType?: pulumi.Input; } /** * The Linux capabilities to add or remove from the default Docker configuration for a container defined in the task definition. For more detailed information about these Linux capabilities, see the [capabilities(7)](https://docs.aws.amazon.com/http://man7.org/linux/man-pages/man7/capabilities.7.html) Linux manual page. * The following describes how Docker processes the Linux capabilities specified in the ``add`` and ``drop`` request parameters. For information about the latest behavior, see [Docker Compose: order of cap_drop and cap_add](https://docs.aws.amazon.com/https://forums.docker.com/t/docker-compose-order-of-cap-drop-and-cap-add/97136/1) in the Docker Community Forum. * + When the container is a privleged container, the container capabilities are all of the default Docker capabilities. The capabilities specified in the ``add`` request parameter, and the ``drop`` request parameter are ignored. * + When the ``add`` request parameter is set to ALL, the container capabilities are all of the default Docker capabilities, excluding those specified in the ``drop`` request parameter. * + When the ``drop`` request parameter is set to ALL, the container capabilities are the capabilities specified in the ``add`` request parameter. * + When the ``add`` request parameter and the ``drop`` request parameter are both empty, the capabilities the container capabilities are all of the default Docker capabilities. * + The default is to first drop the capabilities specified in the ``drop`` request parameter, and then add the capabilities specified in the ``add`` request parameter. */ interface TaskDefinitionKernelCapabilitiesArgs { /** * The Linux capabilities for the container that have been added to the default configuration provided by Docker. This parameter maps to ``CapAdd`` in the docker container create command and the ``--cap-add`` option to docker run. * Tasks launched on FARGATElong only support adding the ``SYS_PTRACE`` kernel capability. * Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"`` */ add?: pulumi.Input[]>; /** * The Linux capabilities for the container that have been removed from the default configuration provided by Docker. This parameter maps to ``CapDrop`` in the docker container create command and the ``--cap-drop`` option to docker run. * Valid values: ``"ALL" | "AUDIT_CONTROL" | "AUDIT_WRITE" | "BLOCK_SUSPEND" | "CHOWN" | "DAC_OVERRIDE" | "DAC_READ_SEARCH" | "FOWNER" | "FSETID" | "IPC_LOCK" | "IPC_OWNER" | "KILL" | "LEASE" | "LINUX_IMMUTABLE" | "MAC_ADMIN" | "MAC_OVERRIDE" | "MKNOD" | "NET_ADMIN" | "NET_BIND_SERVICE" | "NET_BROADCAST" | "NET_RAW" | "SETFCAP" | "SETGID" | "SETPCAP" | "SETUID" | "SYS_ADMIN" | "SYS_BOOT" | "SYS_CHROOT" | "SYS_MODULE" | "SYS_NICE" | "SYS_PACCT" | "SYS_PTRACE" | "SYS_RAWIO" | "SYS_RESOURCE" | "SYS_TIME" | "SYS_TTY_CONFIG" | "SYSLOG" | "WAKE_ALARM"`` */ drop?: pulumi.Input[]>; } /** * A key-value pair object. */ interface TaskDefinitionKeyValuePairArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ name?: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value?: pulumi.Input; } /** * The Linux-specific options that are applied to the container, such as Linux [KernelCapabilities](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_KernelCapabilities.html). */ interface TaskDefinitionLinuxParametersArgs { /** * The Linux capabilities for the container that are added to or dropped from the default configuration provided by Docker. * For tasks that use the Fargate launch type, ``capabilities`` is supported for all platform versions but the ``add`` parameter is only supported if using platform version 1.4.0 or later. */ capabilities?: pulumi.Input; /** * Any host devices to expose to the container. This parameter maps to ``Devices`` in the docker container create command and the ``--device`` option to docker run. * If you're using tasks that use the Fargate launch type, the ``devices`` parameter isn't supported. */ devices?: pulumi.Input[]>; /** * Run an ``init`` process inside the container that forwards signals and reaps processes. This parameter maps to the ``--init`` option to docker run. This parameter requires version 1.25 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ initProcessEnabled?: pulumi.Input; /** * The total amount of swap memory (in MiB) a container can use. This parameter will be translated to the ``--memory-swap`` option to docker run where the value would be the sum of the container memory plus the ``maxSwap`` value. * If a ``maxSwap`` value of ``0`` is specified, the container will not use swap. Accepted values are ``0`` or any positive integer. If the ``maxSwap`` parameter is omitted, the container will use the swap configuration for the container instance it is running on. A ``maxSwap`` value must be set for the ``swappiness`` parameter to be used. * If you're using tasks that use the Fargate launch type, the ``maxSwap`` parameter isn't supported. * If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported. */ maxSwap?: pulumi.Input; /** * The value for the size (in MiB) of the ``/dev/shm`` volume. This parameter maps to the ``--shm-size`` option to docker run. * If you are using tasks that use the Fargate launch type, the ``sharedMemorySize`` parameter is not supported. */ sharedMemorySize?: pulumi.Input; /** * This allows you to tune a container's memory swappiness behavior. A ``swappiness`` value of ``0`` will cause swapping to not happen unless absolutely necessary. A ``swappiness`` value of ``100`` will cause pages to be swapped very aggressively. Accepted values are whole numbers between ``0`` and ``100``. If the ``swappiness`` parameter is not specified, a default value of ``60`` is used. If a value is not specified for ``maxSwap`` then this parameter is ignored. This parameter maps to the ``--memory-swappiness`` option to docker run. * If you're using tasks that use the Fargate launch type, the ``swappiness`` parameter isn't supported. * If you're using tasks on Amazon Linux 2023 the ``swappiness`` parameter isn't supported. */ swappiness?: pulumi.Input; /** * The container path, mount options, and size (in MiB) of the tmpfs mount. This parameter maps to the ``--tmpfs`` option to docker run. * If you're using tasks that use the Fargate launch type, the ``tmpfs`` parameter isn't supported. */ tmpfs?: pulumi.Input[]>; } /** * The ``LogConfiguration`` property specifies log configuration options to send to a custom log driver for the container. */ interface TaskDefinitionLogConfigurationArgs { /** * The log driver to use for the container. * For tasks on FARGATElong, the supported log drivers are ``awslogs``, ``splunk``, and ``awsfirelens``. * For tasks hosted on Amazon EC2 instances, the supported log drivers are ``awslogs``, ``fluentd``, ``gelf``, ``json-file``, ``journald``, ``syslog``, ``splunk``, and ``awsfirelens``. * For more information about using the ``awslogs`` log driver, see [Send Amazon ECS logs to CloudWatch](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_awslogs.html) in the *Amazon Elastic Container Service Developer Guide*. * For more information about using the ``awsfirelens`` log driver, see [Send Amazon ECS logs to an service or Partner](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_firelens.html). * If you have a custom driver that isn't listed, you can fork the Amazon ECS container agent project that's [available on GitHub](https://docs.aws.amazon.com/https://github.com/aws/amazon-ecs-agent) and customize it to work with that driver. We encourage you to submit pull requests for changes that you would like to have included. However, we don't currently provide support for running modified copies of this software. */ logDriver: pulumi.Input; /** * The configuration options to send to the log driver. * The options you can specify depend on the log driver. Some of the options you can specify when you use the ``awslogs`` log driver to route logs to Amazon CloudWatch include the following: * + awslogs-create-group Required: No Specify whether you want the log group to be created automatically. If this option isn't specified, it defaults to false. Your IAM policy must include the logs:CreateLogGroup permission before you attempt to use awslogs-create-group. + awslogs-region Required: Yes Specify the Region that the awslogs log driver is to send your Docker logs to. You can choose to send all of your logs from clusters in different Regions to a single region in CloudWatch Logs. This is so that they're all visible in one location. Otherwise, you can separate them by Region for more granularity. Make sure that the specified log group exists in the Region that you specify with this option. + awslogs-group Required: Yes Make sure to specify a log group that the awslogs log driver sends its log streams to. + awslogs-stream-prefix Required: Yes, when using Fargate.Optional when using EC2. Use the awslogs-stream-prefix option to associate a log stream with the specified prefix, the container name, and the ID of the Amazon ECS task that the container belongs to. If you specify a prefix with this option, then the log stream takes the format prefix-name/container-name/ecs-task-id. If you don't specify a prefix with this option, then the log stream is named after the container ID that's assigned by the Docker daemon on the container instance. Because it's difficult to trace logs back to the container that sent them with just the Docker container ID (which is only available on the container instance), we recommend that you specify a prefix with this option. For Amazon ECS services, you can use the service name as the prefix. Doing so, you can trace log streams to the service that the container belongs to, the name of the container that sent them, and the ID of the task that the container belongs to. You must specify a stream-prefix for your logs to have your logs appear in the Log pane when using the Amazon ECS console. + awslogs-datetime-format Required: No This option defines a multiline start pattern in Python strftime format. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. One example of a use case for using this format is for parsing output such as a stack dump, which might otherwise be logged in multiple entries. The correct pattern allows it to be captured in a single entry. For more information, see awslogs-datetime-format. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. + awslogs-multiline-pattern Required: No This option defines a multiline start pattern that uses a regular expression. A log message consists of a line that matches the pattern and any following lines that don’t match the pattern. The matched line is the delimiter between log messages. For more information, see awslogs-multiline-pattern. This option is ignored if awslogs-datetime-format is also configured. You cannot configure both the awslogs-datetime-format and awslogs-multiline-pattern options. Multiline logging performs regular expression parsing and matching of all log messages. This might have a negative impact on logging performance. * The following options apply to all supported log drivers. * + mode Required: No Valid values: non-blocking | blocking This option defines the delivery mode of log messages from the container to the log driver specified using logDriver. The delivery mode you choose affects application availability when the flow of logs from container is interrupted. If you use the blocking mode and the flow of logs is interrupted, calls from container code to write to the stdout and stderr streams will block. The logging thread of the application will block as a result. This may cause the application to become unresponsive and lead to container healthcheck failure. If you use the non-blocking mode, the container's logs are instead stored in an in-memory intermediate buffer configured with the max-buffer-size option. This prevents the application from becoming unresponsive when logs cannot be sent. We recommend using this mode if you want to ensure service availability and are okay with some log loss. For more information, see Preventing log loss with non-blocking mode in the awslogs container log driver. You can set a default mode for all containers in a specific Region by using the defaultLogDriverMode account setting. If you don't specify the mode option or configure the account setting, Amazon ECS will default to the non-blocking mode. For more information about the account setting, see Default log driver mode in the Amazon Elastic Container Service Developer Guide. On June 25, 2025, Amazon ECS changed the default log driver mode from blocking to non-blocking to prioritize task availability over logging. To continue using the blocking mode after this change, do one of the following: Set the mode option in your container definition's logConfiguration as blocking. Set the defaultLogDriverMode account setting to blocking. + max-buffer-size Required: No Default value: 10m When non-blocking mode is used, the max-buffer-size log option controls the size of the buffer that's used for intermediate message storage. Make sure to specify an adequate buffer size based on your application. When the buffer fills up, further logs cannot be stored. Logs that cannot be stored are lost. * To route logs using the ``splunk`` log router, you need to specify a ``splunk-token`` and a ``splunk-url``. * When you use the ``awsfirelens`` log router to route logs to an AWS Service or AWS Partner Network destination for log storage and analytics, you can set the ``log-driver-buffer-limit`` option to limit the number of events that are buffered in memory, before being sent to the log router container. It can help to resolve potential log loss issue because high throughput might result in memory running out for the buffer inside of Docker. * Other options you can specify when using ``awsfirelens`` to route logs depend on the destination. When you export logs to Amazon Data Firehose, you can specify the AWS Region with ``region`` and a name for the log stream with ``delivery_stream``. * When you export logs to Amazon Kinesis Data Streams, you can specify an AWS Region with ``region`` and a data stream name with ``stream``. * When you export logs to Amazon OpenSearch Service, you can specify options like ``Name``, ``Host`` (OpenSearch Service endpoint without protocol), ``Port``, ``Index``, ``Type``, ``Aws_auth``, ``Aws_region``, ``Suppress_Type_Name``, and ``tls``. For more information, see [Under the hood: FireLens for Amazon ECS Tasks](https://docs.aws.amazon.com/containers/under-the-hood-firelens-for-amazon-ecs-tasks/). * When you export logs to Amazon S3, you can specify the bucket using the ``bucket`` option. You can also specify ``region``, ``total_file_size``, ``upload_timeout``, and ``use_put_object`` as options. * This parameter requires version 1.19 of the Docker Remote API or greater on your container instance. To check the Docker Remote API version on your container instance, log in to your container instance and run the following command: ``sudo docker version --format '{{.Server.APIVersion}}'`` */ options?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The secrets to pass to the log configuration. For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ secretOptions?: pulumi.Input[]>; } /** * The details for a volume mount point that's used in a container definition. */ interface TaskDefinitionMountPointArgs { /** * The path on the container to mount the host volume at. */ containerPath?: pulumi.Input; /** * If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``. */ readOnly?: pulumi.Input; /** * The name of the volume to mount. Must be a volume name referenced in the ``name`` parameter of task definition ``volume``. */ sourceVolume?: pulumi.Input; } /** * The constraint on task placement in the task definition. For more information, see [Task placement constraints](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-placement-constraints.html) in the *Amazon Elastic Container Service Developer Guide*. * Task placement constraints aren't supported for tasks run on FARGATElong. */ interface TaskDefinitionPlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. For more information, see [Cluster query language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the *Amazon Elastic Container Service Developer Guide*. */ expression?: pulumi.Input; /** * The type of constraint. The ``MemberOf`` constraint restricts selection to be from a group of valid candidates. */ type: pulumi.Input; } /** * The ``PortMapping`` property specifies a port mapping. Port mappings allow containers to access ports on the host container instance to send or receive traffic. Port mappings are specified as part of the container definition. * If you are using containers in a task with the ``awsvpc`` or ``host`` network mode, exposed ports should be specified using ``containerPort``. The ``hostPort`` can be left blank or it must be the same value as the ``containerPort``. * After a task reaches the ``RUNNING`` status, manual and automatic host and container port assignments are visible in the ``networkBindings`` section of [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) API responses. */ interface TaskDefinitionPortMappingArgs { /** * The application protocol that's used for the port mapping. This parameter only applies to Service Connect. We recommend that you set this parameter to be consistent with the protocol that your application uses. If you set this parameter, Amazon ECS adds protocol-specific connection handling to the Service Connect proxy. If you set this parameter, Amazon ECS adds protocol-specific telemetry in the Amazon ECS console and CloudWatch. * If you don't set a value for this parameter, then TCP is used. However, Amazon ECS doesn't add protocol-specific telemetry for TCP. * ``appProtocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment. * Tasks that run in a namespace can use short names to connect to services in the namespace. Tasks can connect to services across all of the clusters in the namespace. Tasks connect through a managed proxy container that collects logs and metrics for increased visibility. Only the tasks that Amazon ECS services create are supported with Service Connect. For more information, see [Service Connect](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/service-connect.html) in the *Amazon Elastic Container Service Developer Guide*. */ appProtocol?: pulumi.Input; /** * The port number on the container that's bound to the user-specified or automatically assigned host port. * If you use containers in a task with the ``awsvpc`` or ``host`` network mode, specify the exposed ports using ``containerPort``. * If you use containers in a task with the ``bridge`` network mode and you specify a container port and not a host port, your container automatically receives a host port in the ephemeral port range. For more information, see ``hostPort``. Port mappings that are automatically assigned in this way do not count toward the 100 reserved ports limit of a container instance. */ containerPort?: pulumi.Input; /** * The port number range on the container that's bound to the dynamically mapped host port range. * The following rules apply when you specify a ``containerPortRange``: * + You must use either the ``bridge`` network mode or the ``awsvpc`` network mode. * + This parameter is available for both the EC2 and FARGATElong launch types. * + This parameter is available for both the Linux and Windows operating systems. * + The container instance must have at least version 1.67.0 of the container agent and at least version 1.67.0-1 of the ``ecs-init`` package * + You can specify a maximum of 100 port ranges per container. * + You do not specify a ``hostPortRange``. The value of the ``hostPortRange`` is set as follows: * + For containers in a task with the ``awsvpc`` network mode, the ``hostPortRange`` is set to the same value as the ``containerPortRange``. This is a static mapping strategy. * + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open host ports from the default ephemeral range and passes it to docker to bind them to the container ports. * * + The ``containerPortRange`` valid values are between 1 and 65535. * + A port can only be included in one port mapping per container. * + You cannot specify overlapping port ranges. * + The first port in the range must be less than last port in the range. * + Docker recommends that you turn off the docker-proxy in the Docker daemon config file when you have a large number of ports. * For more information, see [Issue #11185](https://docs.aws.amazon.com/https://github.com/moby/moby/issues/11185) on the Github website. * For information about how to turn off the docker-proxy in the Docker daemon config file, see [Docker daemon](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/bootstrap_container_instance.html#bootstrap_docker_daemon) in the *Amazon ECS Developer Guide*. * * You can call [DescribeTasks](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeTasks.html) to view the ``hostPortRange`` which are the host ports that are bound to the container ports. */ containerPortRange?: pulumi.Input; /** * The port number on the container instance to reserve for your container. * If you specify a ``containerPortRange``, leave this field empty and the value of the ``hostPort`` is set as follows: * + For containers in a task with the ``awsvpc`` network mode, the ``hostPort`` is set to the same value as the ``containerPort``. This is a static mapping strategy. * + For containers in a task with the ``bridge`` network mode, the Amazon ECS agent finds open ports on the host and automatically binds them to the container ports. This is a dynamic mapping strategy. * * If you use containers in a task with the ``awsvpc`` or ``host`` network mode, the ``hostPort`` can either be left blank or set to the same value as the ``containerPort``. * If you use containers in a task with the ``bridge`` network mode, you can specify a non-reserved host port for your container port mapping, or you can omit the ``hostPort`` (or set it to ``0``) while specifying a ``containerPort`` and your container automatically receives a port in the ephemeral port range for your container instance operating system and Docker version. * The default ephemeral port range for Docker version 1.6.0 and later is listed on the instance under ``/proc/sys/net/ipv4/ip_local_port_range``. If this kernel parameter is unavailable, the default ephemeral port range from 49153 through 65535 (Linux) or 49152 through 65535 (Windows) is used. Do not attempt to specify a host port in the ephemeral port range as these are reserved for automatic assignment. In general, ports below 32768 are outside of the ephemeral port range. * The default reserved ports are 22 for SSH, the Docker ports 2375 and 2376, and the Amazon ECS container agent ports 51678-51680. Any host port that was previously specified in a running task is also reserved while the task is running. That is, after a task stops, the host port is released. The current reserved ports are displayed in the ``remainingResources`` of [DescribeContainerInstances](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_DescribeContainerInstances.html) output. A container instance can have up to 100 reserved ports at a time. This number includes the default reserved ports. Automatically assigned ports aren't included in the 100 reserved ports quota. */ hostPort?: pulumi.Input; /** * The name that's used for the port mapping. This parameter is the name that you use in the ``serviceConnectConfiguration`` and the ``vpcLatticeConfigurations`` of a service. The name can include up to 64 characters. The characters can include lowercase letters, numbers, underscores (_), and hyphens (-). The name can't start with a hyphen. */ name?: pulumi.Input; /** * The protocol used for the port mapping. Valid values are ``tcp`` and ``udp``. The default is ``tcp``. ``protocol`` is immutable in a Service Connect service. Updating this field requires a service deletion and redeployment. */ protocol?: pulumi.Input; } /** * The configuration details for the App Mesh proxy. * For tasks that use the EC2 launch type, the container instances require at least version 1.26.0 of the container agent and at least version 1.26.0-1 of the ``ecs-init`` package to use a proxy configuration. If your container instances are launched from the Amazon ECS optimized AMI version ``20190301`` or later, then they contain the required versions of the container agent and ``ecs-init``. For more information, see [Amazon ECS-optimized Linux AMI](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-optimized_AMI.html) */ interface TaskDefinitionProxyConfigurationArgs { /** * The name of the container that will serve as the App Mesh proxy. */ containerName: pulumi.Input; /** * The set of network configuration parameters to provide the Container Network Interface (CNI) plugin, specified as key-value pairs. * + ``IgnoredUID`` - (Required) The user ID (UID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredGID`` is specified, this field can be empty. * + ``IgnoredGID`` - (Required) The group ID (GID) of the proxy container as defined by the ``user`` parameter in a container definition. This is used to ensure the proxy ignores its own traffic. If ``IgnoredUID`` is specified, this field can be empty. * + ``AppPorts`` - (Required) The list of ports that the application uses. Network traffic to these ports is forwarded to the ``ProxyIngressPort`` and ``ProxyEgressPort``. * + ``ProxyIngressPort`` - (Required) Specifies the port that incoming traffic to the ``AppPorts`` is directed to. * + ``ProxyEgressPort`` - (Required) Specifies the port that outgoing traffic from the ``AppPorts`` is directed to. * + ``EgressIgnoredPorts`` - (Required) The egress traffic going to the specified ports is ignored and not redirected to the ``ProxyEgressPort``. It can be an empty list. * + ``EgressIgnoredIPs`` - (Required) The egress traffic going to the specified IP addresses is ignored and not redirected to the ``ProxyEgressPort``. It can be an empty list. */ proxyConfigurationProperties?: pulumi.Input[]>; /** * The proxy type. The only supported value is ``APPMESH``. */ type?: pulumi.Input; } /** * The repository credentials for private registry authentication. */ interface TaskDefinitionRepositoryCredentialsArgs { /** * The Amazon Resource Name (ARN) of the secret containing the private repository credentials. * When you use the Amazon ECS API, CLI, or AWS SDK, if the secret exists in the same Region as the task that you're launching then you can use either the full ARN or the name of the secret. When you use the AWS Management Console, you must specify the full ARN of the secret. */ credentialsParameter?: pulumi.Input; } /** * The type and amount of a resource to assign to a container. The supported resource types are GPUs and Elastic Inference accelerators. For more information, see [Working with GPUs on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-gpu.html) or [Working with Amazon Elastic Inference on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-inference.html) in the *Amazon Elastic Container Service Developer Guide* */ interface TaskDefinitionResourceRequirementArgs { /** * The type of resource to assign to a container. */ type: pulumi.Input; /** * The value for the specified resource type. * When the type is ``GPU``, the value is the number of physical ``GPUs`` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. * When the type is ``InferenceAccelerator``, the ``value`` matches the ``deviceName`` for an [InferenceAccelerator](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_InferenceAccelerator.html) specified in a task definition. */ value: pulumi.Input; } /** * You can enable a restart policy for each container defined in your task definition, to overcome transient failures faster and maintain task availability. When you enable a restart policy for a container, Amazon ECS can restart the container if it exits, without needing to replace the task. For more information, see [Restart individual containers in Amazon ECS tasks with container restart policies](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/container-restart-policy.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionRestartPolicyArgs { /** * Specifies whether a restart policy is enabled for the container. */ enabled?: pulumi.Input; /** * A list of exit codes that Amazon ECS will ignore and not attempt a restart on. You can specify a maximum of 50 container exit codes. By default, Amazon ECS does not ignore any exit codes. */ ignoredExitCodes?: pulumi.Input[]>; /** * A period of time (in seconds) that the container must run for before a restart can be attempted. A container can be restarted only once every ``restartAttemptPeriod`` seconds. If a container isn't able to run for this time period and exits early, it will not be restarted. You can set a minimum ``restartAttemptPeriod`` of 60 seconds and a maximum ``restartAttemptPeriod`` of 1800 seconds. By default, a container must run for 300 seconds before it can be restarted. */ restartAttemptPeriod?: pulumi.Input; } /** * Information about the platform for the Amazon ECS service or task. * For more information about ``RuntimePlatform``, see [RuntimePlatform](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#runtime-platform) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionRuntimePlatformArgs { /** * The CPU architecture. * You can run your Linux tasks on an ARM-based platform by setting the value to ``ARM64``. This option is available for tasks that run on Linux Amazon EC2 instance, Amazon ECS Managed Instances, or Linux containers on Fargate. */ cpuArchitecture?: pulumi.Input; /** * The operating system. */ operatingSystemFamily?: pulumi.Input; } interface TaskDefinitionS3FilesVolumeConfigurationArgs { accessPointArn?: pulumi.Input; fileSystemArn: pulumi.Input; rootDirectory?: pulumi.Input; transitEncryptionPort?: pulumi.Input; } /** * An object representing the secret to expose to your container. Secrets can be exposed to a container in the following ways: * + To inject sensitive data into your containers as environment variables, use the ``secrets`` container definition parameter. * + To reference sensitive information in the log configuration of a container, use the ``secretOptions`` container definition parameter. * * For more information, see [Specifying sensitive data](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data.html) in the *Amazon Elastic Container Service Developer Guide*. */ interface TaskDefinitionSecretArgs { /** * The name of the secret. */ name: pulumi.Input; /** * The secret to expose to the container. The supported values are either the full ARN of the ASMlong secret or the full ARN of the parameter in the SSM Parameter Store. * For information about the require IAMlong permissions, see [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-secrets.html#secrets-iam) (for Secrets Manager) or [Required IAM permissions for Amazon ECS secrets](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/specifying-sensitive-data-parameters.html) (for Systems Manager Parameter store) in the *Amazon Elastic Container Service Developer Guide*. * If the SSM Parameter Store parameter exists in the same Region as the task you're launching, then you can use either the full ARN or name of the parameter. If the parameter exists in a different Region, then the full ARN must be specified. */ valueFrom: pulumi.Input; } /** * A list of namespaced kernel parameters to set in the container. This parameter maps to ``Sysctls`` in the docker container create command and the ``--sysctl`` option to docker run. For example, you can configure ``net.ipv4.tcp_keepalive_time`` setting to maintain longer lived connections. * We don't recommend that you specify network-related ``systemControls`` parameters for multiple containers in a single task that also uses either the ``awsvpc`` or ``host`` network mode. Doing this has the following disadvantages: * + For tasks that use the ``awsvpc`` network mode including Fargate, if you set ``systemControls`` for any container, it applies to all containers in the task. If you set different ``systemControls`` for multiple containers in a single task, the container that's started last determines which ``systemControls`` take effect. * + For tasks that use the ``host`` network mode, the network namespace ``systemControls`` aren't supported. * * If you're setting an IPC resource namespace to use for the containers in the task, the following conditions apply to your system controls. For more information, see [IPC mode](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_definition_parameters.html#task_definition_ipcmode). * + For tasks that use the ``host`` IPC mode, IPC namespace ``systemControls`` aren't supported. * + For tasks that use the ``task`` IPC mode, IPC namespace ``systemControls`` values apply to all containers within a task. * * This parameter is not supported for Windows containers. * This parameter is only supported for tasks that are hosted on FARGATElong if the tasks are using platform version ``1.4.0`` or later (Linux). This isn't supported for Windows containers on Fargate. */ interface TaskDefinitionSystemControlArgs { /** * The namespaced kernel parameter to set a ``value`` for. */ namespace?: pulumi.Input; /** * The namespaced kernel parameter to set a ``value`` for. * Valid IPC namespace values: ``"kernel.msgmax" | "kernel.msgmnb" | "kernel.msgmni" | "kernel.sem" | "kernel.shmall" | "kernel.shmmax" | "kernel.shmmni" | "kernel.shm_rmid_forced"``, and ``Sysctls`` that start with ``"fs.mqueue.*"`` * Valid network namespace values: ``Sysctls`` that start with ``"net.*"``. Only namespaced ``Sysctls`` that exist within the container starting with "net.* are accepted. * All of these values are supported by Fargate. */ value?: pulumi.Input; } /** * The container path, mount options, and size of the tmpfs mount. */ interface TaskDefinitionTmpfsArgs { /** * The absolute file path where the tmpfs volume is to be mounted. */ containerPath?: pulumi.Input; /** * The list of tmpfs volume mount options. * Valid values: ``"defaults" | "ro" | "rw" | "suid" | "nosuid" | "dev" | "nodev" | "exec" | "noexec" | "sync" | "async" | "dirsync" | "remount" | "mand" | "nomand" | "atime" | "noatime" | "diratime" | "nodiratime" | "bind" | "rbind" | "unbindable" | "runbindable" | "private" | "rprivate" | "shared" | "rshared" | "slave" | "rslave" | "relatime" | "norelatime" | "strictatime" | "nostrictatime" | "mode" | "uid" | "gid" | "nr_inodes" | "nr_blocks" | "mpol"`` */ mountOptions?: pulumi.Input[]>; /** * The maximum size (in MiB) of the tmpfs volume. */ size: pulumi.Input; } /** * The ``ulimit`` settings to pass to the container. * Amazon ECS tasks hosted on FARGATElong use the default resource limit values set by the operating system with the exception of the ``nofile`` resource limit parameter which FARGATElong overrides. The ``nofile`` resource limit sets a restriction on the number of open files that a container can use. The default ``nofile`` soft limit is ``65535`` and the default hard limit is ``65535``. * You can specify the ``ulimit`` settings for a container in a task definition. */ interface TaskDefinitionUlimitArgs { /** * The hard limit for the ``ulimit`` type. The value can be specified in bytes, seconds, or as a count, depending on the ``type`` of the ``ulimit``. */ hardLimit: pulumi.Input; /** * The ``type`` of the ``ulimit``. */ name: pulumi.Input; /** * The soft limit for the ``ulimit`` type. The value can be specified in bytes, seconds, or as a count, depending on the ``type`` of the ``ulimit``. */ softLimit: pulumi.Input; } /** * The data volume configuration for tasks launched using this task definition. Specifying a volume configuration in a task definition is optional. The volume configuration may contain multiple volumes but only one volume configured at launch is supported. Each volume defined in the volume configuration may only specify a ``name`` and one of either ``configuredAtLaunch``, ``dockerVolumeConfiguration``, ``efsVolumeConfiguration``, ``fsxWindowsFileServerVolumeConfiguration``, or ``host``. If an empty volume configuration is specified, by default Amazon ECS uses a host volume. For more information, see [Using data volumes in tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/using_data_volumes.html). */ interface TaskDefinitionVolumeArgs { /** * Indicates whether the volume should be configured at launch time. This is used to create Amazon EBS volumes for standalone tasks or tasks created as part of a service. Each task definition revision may only have one volume configured at launch in the volume configuration. * To configure a volume at launch time, use this task definition revision and specify a ``volumeConfigurations`` object when calling the ``CreateService``, ``UpdateService``, ``RunTask`` or ``StartTask`` APIs. */ configuredAtLaunch?: pulumi.Input; /** * This parameter is specified when you use Docker volumes. * Windows containers only support the use of the ``local`` driver. To use bind mounts, specify the ``host`` parameter instead. * Docker volumes aren't supported by tasks run on FARGATElong. */ dockerVolumeConfiguration?: pulumi.Input; /** * This parameter is specified when you use an Amazon Elastic File System file system for task storage. */ efsVolumeConfiguration?: pulumi.Input; /** * This parameter is specified when you use Amazon FSx for Windows File Server file system for task storage. */ fSxWindowsFileServerVolumeConfiguration?: pulumi.Input; /** * This parameter is specified when you use bind mount host volumes. The contents of the ``host`` parameter determine whether your bind mount host volume persists on the host container instance and where it's stored. If the ``host`` parameter is empty, then the Docker daemon assigns a host path for your data volume. However, the data isn't guaranteed to persist after the containers that are associated with it stop running. * Windows containers can mount whole directories on the same drive as ``$env:ProgramData``. Windows containers can't mount directories on a different drive, and mount point can't be across drives. For example, you can mount ``C:\my\path:C:\my\path`` and ``D:\:D:\``, but not ``D:\my\path:C:\my\path`` or ``D:\:C:\my\path``. */ host?: pulumi.Input; /** * The name of the volume. Up to 255 letters (uppercase and lowercase), numbers, underscores, and hyphens are allowed. * When using a volume configured at launch, the ``name`` is required and must also be specified as the volume name in the ``ServiceVolumeConfiguration`` or ``TaskVolumeConfiguration`` parameter when creating your service or standalone task. * For all other types of volumes, this name is referenced in the ``sourceVolume`` parameter of the ``mountPoints`` object in the container definition. * When a volume is using the ``efsVolumeConfiguration``, the name is required. */ name?: pulumi.Input; s3FilesVolumeConfiguration?: pulumi.Input; } /** * Details on a data volume from another container in the same task definition. */ interface TaskDefinitionVolumeFromArgs { /** * If this value is ``true``, the container has read-only access to the volume. If this value is ``false``, then the container can write to the volume. The default value is ``false``. */ readOnly?: pulumi.Input; /** * The name of another container within the same task definition to mount volumes from. */ sourceContainer?: pulumi.Input; } /** * The VPC subnets and security groups associated with a task. All specified subnets and security groups must be from the same VPC. */ interface TaskSetAwsVpcConfigurationArgs { /** * Whether the task's elastic network interface receives a public IP address. The default value is DISABLED. */ assignPublicIp?: pulumi.Input; /** * The security groups associated with the task or service. If you do not specify a security group, the default security group for the VPC is used. There is a limit of 5 security groups that can be specified per AwsVpcConfiguration. */ securityGroups?: pulumi.Input[]>; /** * The subnets associated with the task or service. There is a limit of 16 subnets that can be specified per AwsVpcConfiguration. */ subnets: pulumi.Input[]>; } interface TaskSetCapacityProviderStrategyItemArgs { /** * The *base* value designates how many tasks, at a minimum, to run on the specified capacity provider for each service. Only one capacity provider in a capacity provider strategy can have a *base* defined. If no value is specified, the default value of `0` is used. * * Base value characteristics: * * - Only one capacity provider in a strategy can have a base defined * - The default value is `0` if not specified * - The valid range is 0 to 100,000 * - Base requirements are satisfied first before weight distribution */ base?: pulumi.Input; /** * The short name of the capacity provider. This can be either an AWS managed capacity provider ( `FARGATE` or `FARGATE_SPOT` ) or the name of a custom capacity provider that you created. */ capacityProvider?: pulumi.Input; /** * The *weight* value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The `weight` value is taken into consideration after the `base` value, if defined, is satisfied. * * If no `weight` value is specified, the default value of `0` is used. When multiple capacity providers are specified within a capacity provider strategy, at least one of the capacity providers must have a weight value greater than zero and any capacity providers with a weight of `0` can't be used to place tasks. If you specify multiple capacity providers in a strategy that all have a weight of `0` , any `RunTask` or `CreateService` actions using the capacity provider strategy will fail. * * Weight value characteristics: * * - Weight is considered after the base value is satisfied * - The default value is `0` if not specified * - The valid range is 0 to 1,000 * - At least one capacity provider must have a weight greater than zero * - Capacity providers with weight of `0` cannot place tasks * * Task distribution logic: * * - Base satisfaction: The minimum number of tasks specified by the base value are placed on that capacity provider * - Weight distribution: After base requirements are met, additional tasks are distributed according to weight ratios * * Examples: * * Equal Distribution: Two capacity providers both with weight `1` will split tasks evenly after base requirements are met. * * Weighted Distribution: If capacityProviderA has weight `1` and capacityProviderB has weight `4` , then for every 1 task on A, 4 tasks will run on B. */ weight?: pulumi.Input; } /** * A load balancer object representing the load balancer to use with the task set. The supported load balancer types are either an Application Load Balancer or a Network Load Balancer. */ interface TaskSetLoadBalancerArgs { /** * The name of the container (as it appears in a container definition) to associate with the load balancer. */ containerName?: pulumi.Input; /** * The port on the container to associate with the load balancer. This port must correspond to a containerPort in the task definition the tasks in the service are using. For tasks that use the EC2 launch type, the container instance they are launched on must allow ingress traffic on the hostPort of the port mapping. */ containerPort?: pulumi.Input; /** * The full Amazon Resource Name (ARN) of the Elastic Load Balancing target group or groups associated with a service or task set. A target group ARN is only specified when using an Application Load Balancer or Network Load Balancer. If you are using a Classic Load Balancer this should be omitted. For services using the ECS deployment controller, you can specify one or multiple target groups. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/register-multiple-targetgroups.html in the Amazon Elastic Container Service Developer Guide. For services using the CODE_DEPLOY deployment controller, you are required to define two target groups for the load balancer. For more information, see https://docs.aws.amazon.com/AmazonECS/latest/developerguide/deployment-type-bluegreen.html in the Amazon Elastic Container Service Developer Guide. If your service's task definition uses the awsvpc network mode (which is required for the Fargate launch type), you must choose ip as the target type, not instance, when creating your target groups because tasks that use the awsvpc network mode are associated with an elastic network interface, not an Amazon EC2 instance. */ targetGroupArn?: pulumi.Input; } /** * An object representing the network configuration for a task or service. */ interface TaskSetNetworkConfigurationArgs { /** * The VPC subnets and security groups that are associated with a task. * * > All specified subnets and security groups must be from the same VPC. */ awsVpcConfiguration?: pulumi.Input; } interface TaskSetScaleArgs { /** * The unit of measure for the scale value. */ unit?: pulumi.Input; /** * The value, specified as a percent total of a service's desiredCount, to scale the task set. Accepted values are numbers between 0 and 100. */ value?: pulumi.Input; } interface TaskSetServiceRegistryArgs { /** * The container name value, already specified in the task definition, to be used for your service discovery service. If the task definition that your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition that your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both. */ containerName?: pulumi.Input; /** * The port value, already specified in the task definition, to be used for your service discovery service. If the task definition your service task specifies uses the bridge or host network mode, you must specify a containerName and containerPort combination from the task definition. If the task definition your service task specifies uses the awsvpc network mode and a type SRV DNS record is used, you must specify either a containerName and containerPort combination or a port value, but not both. */ containerPort?: pulumi.Input; /** * The port value used if your service discovery service specified an SRV record. This field may be used if both the awsvpc network mode and SRV records are used. */ port?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the service registry. The currently supported service registry is AWS Cloud Map. For more information, see https://docs.aws.amazon.com/cloud-map/latest/api/API_CreateService.html */ registryArn?: pulumi.Input; } } export declare namespace efs { /** * Required if the ``RootDirectory`` > ``Path`` specified does not exist. Specifies the POSIX IDs and permissions to apply to the access point's ``RootDirectory`` > ``Path``. If the access point root directory does not exist, EFS creates it with these settings when a client connects to the access point. When specifying ``CreationInfo``, you must include values for all properties. * Amazon EFS creates a root directory only if you have provided the CreationInfo: OwnUid, OwnGID, and permissions for the directory. If you do not provide this information, Amazon EFS does not create the root directory. If the root directory does not exist, attempts to mount using the access point will fail. * If you do not provide ``CreationInfo`` and the specified ``RootDirectory`` does not exist, attempts to mount the file system using the access point will fail. */ interface AccessPointCreationInfoArgs { /** * Specifies the POSIX group ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295). */ ownerGid: pulumi.Input; /** * Specifies the POSIX user ID to apply to the ``RootDirectory``. Accepts values from 0 to 2^32 (4294967295). */ ownerUid: pulumi.Input; /** * Specifies the POSIX permissions to apply to the ``RootDirectory``, in the format of an octal number representing the file's mode bits. */ permissions: pulumi.Input; } /** * The full POSIX identity, including the user ID, group ID, and any secondary group IDs, on the access point that is used for all file system operations performed by NFS clients using the access point. */ interface AccessPointPosixUserArgs { /** * The POSIX group ID used for all file system operations using this access point. */ gid: pulumi.Input; /** * Secondary POSIX group IDs used for all file system operations using this access point. */ secondaryGids?: pulumi.Input[]>; /** * The POSIX user ID used for all file system operations using this access point. */ uid: pulumi.Input; } /** * Specifies the directory on the Amazon EFS file system that the access point provides access to. The access point exposes the specified file system path as the root directory of your file system to applications using the access point. NFS clients using the access point can only access data in the access point's ``RootDirectory`` and its subdirectories. */ interface AccessPointRootDirectoryArgs { /** * (Optional) Specifies the POSIX IDs and permissions to apply to the access point's ``RootDirectory``. If the ``RootDirectory`` > ``Path`` specified does not exist, EFS creates the root directory using the ``CreationInfo`` settings when a client connects to an access point. When specifying the ``CreationInfo``, you must provide values for all properties. * If you do not provide ``CreationInfo`` and the specified ``RootDirectory`` > ``Path`` does not exist, attempts to mount the file system using the access point will fail. */ creationInfo?: pulumi.Input; /** * Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the ``CreationInfo``. */ path?: pulumi.Input; } /** * The backup policy turns automatic backups for the file system on or off. */ interface FileSystemBackupPolicyArgs { /** * Set the backup policy status for the file system. * + *ENABLED* - Turns automatic backups on for the file system. * + *DISABLED* - Turns automatic backups off for the file system. */ status: pulumi.Input; } /** * Describes a policy used by Lifecycle management that specifies when to transition files into and out of the EFS storage classes. For more information, see [Managing file system storage](https://docs.aws.amazon.com/efs/latest/ug/lifecycle-management-efs.html). * + Each ``LifecyclePolicy`` object can have only a single transition. This means that in a request body, ``LifecyclePolicies`` must be structured as an array of ``LifecyclePolicy`` objects, one object for each transition, ``TransitionToIA``, ``TransitionToArchive``, ``TransitionToPrimaryStorageClass``. * + See the AWS::EFS::FileSystem examples for the correct ``LifecyclePolicy`` structure. Do not use the syntax shown on this page. */ interface FileSystemLifecyclePolicyArgs { /** * The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events. */ transitionToArchive?: pulumi.Input; /** * The number of days after files were last accessed in primary storage (the Standard storage class) at which to move them to Infrequent Access (IA) storage. Metadata operations such as listing the contents of a directory don't count as file access events. */ transitionToIa?: pulumi.Input; /** * Whether to move files back to primary (Standard) storage after they are accessed in IA or Archive storage. Metadata operations such as listing the contents of a directory don't count as file access events. */ transitionToPrimaryStorageClass?: pulumi.Input; } /** * Describes the protection on the file system. */ interface FileSystemProtectionArgs { /** * The status of the file system's replication overwrite protection. * + ``ENABLED`` – The file system cannot be used as the destination file system in a replication configuration. The file system is writeable. Replication overwrite protection is ``ENABLED`` by default. * + ``DISABLED`` – The file system can be used as the destination file system in a replication configuration. The file system is read-only and can only be modified by EFS replication. * + ``REPLICATING`` – The file system is being used as the destination file system in a replication configuration. The file system is read-only and is modified only by EFS replication. * * If the replication configuration is deleted, the file system's replication overwrite protection is re-enabled, the file system becomes writeable. */ replicationOverwriteProtection?: pulumi.Input; } /** * Describes the replication configuration for a specific file system. */ interface FileSystemReplicationConfigurationArgs { /** * An array of destination objects. Only one destination object is supported. */ destinations?: pulumi.Input[]>; } /** * Describes the destination file system in the replication configuration. */ interface FileSystemReplicationDestinationArgs { /** * For One Zone file systems, the replication configuration must specify the Availability Zone in which the destination file system is located. * Use the format ``us-east-1a`` to specify the Availability Zone. For more information about One Zone file systems, see [EFS file system types](https://docs.aws.amazon.com/efs/latest/ug/storage-classes.html) in the *Amazon EFS User Guide*. * One Zone file system type is not available in all Availability Zones in AWS-Regions where Amazon EFS is available. */ availabilityZoneName?: pulumi.Input; /** * The ID of the destination Amazon EFS file system. */ fileSystemId?: pulumi.Input; /** * The ID of an kms-key-long used to protect the encrypted file system. */ kmsKeyId?: pulumi.Input; /** * The AWS-Region in which the destination file system is located. * For One Zone file systems, the replication configuration must specify the AWS-Region in which the destination file system is located. */ region?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the current source file system in the replication configuration. */ roleArn?: pulumi.Input; /** * Describes the status of the replication configuration. For more information about replication status, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide*. */ status?: pulumi.Input; /** * Message that provides details about the ``PAUSED`` or ``ERRROR`` state of the replication destination configuration. For more information about replication status messages, see [Viewing replication details](https://docs.aws.amazon.com//efs/latest/ug/awsbackup.html#restoring-backup-efsmonitoring-replication-status.html) in the *Amazon EFS User Guide*. */ statusMessage?: pulumi.Input; } } export declare namespace eks { /** * An access policy to associate with the current access entry. */ interface AccessEntryAccessPolicyArgs { /** * The scope of an `AccessPolicy` that's associated to an `AccessEntry` . */ accessScope: pulumi.Input; /** * The ARN of the access policy to add to the access entry. */ policyArn: pulumi.Input; } /** * The access scope of the access policy. */ interface AccessEntryAccessScopeArgs { /** * The namespaces to associate with the access scope. Only specify if Type is set to 'namespace'. */ namespaces?: pulumi.Input[]>; /** * The type of the access scope. */ type: pulumi.Input; } /** * A pod identity to associate with an add-on. */ interface AddonPodIdentityAssociationArgs { /** * The IAM role ARN that the pod identity association is created for. */ roleArn: pulumi.Input; /** * The Kubernetes service account that the pod identity association is created for. */ serviceAccount: pulumi.Input; } /** * Configuration settings for an Argo CD capability. This includes the Kubernetes namespace, IAM Identity Center integration, RBAC role mappings, and network access configuration. */ interface CapabilityArgoCdArgs { awsIdc: pulumi.Input; /** * The Kubernetes namespace where Argo CD resources will be created. If not specified, the default namespace is used. */ namespace?: pulumi.Input; networkAccess?: pulumi.Input; /** * A list of role mappings that define which IAM Identity Center users or groups have which Argo CD roles. Each mapping associates an Argo CD role (ADMIN, EDITOR, or VIEWER) with one or more IAM Identity Center identities. */ rbacRoleMappings?: pulumi.Input[]>; /** * The URL of the Argo CD server. Use this URL to access the Argo CD web interface and API. */ serverUrl?: pulumi.Input; } /** * A mapping between an Argo CD role and IAM Identity Center identities. This defines which users or groups have specific permissions in Argo CD. */ interface CapabilityArgoCdRoleMappingArgs { /** * A list of IAM Identity Center identities (users or groups) that should be assigned this Argo CD role. */ identities: pulumi.Input[]>; /** * The Argo CD role to assign. Valid values are: ADMIN (full administrative access to Argo CD), EDITOR (edit access to Argo CD resources), or VIEWER (read-only access to Argo CD resources). */ role: pulumi.Input; } /** * Configuration for integrating Argo CD with IAM Identity Center. This allows you to use your organization's identity provider for authentication to Argo CD. */ interface CapabilityAwsIdcArgs { /** * The ARN of the IAM Identity Center instance to use for authentication. */ idcInstanceArn: pulumi.Input; /** * The ARN of the managed application created in IAM Identity Center for this Argo CD capability. This application is automatically created and managed by EKS. */ idcManagedApplicationArn?: pulumi.Input; /** * The Region where your IAM Identity Center instance is located. */ idcRegion?: pulumi.Input; } /** * Configuration settings for a capability. The structure of this object varies depending on the capability type. */ interface CapabilityConfigurationArgs { argoCd?: pulumi.Input; } /** * Configuration for network access to the Argo CD capability's managed API server endpoint. By default, the Argo CD server is accessible via a public endpoint. You can optionally specify one or more VPC endpoint IDs to enable private connectivity from your VPCs. */ interface CapabilityNetworkAccessArgs { /** * A list of VPC endpoint IDs to associate with the managed Argo CD API server endpoint. Each VPC endpoint provides private connectivity from a specific VPC to the Argo CD server. You can specify multiple VPC endpoint IDs to enable access from multiple VPCs. */ vpceIds?: pulumi.Input[]>; } /** * An IAM Identity Center identity (user or group) that can be assigned permissions in a capability. */ interface CapabilitySsoIdentityArgs { /** * The unique identifier of the IAM Identity Center user or group. */ id: pulumi.Input; /** * The type of identity. Valid values are SSO_USER or SSO_GROUP. */ type: pulumi.Input; } /** * An object representing the Access Config to use for the cluster. */ interface ClusterAccessConfigArgs { /** * Specify the authentication mode that should be used to create your cluster. */ authenticationMode?: pulumi.Input; /** * Set this value to false to avoid creating a default cluster admin Access Entry using the IAM principal used to create the cluster. */ bootstrapClusterCreatorAdminPermissions?: pulumi.Input; } /** * Todo: add description */ interface ClusterBlockStorageArgs { /** * Todo: add description */ enabled?: pulumi.Input; } /** * Todo: add description */ interface ClusterComputeConfigArgs { /** * Todo: add description */ enabled?: pulumi.Input; /** * Todo: add description */ nodePools?: pulumi.Input[]>; /** * Todo: add description */ nodeRoleArn?: pulumi.Input; } /** * Specify the placement group of the control plane machines for your cluster. */ interface ClusterControlPlanePlacementArgs { /** * Specify the placement group name of the control place machines for your cluster. */ groupName?: pulumi.Input; } /** * Configuration for provisioned control plane scaling. */ interface ClusterControlPlaneScalingConfigArgs { /** * The scaling tier for the provisioned control plane. */ tier?: pulumi.Input; } /** * Todo: add description */ interface ClusterElasticLoadBalancingArgs { /** * Todo: add description */ enabled?: pulumi.Input; } /** * The encryption configuration for the cluster */ interface ClusterEncryptionConfigArgs { /** * The encryption provider for the cluster. */ provider?: pulumi.Input; /** * Specifies the resources to be encrypted. The only supported value is "secrets". */ resources?: pulumi.Input[]>; } /** * The Kubernetes network configuration for the cluster. */ interface ClusterKubernetesNetworkConfigArgs { /** * Todo: add description */ elasticLoadBalancing?: pulumi.Input; /** * Ipv4 or Ipv6. You can only specify ipv6 for 1.21 and later clusters that use version 1.10.1 or later of the Amazon VPC CNI add-on */ ipFamily?: pulumi.Input; /** * The CIDR block to assign Kubernetes service IP addresses from. If you don't specify a block, Kubernetes assigns addresses from either the 10.100.0.0/16 or 172.20.0.0/16 CIDR blocks. We recommend that you specify a block that does not overlap with resources in other networks that are peered or connected to your VPC. */ serviceIpv4Cidr?: pulumi.Input; /** * The CIDR block to assign Kubernetes service IP addresses from. */ serviceIpv6Cidr?: pulumi.Input; } /** * The cluster control plane logging configuration for your cluster. */ interface ClusterLoggingEnabledTypesArgs { /** * The enabled control plane logs for your cluster. All log types are disabled if the array is empty. * * > When updating a resource, you must include this `EnabledTypes` property if the previous CloudFormation template of the resource had it. */ enabledTypes?: pulumi.Input[]>; } /** * Enabled Logging Type */ interface ClusterLoggingTypeConfigArgs { /** * name of the log type */ type?: pulumi.Input; } /** * An object representing the Outpost configuration to use for AWS EKS outpost cluster. */ interface ClusterOutpostConfigArgs { /** * Specify the Instance type of the machines that should be used to create your cluster. */ controlPlaneInstanceType: pulumi.Input; /** * Specify the placement group of the control plane machines for your cluster. */ controlPlanePlacement?: pulumi.Input; /** * Specify one or more Arn(s) of Outpost(s) on which you would like to create your cluster. */ outpostArns: pulumi.Input[]>; } interface ClusterProviderArgs { /** * Amazon Resource Name (ARN) or alias of the KMS key. The KMS key must be symmetric, created in the same region as the cluster, and if the KMS key was created in a different account, the user must have access to the KMS key. */ keyArn?: pulumi.Input; } /** * Configuration fields for specifying on-premises node and pod CIDRs that are external to the VPC passed during cluster creation. */ interface ClusterRemoteNetworkConfigArgs { /** * Network configuration of nodes run on-premises with EKS Hybrid Nodes. */ remoteNodeNetworks?: pulumi.Input[]>; /** * Network configuration of pods run on-premises with EKS Hybrid Nodes. */ remotePodNetworks?: pulumi.Input[]>; } /** * Network configuration of nodes run on-premises with EKS Hybrid Nodes. */ interface ClusterRemoteNodeNetworkArgs { /** * Specifies the list of remote node CIDRs. */ cidrs: pulumi.Input[]>; } /** * Network configuration of pods run on-premises with EKS Hybrid Nodes. */ interface ClusterRemotePodNetworkArgs { /** * Specifies the list of remote pod CIDRs. */ cidrs: pulumi.Input[]>; } /** * An object representing the VPC configuration to use for an Amazon EKS cluster. */ interface ClusterResourcesVpcConfigArgs { /** * Set this value to true to enable private access for your cluster's Kubernetes API server endpoint. If you enable private access, Kubernetes API requests from within your cluster's VPC use the private VPC endpoint. The default value for this parameter is false, which disables private access for your Kubernetes API server. If you disable private access and you have nodes or AWS Fargate pods in the cluster, then ensure that publicAccessCidrs includes the necessary CIDR blocks for communication with the nodes or Fargate pods. */ endpointPrivateAccess?: pulumi.Input; /** * Set this value to false to disable public access to your cluster's Kubernetes API server endpoint. If you disable public access, your cluster's Kubernetes API server can only receive requests from within the cluster VPC. The default value for this parameter is true, which enables public access for your Kubernetes API server. */ endpointPublicAccess?: pulumi.Input; /** * The CIDR blocks that are allowed access to your cluster's public Kubernetes API server endpoint. Communication to the endpoint from addresses outside of the CIDR blocks that you specify is denied. The default value is 0.0.0.0/0. If you've disabled private endpoint access and you have nodes or AWS Fargate pods in the cluster, then ensure that you specify the necessary CIDR blocks. */ publicAccessCidrs?: pulumi.Input[]>; /** * Specify one or more security groups for the cross-account elastic network interfaces that Amazon EKS creates to use to allow communication between your worker nodes and the Kubernetes control plane. If you don't specify a security group, the default security group for your VPC is used. */ securityGroupIds?: pulumi.Input[]>; /** * Specify subnets for your Amazon EKS nodes. Amazon EKS creates cross-account elastic network interfaces in these subnets to allow communication between your nodes and the Kubernetes control plane. */ subnetIds: pulumi.Input[]>; } /** * Todo: add description */ interface ClusterStorageConfigArgs { /** * Todo: add description */ blockStorage?: pulumi.Input; } /** * An object representing the Upgrade Policy to use for the cluster. */ interface ClusterUpgradePolicyArgs { /** * Specify the support type for your cluster. */ supportType?: pulumi.Input; } /** * The current zonal shift configuration to use for the cluster. */ interface ClusterZonalShiftConfigArgs { /** * Set this value to true to enable zonal shift for the cluster. */ enabled?: pulumi.Input; } /** * A key-value pair to associate with a pod. */ interface FargateProfileLabelArgs { /** * The key name of the label. */ key: pulumi.Input; /** * The value for the label. */ value: pulumi.Input; } interface FargateProfileSelectorArgs { /** * The Kubernetes labels that the selector should match. A pod must contain all of the labels that are specified in the selector for it to be considered a match. */ labels?: pulumi.Input[]>; /** * The Kubernetes `namespace` that the selector should match. */ namespace: pulumi.Input; } /** * An object representing an OpenID Connect (OIDC) configuration. */ interface IdentityProviderConfigOidcIdentityProviderConfigArgs { /** * This is also known as audience. The ID for the client application that makes authentication requests to the OpenID identity provider. */ clientId: pulumi.Input; /** * The JWT claim that the provider uses to return your groups. */ groupsClaim?: pulumi.Input; /** * The prefix that is prepended to group claims to prevent clashes with existing names (such as system: groups). */ groupsPrefix?: pulumi.Input; /** * The URL of the OpenID identity provider that allows the API server to discover public signing keys for verifying tokens. */ issuerUrl: pulumi.Input; /** * The key-value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. */ requiredClaims?: pulumi.Input[]>; /** * The JSON Web Token (JWT) claim to use as the username. The default is sub, which is expected to be a unique identifier of the end user. You can choose other claims, such as email or name, depending on the OpenID identity provider. Claims other than email are prefixed with the issuer URL to prevent naming clashes with other plug-ins. */ usernameClaim?: pulumi.Input; /** * The prefix that is prepended to username claims to prevent clashes with existing names. If you do not provide this field, and username is a value other than email, the prefix defaults to issuerurl#. You can use the value - to disable all prefixing. */ usernamePrefix?: pulumi.Input; } /** * The key value pairs that describe required claims in the identity token. If set, each claim is verified to be present in the token with a matching value. */ interface IdentityProviderConfigRequiredClaimArgs { /** * The key of the requiredClaims. */ key: pulumi.Input; /** * The value for the requiredClaims. */ value: pulumi.Input; } /** * Enable exporting the Kubernetes control plane logs for your cluster to CloudWatch Logs based on log types. By default, cluster control plane logs aren't exported to CloudWatch Logs. */ interface LoggingArgs { /** * The cluster control plane logging configuration for your cluster. */ clusterLogging?: pulumi.Input; } /** * The custom namespace configuration to use with the add-on */ interface NamespaceConfigPropertiesArgs { /** * The custom namespace for creating the add-on */ namespace: pulumi.Input; } /** * An object representing a launch template specification for AWS EKS Nodegroup. */ interface NodegroupLaunchTemplateSpecificationArgs { /** * The ID of the launch template. * * You must specify either the launch template ID or the launch template name in the request, but not both. After node group creation, you cannot use a different ID. */ id?: pulumi.Input; /** * The name of the launch template. * * You must specify either the launch template name or the launch template ID in the request, but not both. After node group creation, you cannot use a different name. */ name?: pulumi.Input; /** * The version number of the launch template to use. If no version is specified, then the template's default version is used. You can use a different version for node group updates. */ version?: pulumi.Input; } /** * The node auto repair configuration for node group. */ interface NodegroupNodeRepairConfigArgs { /** * Set this value to true to enable node auto repair for the node group. */ enabled?: pulumi.Input; /** * Specify the maximum number of nodes that can be repaired concurrently or in parallel, expressed as a count of unhealthy nodes. This gives you finer-grained control over the pace of node replacements. When using this, you cannot also set MaxParallelNodesRepairedPercentage at the same time. */ maxParallelNodesRepairedCount?: pulumi.Input; /** * Specify the maximum number of nodes that can be repaired concurrently or in parallel, expressed as a percentage of unhealthy nodes. This gives you finer-grained control over the pace of node replacements. When using this, you cannot also set MaxParallelNodesRepairedCount at the same time. */ maxParallelNodesRepairedPercentage?: pulumi.Input; /** * Specify a count threshold of unhealthy nodes, above which node auto repair actions will stop. When using this, you cannot also set MaxUnhealthyNodeThresholdPercentage at the same time. */ maxUnhealthyNodeThresholdCount?: pulumi.Input; /** * Specify a percentage threshold of unhealthy nodes, above which node auto repair actions will stop. When using this, you cannot also set MaxUnhealthyNodeThresholdCount at the same time. */ maxUnhealthyNodeThresholdPercentage?: pulumi.Input; /** * Specify granular overrides for specific repair actions. These overrides control the repair action and the repair delay time before a node is considered eligible for repair. If you use this, you must specify all the values. */ nodeRepairConfigOverrides?: pulumi.Input[]>; } /** * Specify granular overrides for specific repair actions. These overrides control the repair action and the repair delay time before a node is considered eligible for repair. If you use this, you must specify all the values. */ interface NodegroupNodeRepairConfigOverridesArgs { /** * Specify the minimum time in minutes to wait before attempting to repair a node with this specific NodeMonitoringCondition and NodeUnhealthyReason. */ minRepairWaitTimeMins?: pulumi.Input; /** * Specify an unhealthy condition reported by the node monitoring agent that this override would apply to. */ nodeMonitoringCondition?: pulumi.Input; /** * Specify a reason reported by the node monitoring agent that this override would apply to. */ nodeUnhealthyReason?: pulumi.Input; /** * Specify the repair action to take for nodes when all of the specified conditions are met. */ repairAction?: pulumi.Input; } /** * An object representing a remote access configuration specification for AWS EKS Nodegroup. */ interface NodegroupRemoteAccessArgs { /** * The Amazon EC2 SSH key name that provides access for SSH communication with the nodes in the managed node group. For more information, see [Amazon EC2 key pairs and Linux instances](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Linux Instances* . For Windows, an Amazon EC2 SSH key is used to obtain the RDP password. For more information, see [Amazon EC2 key pairs and Windows instances](https://docs.aws.amazon.com/AWSEC2/latest/WindowsGuide/ec2-key-pairs.html) in the *Amazon Elastic Compute Cloud User Guide for Windows Instances* . */ ec2SshKey: pulumi.Input; /** * The security group IDs that are allowed SSH access (port 22) to the nodes. For Windows, the port is 3389. If you specify an Amazon EC2 SSH key but don't specify a source security group when you create a managed node group, then the port on the nodes is opened to the internet ( `0.0.0.0/0` ). For more information, see [Security Groups for Your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon Virtual Private Cloud User Guide* . */ sourceSecurityGroups?: pulumi.Input[]>; } /** * An object representing a auto scaling group specification for AWS EKS Nodegroup. */ interface NodegroupScalingConfigArgs { /** * The current number of nodes that the managed node group should maintain. * * > If you use the Kubernetes [Cluster Autoscaler](https://docs.aws.amazon.com/https://github.com/kubernetes/autoscaler#kubernetes-autoscaler) , you shouldn't change the `desiredSize` value directly, as this can cause the Cluster Autoscaler to suddenly scale up or scale down. * * Whenever this parameter changes, the number of worker nodes in the node group is updated to the specified size. If this parameter is given a value that is smaller than the current number of running worker nodes, the necessary number of worker nodes are terminated to match the given value. When using CloudFormation, no action occurs if you remove this parameter from your CFN template. * * This parameter can be different from `minSize` in some cases, such as when starting with extra hosts for testing. This parameter can also be different when you want to start with an estimated number of needed hosts, but let the Cluster Autoscaler reduce the number if there are too many. When the Cluster Autoscaler is used, the `desiredSize` parameter is altered by the Cluster Autoscaler (but can be out-of-date for short periods of time). the Cluster Autoscaler doesn't scale a managed node group lower than `minSize` or higher than `maxSize` . */ desiredSize?: pulumi.Input; /** * The maximum number of nodes that the managed node group can scale out to. For information about the maximum number that you can specify, see [Amazon EKS service quotas](https://docs.aws.amazon.com/eks/latest/userguide/service-quotas.html) in the *Amazon EKS User Guide* . */ maxSize?: pulumi.Input; /** * The minimum number of nodes that the managed node group can scale in to. */ minSize?: pulumi.Input; } /** * An object representing a Taint specification for AWS EKS Nodegroup. */ interface NodegroupTaintArgs { /** * The effect of the taint. */ effect?: pulumi.Input; /** * The key of the taint. */ key?: pulumi.Input; /** * The value of the taint. */ value?: pulumi.Input; } /** * The node group update configuration. */ interface NodegroupUpdateConfigArgs { /** * The maximum number of nodes unavailable at once during a version update. Nodes will be updated in parallel. This value or maxUnavailablePercentage is required to have a value.The maximum number is 100. */ maxUnavailable?: pulumi.Input; /** * The maximum percentage of nodes unavailable during a version update. This percentage of nodes will be updated in parallel, up to 100 nodes at once. This value or maxUnavailable is required to have a value. */ maxUnavailablePercentage?: pulumi.Input; /** * The configuration for the behavior to follow during an node group version update of this managed node group. You choose between two possible strategies for replacing nodes during an UpdateNodegroupVersion action. */ updateStrategy?: pulumi.Input; } /** * The warm pool configuration for the node group. */ interface NodegroupWarmPoolConfigArgs { /** * Enable or disable warm pool for the node group. */ enabled?: pulumi.Input; /** * The maximum number of instances that are allowed to be in the warm pool. */ maxGroupPreparedCapacity?: pulumi.Input; /** * The minimum number of instances to maintain in the warm pool. */ minSize?: pulumi.Input; /** * The desired state of warm pool instances. */ poolState?: pulumi.Input; /** * Whether to return instances to the warm pool during scale-in instead of terminating them. */ reuseOnScaleIn?: pulumi.Input; } } export declare namespace elasticache { /** * Specifies the authentication mode to use. Below is an example of the possible JSON values: * * ``` * { Passwords: ["*****", "******"] // If Type is password. * } * ``` */ interface AuthenticationModePropertiesArgs { /** * Passwords used for this user account. You can create up to two passwords for each user. */ passwords?: pulumi.Input[]>; /** * Authentication Type */ type: pulumi.Input; } interface GlobalReplicationGroupMemberArgs { /** * Regionally unique identifier for the member i.e. ReplicationGroupId. */ replicationGroupId?: pulumi.Input; /** * The AWS region of the Global Datastore member. */ replicationGroupRegion?: pulumi.Input; /** * Indicates the role of the member, primary or secondary. */ role?: pulumi.Input; } interface GlobalReplicationGroupRegionalConfigurationArgs { /** * The replication group id of the Global Datastore member. */ replicationGroupId?: pulumi.Input; /** * The AWS region of the Global Datastore member. */ replicationGroupRegion?: pulumi.Input; /** * A list of PreferredAvailabilityZones objects that specifies the configuration of a node group in the resharded cluster. */ reshardingConfigurations?: pulumi.Input[]>; } interface GlobalReplicationGroupReshardingConfigurationArgs { /** * Unique identifier for the Node Group. This is either auto-generated by ElastiCache (4-digit id) or a user supplied id. */ nodeGroupId?: pulumi.Input; /** * A list of preferred availability zones for the nodes of new node groups. */ preferredAvailabilityZones?: pulumi.Input[]>; } /** * The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination. */ interface ReplicationGroupCloudWatchLogsDestinationDetailsArgs { /** * The name of the CloudWatch Logs log group. */ logGroup: pulumi.Input; } /** * Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination. */ interface ReplicationGroupDestinationDetailsArgs { /** * The configuration details of the CloudWatch Logs destination. Note that this field is marked as required but only if CloudWatch Logs was chosen as the destination. */ cloudWatchLogsDetails?: pulumi.Input; /** * The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination. */ kinesisFirehoseDetails?: pulumi.Input; } /** * The configuration details of the Kinesis Data Firehose destination. Note that this field is marked as required but only if Kinesis Data Firehose was chosen as the destination. */ interface ReplicationGroupKinesisFirehoseDestinationDetailsArgs { /** * The name of the Kinesis Data Firehose delivery stream. */ deliveryStream: pulumi.Input; } interface ReplicationGroupLogDeliveryConfigurationRequestArgs { /** * Configuration details of either a CloudWatch Logs destination or Kinesis Data Firehose destination. */ destinationDetails: pulumi.Input; /** * Specify either CloudWatch Logs or Kinesis Data Firehose as the destination type. Valid values are either cloudwatch-logs or kinesis-firehose. */ destinationType: pulumi.Input; /** * Valid values are either json or text. */ logFormat: pulumi.Input; /** * Valid value is either slow-log, which refers to slow-log or engine-log. */ logType: pulumi.Input; } interface ReplicationGroupNodeGroupConfigurationArgs { /** * Either the ElastiCache for Redis supplied 4-digit id or a user supplied id for the node group these configuration values apply to. */ nodeGroupId?: pulumi.Input; /** * The Availability Zone where the primary node of this node group (shard) is launched. */ primaryAvailabilityZone?: pulumi.Input; /** * A list of Availability Zones to be used for the read replicas. The number of Availability Zones in this list must match the value of ReplicaCount or ReplicasPerNodeGroup if not specified. */ replicaAvailabilityZones?: pulumi.Input[]>; /** * The number of read replica nodes in this node group (shard). */ replicaCount?: pulumi.Input; /** * A string of comma-separated values where the first set of values are the slot numbers (zero based), and the second set of values are the keyspaces for each slot. The following example specifies three slots (numbered 0, 1, and 2): 0,1,2,0-4999,5000-9999,10000-16,383. */ slots?: pulumi.Input; } /** * The cache capacity limit of the Serverless Cache. */ interface ServerlessCacheCacheUsageLimitsArgs { /** * The maximum data storage limit in the cache, expressed in Gigabytes. */ dataStorage?: pulumi.Input; /** * The number of ElastiCache Processing Units (ECPU) the cache can consume per second. */ ecpuPerSecond?: pulumi.Input; } /** * The cached data capacity of the Serverless Cache. */ interface ServerlessCacheDataStorageArgs { /** * The maximum cached data capacity of the Serverless Cache. */ maximum?: pulumi.Input; /** * The minimum cached data capacity of the Serverless Cache. */ minimum?: pulumi.Input; /** * The unit of cached data capacity of the Serverless Cache. */ unit: pulumi.Input; } /** * The ECPU per second of the Serverless Cache. */ interface ServerlessCacheEcpuPerSecondArgs { /** * The maximum ECPU per second of the Serverless Cache. */ maximum?: pulumi.Input; /** * The minimum ECPU per second of the Serverless Cache. */ minimum?: pulumi.Input; } /** * The address and the port. */ interface ServerlessCacheEndpointArgs { /** * Endpoint address. */ address?: pulumi.Input; /** * Endpoint port. */ port?: pulumi.Input; } } export declare namespace elasticbeanstalk { interface ApplicationMaxAgeRuleArgs { /** * Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version. */ deleteSourceFromS3?: pulumi.Input; /** * Specify true to apply the rule, or false to disable it. */ enabled?: pulumi.Input; /** * Specify the number of days to retain an application versions. */ maxAgeInDays?: pulumi.Input; } interface ApplicationMaxCountRuleArgs { /** * Set to true to delete a version's source bundle from Amazon S3 when Elastic Beanstalk deletes the application version. */ deleteSourceFromS3?: pulumi.Input; /** * Specify true to apply the rule, or false to disable it. */ enabled?: pulumi.Input; /** * Specify the maximum number of application versions to retain. */ maxCount?: pulumi.Input; } interface ApplicationResourceLifecycleConfigArgs { /** * The ARN of an IAM service role that Elastic Beanstalk has permission to assume. The ServiceRole property is required the first time that you provide a ResourceLifecycleConfig for the application. After you provide it once, Elastic Beanstalk persists the Service Role with the application, and you don't need to specify it again. You can, however, specify it in subsequent updates to change the Service Role to another value. */ serviceRole?: pulumi.Input; /** * Defines lifecycle settings for application versions. */ versionLifecycleConfig?: pulumi.Input; } interface ApplicationVersionLifecycleConfigArgs { /** * Specify a max age rule to restrict the length of time that application versions are retained for an application. */ maxAgeRule?: pulumi.Input; /** * Specify a max count rule to restrict the number of application versions that are retained for an application. */ maxCountRule?: pulumi.Input; } interface ApplicationVersionSourceBundleArgs { /** * The Amazon S3 bucket where the data is located. */ s3Bucket: pulumi.Input; /** * The Amazon S3 key where the data is located. */ s3Key: pulumi.Input; } interface ConfigurationTemplateConfigurationOptionSettingArgs { /** * A unique namespace that identifies the option's associated AWS resource. */ namespace: pulumi.Input; /** * The name of the configuration option. */ optionName: pulumi.Input; /** * A unique resource name for the option setting. Use it for a time–based scaling configuration option. */ resourceName?: pulumi.Input; /** * The current value for the configuration option. */ value?: pulumi.Input; } interface ConfigurationTemplateSourceConfigurationArgs { /** * The name of the application associated with the configuration. */ applicationName: pulumi.Input; /** * The name of the configuration template. */ templateName: pulumi.Input; } interface EnvironmentOptionSettingArgs { /** * A unique namespace that identifies the option's associated AWS resource. */ namespace: pulumi.Input; /** * The name of the configuration option. */ optionName: pulumi.Input; /** * A unique resource name for the option setting. Use it for a time–based scaling configuration option. */ resourceName?: pulumi.Input; /** * The current value for the configuration option. */ value?: pulumi.Input; } interface EnvironmentTierArgs { /** * The name of this environment tier. */ name?: pulumi.Input; /** * The type of this environment tier. */ type?: pulumi.Input; /** * The version of this environment tier. When you don't set a value to it, Elastic Beanstalk uses the latest compatible worker tier version. */ version?: pulumi.Input; } } export declare namespace elasticloadbalancing { interface LoadBalancerAccessLoggingPolicyArgs { /** * The interval for publishing the access logs. You can specify an interval of either 5 minutes or 60 minutes. * * Default: 60 minutes */ emitInterval?: pulumi.Input; /** * Specifies whether access logs are enabled for the load balancer. */ enabled: pulumi.Input; /** * The name of the Amazon S3 bucket where the access logs are stored. */ s3BucketName: pulumi.Input; /** * The logical hierarchy you created for your Amazon S3 bucket, for example `my-bucket-prefix/prod` . If the prefix is not provided, the log is placed at the root level of the bucket. */ s3BucketPrefix?: pulumi.Input; } interface LoadBalancerAppCookieStickinessPolicyArgs { /** * The name of the application cookie used for stickiness. */ cookieName: pulumi.Input; /** * The mnemonic name for the policy being created. The name must be unique within a set of policies for this load balancer. */ policyName: pulumi.Input; } interface LoadBalancerConnectionDrainingPolicyArgs { /** * Specifies whether connection draining is enabled for the load balancer. */ enabled: pulumi.Input; /** * The maximum time, in seconds, to keep the existing connections open before deregistering the instances. */ timeout?: pulumi.Input; } interface LoadBalancerConnectionSettingsArgs { /** * The time, in seconds, that the connection is allowed to be idle (no data has been sent over the connection) before it is closed by the load balancer. */ idleTimeout: pulumi.Input; } interface LoadBalancerHealthCheckArgs { /** * The number of consecutive health checks successes required before moving the instance to the `Healthy` state. */ healthyThreshold: pulumi.Input; /** * The approximate interval, in seconds, between health checks of an individual instance. */ interval: pulumi.Input; /** * The instance being checked. The protocol is either TCP, HTTP, HTTPS, or SSL. The range of valid ports is one (1) through 65535. * * TCP is the default, specified as a TCP: port pair, for example "TCP:5000". In this case, a health check simply attempts to open a TCP connection to the instance on the specified port. Failure to connect within the configured timeout is considered unhealthy. * * SSL is also specified as SSL: port pair, for example, SSL:5000. * * For HTTP/HTTPS, you must include a ping path in the string. HTTP is specified as a HTTP:port;/;PathToPing; grouping, for example "HTTP:80/weather/us/wa/seattle". In this case, a HTTP GET request is issued to the instance on the given port and path. Any answer other than "200 OK" within the timeout period is considered unhealthy. * * The total length of the HTTP ping target must be 1024 16-bit Unicode characters or less. */ target: pulumi.Input; /** * The amount of time, in seconds, during which no response means a failed health check. * * This value must be less than the `Interval` value. */ timeout: pulumi.Input; /** * The number of consecutive health check failures required before moving the instance to the `Unhealthy` state. */ unhealthyThreshold: pulumi.Input; } interface LoadBalancerLbCookieStickinessPolicyArgs { /** * The time period, in seconds, after which the cookie should be considered stale. If this parameter is not specified, the stickiness session lasts for the duration of the browser session. */ cookieExpirationPeriod?: pulumi.Input; /** * The name of the policy. This name must be unique within the set of policies for this load balancer. */ policyName?: pulumi.Input; } interface LoadBalancerListenersArgs { /** * The port on which the instance is listening. */ instancePort: pulumi.Input; /** * The protocol to use for routing traffic to instances: HTTP, HTTPS, TCP, or SSL. * * If the front-end protocol is TCP or SSL, the back-end protocol must be TCP or SSL. If the front-end protocol is HTTP or HTTPS, the back-end protocol must be HTTP or HTTPS. * * If there is another listener with the same `InstancePort` whose `InstanceProtocol` is secure, (HTTPS or SSL), the listener's `InstanceProtocol` must also be secure. * * If there is another listener with the same `InstancePort` whose `InstanceProtocol` is HTTP or TCP, the listener's `InstanceProtocol` must be HTTP or TCP. */ instanceProtocol?: pulumi.Input; /** * The port on which the load balancer is listening. On EC2-VPC, you can specify any port from the range 1-65535. On EC2-Classic, you can specify any port from the following list: 25, 80, 443, 465, 587, 1024-65535. */ loadBalancerPort: pulumi.Input; /** * The names of the policies to associate with the listener. */ policyNames?: pulumi.Input[]>; /** * The load balancer transport protocol to use for routing: HTTP, HTTPS, TCP, or SSL. */ protocol: pulumi.Input; /** * The Amazon Resource Name (ARN) of the server certificate. */ sslCertificateId?: pulumi.Input; } interface LoadBalancerPoliciesArgs { /** * The policy attributes. */ attributes: pulumi.Input; /** * The instance ports for the policy. Required only for some policy types. */ instancePorts?: pulumi.Input[]>; /** * The load balancer ports for the policy. Required only for some policy types. */ loadBalancerPorts?: pulumi.Input[]>; /** * The name of the policy. */ policyName: pulumi.Input; /** * The name of the policy type. */ policyType: pulumi.Input; } } export declare namespace elasticloadbalancingv2 { /** * Specifies an action for a listener rule. */ interface ListenerActionArgs { /** * [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when ``Type`` is ``authenticate-cognito``. */ authenticateCognitoConfig?: pulumi.Input; /** * [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when ``Type`` is ``authenticate-oidc``. */ authenticateOidcConfig?: pulumi.Input; /** * [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when ``Type`` is ``fixed-response``. */ fixedResponseConfig?: pulumi.Input; /** * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``. * If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``. */ forwardConfig?: pulumi.Input; /** * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when ``Type`` is ``jwt-validation``. */ jwtValidationConfig?: pulumi.Input; /** * The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. */ order?: pulumi.Input; /** * [Application Load Balancer] Information for creating a redirect action. Specify only when ``Type`` is ``redirect``. */ redirectConfig?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to multiple target groups, you must use ``ForwardConfig`` instead. */ targetGroupArn?: pulumi.Input; /** * The type of action. */ type: pulumi.Input; } /** * Information about a listener attribute. */ interface ListenerAttributeArgs { /** * The name of the attribute. * The following attribute is supported by Network Load Balancers, and Gateway Load Balancers. * + ``tcp.idle_timeout.seconds`` - The tcp idle timeout value, in seconds. The valid range is 60-6000 seconds. The default is 350 seconds. * * The following attributes are only supported by Application Load Balancers. * + ``routing.http.request.x_amzn_mtls_clientcert_serial_number.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Serial-Number* HTTP request header. * + ``routing.http.request.x_amzn_mtls_clientcert_issuer.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Issuer* HTTP request header. * + ``routing.http.request.x_amzn_mtls_clientcert_subject.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Subject* HTTP request header. * + ``routing.http.request.x_amzn_mtls_clientcert_validity.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Validity* HTTP request header. * + ``routing.http.request.x_amzn_mtls_clientcert_leaf.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert-Leaf* HTTP request header. * + ``routing.http.request.x_amzn_mtls_clientcert.header_name`` - Enables you to modify the header name of the *X-Amzn-Mtls-Clientcert* HTTP request header. * + ``routing.http.request.x_amzn_tls_version.header_name`` - Enables you to modify the header name of the *X-Amzn-Tls-Version* HTTP request header. * + ``routing.http.request.x_amzn_tls_cipher_suite.header_name`` - Enables you to modify the header name of the *X-Amzn-Tls-Cipher-Suite* HTTP request header. * + ``routing.http.response.server.enabled`` - Enables you to allow or remove the HTTP response server header. * + ``routing.http.response.strict_transport_security.header_value`` - Informs browsers that the site should only be accessed using HTTPS, and that any future attempts to access it using HTTP should automatically be converted to HTTPS. * + ``routing.http.response.access_control_allow_origin.header_value`` - Specifies which origins are allowed to access the server. * + ``routing.http.response.access_control_allow_methods.header_value`` - Returns which HTTP methods are allowed when accessing the server from a different origin. * + ``routing.http.response.access_control_allow_headers.header_value`` - Specifies which headers can be used during the request. * + ``routing.http.response.access_control_allow_credentials.header_value`` - Indicates whether the browser should include credentials such as cookies or authentication when making requests. * + ``routing.http.response.access_control_expose_headers.header_value`` - Returns which headers the browser can expose to the requesting client. * + ``routing.http.response.access_control_max_age.header_value`` - Specifies how long the results of a preflight request can be cached, in seconds. * + ``routing.http.response.content_security_policy.header_value`` - Specifies restrictions enforced by the browser to help minimize the risk of certain types of security threats. * + ``routing.http.response.x_content_type_options.header_value`` - Indicates whether the MIME types advertised in the *Content-Type* headers should be followed and not be changed. * + ``routing.http.response.x_frame_options.header_value`` - Indicates whether the browser is allowed to render a page in a *frame*, *iframe*, *embed* or *object*. */ key?: pulumi.Input; /** * The value of the attribute. */ value?: pulumi.Input; } /** * Specifies information required when integrating with Amazon Cognito to authenticate users. */ interface ListenerAuthenticateCognitoConfigArgs { /** * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. */ authenticationRequestExtraParams?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The behavior if the user is not authenticated. The following are possible values: * + deny```` - Return an HTTP 401 Unauthorized error. * + allow```` - Allow the request to be forwarded to the target. * + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value. */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. The default is ``openid``. * To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). */ sessionTimeout?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Cognito user pool. */ userPoolArn: pulumi.Input; /** * The ID of the Amazon Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. */ userPoolDomain: pulumi.Input; } /** * Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users. */ interface ListenerAuthenticateOidcConfigArgs { /** * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. */ authenticationRequestExtraParams?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ authorizationEndpoint: pulumi.Input; /** * The OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set ``UseExistingClientSecret`` to true. */ clientSecret?: pulumi.Input; /** * The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ issuer: pulumi.Input; /** * The behavior if the user is not authenticated. The following are possible values: * + deny```` - Return an HTTP 401 Unauthorized error. * + allow```` - Allow the request to be forwarded to the target. * + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value. */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. The default is ``openid``. * To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). */ sessionTimeout?: pulumi.Input; /** * The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ tokenEndpoint: pulumi.Input; /** * Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false. */ useExistingClientSecret?: pulumi.Input; /** * The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ userInfoEndpoint: pulumi.Input; } /** * Specifies an SSL server certificate to use as the default certificate for a secure listener. */ interface ListenerCertificateArgs { /** * The Amazon Resource Name (ARN) of the certificate. */ certificateArn?: pulumi.Input; } /** * Specifies information required when returning a custom HTTP response. */ interface ListenerFixedResponseConfigArgs { /** * The content type. * Valid Values: text/plain | text/css | text/html | application/javascript | application/json */ contentType?: pulumi.Input; /** * The message. */ messageBody?: pulumi.Input; /** * The HTTP response code (2XX, 4XX, or 5XX). */ statusCode: pulumi.Input; } /** * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``. * If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``. */ interface ListenerForwardConfigArgs { /** * Information about the target group stickiness for a rule. */ targetGroupStickinessConfig?: pulumi.Input; /** * Information about how traffic will be distributed between multiple target groups in a forward rule. */ targetGroups?: pulumi.Input[]>; } /** * Information about an additional claim to validate. */ interface ListenerJwtValidationActionAdditionalClaimArgs { /** * The format of the claim value. */ format: pulumi.Input; /** * The name of the claim. You can't specify ``exp``, ``iss``, ``nbf``, or ``iat`` because we validate them by default. */ name: pulumi.Input; /** * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is ``space-separated-values``, the values can't include spaces. */ values: pulumi.Input[]>; } interface ListenerJwtValidationConfigArgs { additionalClaims?: pulumi.Input[]>; issuer: pulumi.Input; jwksEndpoint: pulumi.Input; } /** * The mutual authentication configuration information. */ interface ListenerMutualAuthenticationArgs { /** * Indicates whether trust store CA certificate names are advertised. */ advertiseTrustStoreCaNames?: pulumi.Input; /** * Indicates whether expired client certificates are ignored. */ ignoreClientCertificateExpiry?: pulumi.Input; /** * The client certificate handling method. Options are ``off``, ``passthrough`` or ``verify``. The default value is ``off``. */ mode?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the trust store. */ trustStoreArn?: pulumi.Input; } /** * Information about a redirect action. * A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values. * You can reuse URI components using the following reserved keywords: * + #{protocol} * + #{host} * + #{port} * + #{path} (the leading "/" is removed) * + #{query} * * For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz". */ interface ListenerRedirectConfigArgs { /** * The hostname. This component is not percent-encoded. The hostname can contain #{host}. */ host?: pulumi.Input; /** * The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. */ path?: pulumi.Input; /** * The port. You can specify a value from 1 to 65535 or #{port}. */ port?: pulumi.Input; /** * The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP. */ protocol?: pulumi.Input; /** * The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. */ query?: pulumi.Input; /** * The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302). */ statusCode: pulumi.Input; } /** * Specifies an action for a listener rule. */ interface ListenerRuleActionArgs { /** * [HTTPS listeners] Information for using Amazon Cognito to authenticate users. Specify only when ``Type`` is ``authenticate-cognito``. */ authenticateCognitoConfig?: pulumi.Input; /** * [HTTPS listeners] Information about an identity provider that is compliant with OpenID Connect (OIDC). Specify only when ``Type`` is ``authenticate-oidc``. */ authenticateOidcConfig?: pulumi.Input; /** * [Application Load Balancer] Information for creating an action that returns a custom HTTP response. Specify only when ``Type`` is ``fixed-response``. */ fixedResponseConfig?: pulumi.Input; /** * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``. * If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``. */ forwardConfig?: pulumi.Input; /** * [HTTPS listeners] Information for validating JWT access tokens in client requests. Specify only when ``Type`` is ``jwt-validation``. */ jwtValidationConfig?: pulumi.Input; /** * The order for the action. This value is required for rules with multiple actions. The action with the lowest value for order is performed first. */ order?: pulumi.Input; /** * [Application Load Balancer] Information for creating a redirect action. Specify only when ``Type`` is ``redirect``. */ redirectConfig?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the target group. Specify only when ``Type`` is ``forward`` and you want to route to a single target group. To route to multiple target groups, you must use ``ForwardConfig`` instead. */ targetGroupArn?: pulumi.Input; /** * The type of action. */ type: pulumi.Input; } /** * Specifies information required when integrating with Amazon Cognito to authenticate users. */ interface ListenerRuleAuthenticateCognitoConfigArgs { /** * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. */ authenticationRequestExtraParams?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The behavior if the user is not authenticated. The following are possible values: * + deny```` - Return an HTTP 401 Unauthorized error. * + allow```` - Allow the request to be forwarded to the target. * + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value. */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. The default is ``openid``. * To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). */ sessionTimeout?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon Cognito user pool. */ userPoolArn: pulumi.Input; /** * The ID of the Amazon Cognito user pool client. */ userPoolClientId: pulumi.Input; /** * The domain prefix or fully-qualified domain name of the Amazon Cognito user pool. */ userPoolDomain: pulumi.Input; } /** * Specifies information required using an identity provide (IdP) that is compliant with OpenID Connect (OIDC) to authenticate users. */ interface ListenerRuleAuthenticateOidcConfigArgs { /** * The query parameters (up to 10) to include in the redirect request to the authorization endpoint. */ authenticationRequestExtraParams?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The authorization endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ authorizationEndpoint: pulumi.Input; /** * The OAuth 2.0 client identifier. */ clientId: pulumi.Input; /** * The OAuth 2.0 client secret. This parameter is required if you are creating a rule. If you are modifying a rule, you can omit this parameter if you set ``UseExistingClientSecret`` to true. */ clientSecret?: pulumi.Input; /** * The OIDC issuer identifier of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ issuer: pulumi.Input; /** * The behavior if the user is not authenticated. The following are possible values: * + deny```` - Return an HTTP 401 Unauthorized error. * + allow```` - Allow the request to be forwarded to the target. * + authenticate```` - Redirect the request to the IdP authorization endpoint. This is the default value. */ onUnauthenticatedRequest?: pulumi.Input; /** * The set of user claims to be requested from the IdP. The default is ``openid``. * To verify which scope values your IdP supports and how to separate multiple values, see the documentation for your IdP. */ scope?: pulumi.Input; /** * The name of the cookie used to maintain session information. The default is AWSELBAuthSessionCookie. */ sessionCookieName?: pulumi.Input; /** * The maximum duration of the authentication session, in seconds. The default is 604800 seconds (7 days). */ sessionTimeout?: pulumi.Input; /** * The token endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ tokenEndpoint: pulumi.Input; /** * Indicates whether to use the existing client secret when modifying a rule. If you are creating a rule, you can omit this parameter or set it to false. */ useExistingClientSecret?: pulumi.Input; /** * The user info endpoint of the IdP. This must be a full URL, including the HTTPS protocol, the domain, and the path. */ userInfoEndpoint: pulumi.Input; } /** * Specifies information required when returning a custom HTTP response. */ interface ListenerRuleFixedResponseConfigArgs { /** * The content type. * Valid Values: text/plain | text/css | text/html | application/javascript | application/json */ contentType?: pulumi.Input; /** * The message. */ messageBody?: pulumi.Input; /** * The HTTP response code (2XX, 4XX, or 5XX). */ statusCode: pulumi.Input; } /** * Information for creating an action that distributes requests among multiple target groups. Specify only when ``Type`` is ``forward``. * If you specify both ``ForwardConfig`` and ``TargetGroupArn``, you can specify only one target group using ``ForwardConfig`` and it must be the same target group specified in ``TargetGroupArn``. */ interface ListenerRuleForwardConfigArgs { /** * Information about the target group stickiness for a rule. */ targetGroupStickinessConfig?: pulumi.Input; /** * Information about how traffic will be distributed between multiple target groups in a forward rule. */ targetGroups?: pulumi.Input[]>; } /** * Information about a host header condition. */ interface ListenerRuleHostHeaderConfigArgs { regexValues?: pulumi.Input[]>; /** * The host names. The maximum length of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). You must include at least one "." character. You can include only alphabetical characters after the final "." character. * If you specify multiple strings, the condition is satisfied if one of the strings matches the host name. */ values?: pulumi.Input[]>; } /** * Information about an HTTP header condition. * There is a set of standard HTTP header fields. You can also define custom HTTP header fields. */ interface ListenerRuleHttpHeaderConfigArgs { /** * The name of the HTTP header field. The maximum size is 40 characters. The header name is case insensitive. The allowed characters are specified by RFC 7230. Wildcards are not supported. */ httpHeaderName?: pulumi.Input; regexValues?: pulumi.Input[]>; /** * The strings to compare against the value of the HTTP header. The maximum length of each string is 128 characters. The comparison strings are case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). * If the same header appears multiple times in the request, we search them in order until a match is found. * If you specify multiple strings, the condition is satisfied if one of the strings matches the value of the HTTP header. To require that all of the strings are a match, create one condition per string. */ values?: pulumi.Input[]>; } /** * Information about an HTTP method condition. * HTTP defines a set of request methods, also referred to as HTTP verbs. For more information, see the [HTTP Method Registry](https://docs.aws.amazon.com/https://www.iana.org/assignments/http-methods/http-methods.xhtml). You can also define custom HTTP methods. */ interface ListenerRuleHttpRequestMethodConfigArgs { /** * The name of the request method. The maximum length is 40 characters. The allowed characters are A-Z, hyphen (-), and underscore (_). The comparison is case sensitive. Wildcards are not supported; therefore, the method name must be an exact match. * If you specify multiple strings, the condition is satisfied if one of the strings matches the HTTP request method. We recommend that you route GET and HEAD requests in the same way, because the response to a HEAD request may be cached. */ values?: pulumi.Input[]>; } /** * Information about an additional claim to validate. */ interface ListenerRuleJwtValidationActionAdditionalClaimArgs { /** * The format of the claim value. */ format: pulumi.Input; /** * The name of the claim. You can't specify ``exp``, ``iss``, ``nbf``, or ``iat`` because we validate them by default. */ name: pulumi.Input; /** * The claim value. The maximum size of the list is 10. Each value can be up to 256 characters in length. If the format is ``space-separated-values``, the values can't include spaces. */ values: pulumi.Input[]>; } interface ListenerRuleJwtValidationConfigArgs { additionalClaims?: pulumi.Input[]>; issuer: pulumi.Input; jwksEndpoint: pulumi.Input; } /** * Information about a path pattern condition. */ interface ListenerRulePathPatternConfigArgs { regexValues?: pulumi.Input[]>; /** * The path patterns to compare against the request URL. The maximum size of each string is 128 characters. The comparison is case sensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). * If you specify multiple strings, the condition is satisfied if one of them matches the request URL. The path pattern is compared only to the path of the URL, not to its query string. */ values?: pulumi.Input[]>; } /** * Information about a query string condition. * The query string component of a URI starts after the first '?' character and is terminated by either a '#' character or the end of the URI. A typical query string contains key/value pairs separated by '&' characters. The allowed characters are specified by RFC 3986. Any character can be percentage encoded. */ interface ListenerRuleQueryStringConfigArgs { /** * The key/value pairs or values to find in the query string. The maximum length of each string is 128 characters. The comparison is case insensitive. The following wildcard characters are supported: * (matches 0 or more characters) and ? (matches exactly 1 character). To search for a literal '*' or '?' character in a query string, you must escape these characters in ``Values`` using a '\' character. * If you specify multiple key/value pairs or values, the condition is satisfied if one of them is found in the query string. */ values?: pulumi.Input[]>; } /** * Information about a key/value pair. */ interface ListenerRuleQueryStringKeyValueArgs { /** * The key. You can omit the key. */ key?: pulumi.Input; /** * The value. */ value?: pulumi.Input; } /** * Information about a redirect action. * A URI consists of the following components: protocol://hostname:port/path?query. You must modify at least one of the following components to avoid a redirect loop: protocol, hostname, port, or path. Any components that you do not modify retain their original values. * You can reuse URI components using the following reserved keywords: * + #{protocol} * + #{host} * + #{port} * + #{path} (the leading "/" is removed) * + #{query} * * For example, you can change the path to "/new/#{path}", the hostname to "example.#{host}", or the query to "#{query}&value=xyz". */ interface ListenerRuleRedirectConfigArgs { /** * The hostname. This component is not percent-encoded. The hostname can contain #{host}. */ host?: pulumi.Input; /** * The absolute path, starting with the leading "/". This component is not percent-encoded. The path can contain #{host}, #{path}, and #{port}. */ path?: pulumi.Input; /** * The port. You can specify a value from 1 to 65535 or #{port}. */ port?: pulumi.Input; /** * The protocol. You can specify HTTP, HTTPS, or #{protocol}. You can redirect HTTP to HTTP, HTTP to HTTPS, and HTTPS to HTTPS. You can't redirect HTTPS to HTTP. */ protocol?: pulumi.Input; /** * The query parameters, URL-encoded when necessary, but not percent-encoded. Do not include the leading "?", as it is automatically added. You can specify any of the reserved keywords. */ query?: pulumi.Input; /** * The HTTP redirect code. The redirect is either permanent (HTTP 301) or temporary (HTTP 302). */ statusCode: pulumi.Input; } /** * Information about a rewrite transform. This transform matches a pattern and replaces it with the specified string. */ interface ListenerRuleRewriteConfigArgs { /** * The regular expression to match in the input string. The maximum length of the string is 1,024 characters. */ regex: pulumi.Input; /** * The replacement string to use when rewriting the matched input. The maximum length of the string is 1,024 characters. You can specify capture groups in the regular expression (for example, $1 and $2). */ replace: pulumi.Input; } interface ListenerRuleRewriteConfigObjectArgs { rewrites: pulumi.Input[]>; } /** * Specifies a condition for a listener rule. */ interface ListenerRuleRuleConditionArgs { /** * The field in the HTTP request. The following are the possible values: * + ``http-header`` * + ``http-request-method`` * + ``host-header`` * + ``path-pattern`` * + ``query-string`` * + ``source-ip`` */ field?: pulumi.Input; /** * Information for a host header condition. Specify only when ``Field`` is ``host-header``. */ hostHeaderConfig?: pulumi.Input; /** * Information for an HTTP header condition. Specify only when ``Field`` is ``http-header``. */ httpHeaderConfig?: pulumi.Input; /** * Information for an HTTP method condition. Specify only when ``Field`` is ``http-request-method``. */ httpRequestMethodConfig?: pulumi.Input; /** * Information for a path pattern condition. Specify only when ``Field`` is ``path-pattern``. */ pathPatternConfig?: pulumi.Input; /** * Information for a query string condition. Specify only when ``Field`` is ``query-string``. */ queryStringConfig?: pulumi.Input; /** * The regular expressions to match against the condition field. The maximum length of each string is 128 characters. Specify only when ``Field`` is ``http-header``, ``host-header``, or ``path-pattern``. */ regexValues?: pulumi.Input[]>; /** * Information for a source IP condition. Specify only when ``Field`` is ``source-ip``. */ sourceIpConfig?: pulumi.Input; /** * The condition value. Specify only when ``Field`` is ``host-header`` or ``path-pattern``. Alternatively, to specify multiple host names or multiple path patterns, use ``HostHeaderConfig`` or ``PathPatternConfig``. * If ``Field`` is ``host-header`` and you're not using ``HostHeaderConfig``, you can specify a single host name (for example, my.example.com). A host name is case insensitive, can be up to 128 characters in length, and can contain any of the following characters. * + A-Z, a-z, 0-9 * + - . * + * (matches 0 or more characters) * + ? (matches exactly 1 character) * * If ``Field`` is ``path-pattern`` and you're not using ``PathPatternConfig``, you can specify a single path pattern (for example, /img/*). A path pattern is case-sensitive, can be up to 128 characters in length, and can contain any of the following characters. * + A-Z, a-z, 0-9 * + _ - . $ / ~ " ' @ : + * + & (using &) * + * (matches 0 or more characters) * + ? (matches exactly 1 character) */ values?: pulumi.Input[]>; } /** * Information about a source IP condition. * You can use this condition to route based on the IP address of the source that connects to the load balancer. If a client is behind a proxy, this is the IP address of the proxy not the IP address of the client. */ interface ListenerRuleSourceIpConfigArgs { /** * The source IP addresses, in CIDR format. You can use both IPv4 and IPv6 addresses. Wildcards are not supported. * If you specify multiple addresses, the condition is satisfied if the source IP address of the request matches one of the CIDR blocks. This condition is not satisfied by the addresses in the X-Forwarded-For header. */ values?: pulumi.Input[]>; } /** * Information about the target group stickiness for a rule. */ interface ListenerRuleTargetGroupStickinessConfigArgs { /** * [Application Load Balancers] The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness. */ durationSeconds?: pulumi.Input; /** * Indicates whether target group stickiness is enabled. */ enabled?: pulumi.Input; } /** * Information about how traffic will be distributed between multiple target groups in a forward rule. */ interface ListenerRuleTargetGroupTupleArgs { /** * The Amazon Resource Name (ARN) of the target group. */ targetGroupArn?: pulumi.Input; /** * The weight. The range is 0 to 999. */ weight?: pulumi.Input; } interface ListenerRuleTransformArgs { hostHeaderRewriteConfig?: pulumi.Input; type: pulumi.Input; urlRewriteConfig?: pulumi.Input; } /** * Information about the target group stickiness for a rule. */ interface ListenerTargetGroupStickinessConfigArgs { /** * [Application Load Balancers] The time period, in seconds, during which requests from a client should be routed to the same target group. The range is 1-604800 seconds (7 days). You must specify this value when enabling target group stickiness. */ durationSeconds?: pulumi.Input; /** * Indicates whether target group stickiness is enabled. */ enabled?: pulumi.Input; } /** * Information about how traffic will be distributed between multiple target groups in a forward rule. */ interface ListenerTargetGroupTupleArgs { /** * The Amazon Resource Name (ARN) of the target group. */ targetGroupArn?: pulumi.Input; /** * The weight. The range is 0 to 999. */ weight?: pulumi.Input; } /** * Specifies an attribute for an Application Load Balancer, a Network Load Balancer, or a Gateway Load Balancer. */ interface LoadBalancerAttributeArgs { /** * The name of the attribute. * The following attributes are supported by all load balancers: * + ``deletion_protection.enabled`` - Indicates whether deletion protection is enabled. The value is ``true`` or ``false``. The default is ``false``. * + ``load_balancing.cross_zone.enabled`` - Indicates whether cross-zone load balancing is enabled. The possible values are ``true`` and ``false``. The default for Network Load Balancers and Gateway Load Balancers is ``false``. The default for Application Load Balancers is ``true``, and can't be changed. * * The following attributes are supported by both Application Load Balancers and Network Load Balancers: * + ``access_logs.s3.enabled`` - Indicates whether access logs are enabled. The value is ``true`` or ``false``. The default is ``false``. * + ``access_logs.s3.bucket`` - The name of the S3 bucket for the access logs. This attribute is required if access logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. * + ``access_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the access logs. * + ``ipv6.deny_all_igw_traffic`` - Blocks internet gateway (IGW) access to the load balancer. It is set to ``false`` for internet-facing load balancers and ``true`` for internal load balancers, preventing unintended access to your internal load balancer through an internet gateway. * + ``zonal_shift.config.enabled`` - Indicates whether zonal shift is enabled. The possible values are ``true`` and ``false``. The default is ``false``. * * The following attributes are supported by only Application Load Balancers: * + ``idle_timeout.timeout_seconds`` - The idle timeout value, in seconds. The valid range is 1-4000 seconds. The default is 60 seconds. * + ``client_keep_alive.seconds`` - The client keep alive value, in seconds. The valid range is 60-604800 seconds. The default is 3600 seconds. * + ``connection_logs.s3.enabled`` - Indicates whether connection logs are enabled. The value is ``true`` or ``false``. The default is ``false``. * + ``connection_logs.s3.bucket`` - The name of the S3 bucket for the connection logs. This attribute is required if connection logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. * + ``connection_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the connection logs. * + ``health_check_logs.s3.enabled`` - Indicates whether health check logs are enabled. The value is ``true`` or ``false``. The default is ``false``. * + ``health_check_logs.s3.bucket`` - The name of the S3 bucket for the health check logs. This attribute is required if health check logs are enabled. The bucket must exist in the same region as the load balancer and have a bucket policy that grants Elastic Load Balancing permissions to write to the bucket. * + ``health_check_logs.s3.prefix`` - The prefix for the location in the S3 bucket for the health check logs. * + ``routing.http.desync_mitigation_mode`` - Determines how the load balancer handles requests that might pose a security risk to your application. The possible values are ``monitor``, ``defensive``, and ``strictest``. The default is ``defensive``. * + ``routing.http.drop_invalid_header_fields.enabled`` - Indicates whether HTTP headers with invalid header fields are removed by the load balancer (``true``) or routed to targets (``false``). The default is ``false``. * + ``routing.http.preserve_host_header.enabled`` - Indicates whether the Application Load Balancer should preserve the ``Host`` header in the HTTP request and send it to the target without any change. The possible values are ``true`` and ``false``. The default is ``false``. * + ``routing.http.x_amzn_tls_version_and_cipher_suite.enabled`` - Indicates whether the two headers (``x-amzn-tls-version`` and ``x-amzn-tls-cipher-suite``), which contain information about the negotiated TLS version and cipher suite, are added to the client request before sending it to the target. The ``x-amzn-tls-version`` header has information about the TLS protocol version negotiated with the client, and the ``x-amzn-tls-cipher-suite`` header has information about the cipher suite negotiated with the client. Both headers are in OpenSSL format. The possible values for the attribute are ``true`` and ``false``. The default is ``false``. * + ``routing.http.xff_client_port.enabled`` - Indicates whether the ``X-Forwarded-For`` header should preserve the source port that the client used to connect to the load balancer. The possible values are ``true`` and ``false``. The default is ``false``. * + ``routing.http.xff_header_processing.mode`` - Enables you to modify, preserve, or remove the ``X-Forwarded-For`` header in the HTTP request before the Application Load Balancer sends the request to the target. The possible values are ``append``, ``preserve``, and ``remove``. The default is ``append``. * + If the value is ``append``, the Application Load Balancer adds the client IP address (of the last hop) to the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets. * + If the value is ``preserve`` the Application Load Balancer preserves the ``X-Forwarded-For`` header in the HTTP request, and sends it to targets without any change. * + If the value is ``remove``, the Application Load Balancer removes the ``X-Forwarded-For`` header in the HTTP request before it sends it to targets. * * + ``routing.http2.enabled`` - Indicates whether clients can connect to the load balancer using HTTP/2. If ``true``, clients can connect using HTTP/2 or HTTP/1.1. However, all client requests are subject to the stricter HTTP/2 header validation rules. For example, message header names must contain only alphanumeric characters and hyphens. If ``false``, clients must connect using HTTP/1.1. The default is ``true``. * + ``waf.fail_open.enabled`` - Indicates whether to allow a WAF-enabled load balancer to route requests to targets if it is unable to forward the request to AWS WAF. The possible values are ``true`` and ``false``. The default is ``false``. * * The following attributes are supported by only Network Load Balancers: * + ``dns_record.client_routing_policy`` - Indicates how traffic is distributed among the load balancer Availability Zones. The possible values are ``availability_zone_affinity`` with 100 percent zonal affinity, ``partial_availability_zone_affinity`` with 85 percent zonal affinity, and ``any_availability_zone`` with 0 percent zonal affinity. * + ``secondary_ips.auto_assigned.per_subnet`` - The number of secondary IP addresses to configure for your load balancer nodes. Use to address port allocation errors if you can't add targets. The valid range is 0 to 7. The default is 0. After you set this value, you can't decrease it. */ key?: pulumi.Input; /** * The value of the attribute. */ value?: pulumi.Input; } /** * The minimum capacity for a load balancer. */ interface LoadBalancerMinimumLoadBalancerCapacityArgs { /** * The number of capacity units. */ capacityUnits: pulumi.Input; } /** * Specifies a subnet for a load balancer. */ interface LoadBalancerSubnetMappingArgs { /** * [Network Load Balancers] The allocation ID of the Elastic IP address for an internet-facing load balancer. */ allocationId?: pulumi.Input; /** * [Network Load Balancers] The IPv6 address. */ iPv6Address?: pulumi.Input; /** * [Network Load Balancers] The private IPv4 address for an internal load balancer. */ privateIPv4Address?: pulumi.Input; /** * [Network Load Balancers with UDP listeners] The IPv6 prefix to use for source NAT. Specify an IPv6 prefix (/80 netmask) from the subnet CIDR block or ``auto_assigned`` to use an IPv6 prefix selected at random from the subnet CIDR block. */ sourceNatIpv6Prefix?: pulumi.Input; /** * The ID of the subnet. */ subnetId: pulumi.Input; } interface TargetGroupAttributeArgs { /** * The value of the attribute. */ key?: pulumi.Input; /** * The name of the attribute. */ value?: pulumi.Input; } interface TargetGroupMatcherArgs { /** * You can specify values between 0 and 99. You can specify multiple values, or a range of values. The default value is 12. */ grpcCode?: pulumi.Input; /** * For Application Load Balancers, you can specify values between 200 and 499, and the default value is 200. You can specify multiple values or a range of values. */ httpCode?: pulumi.Input; } interface TargetGroupTargetDescriptionArgs { /** * An Availability Zone or all. This determines whether the target receives traffic from the load balancer nodes in the specified Availability Zone or from all enabled Availability Zones for the load balancer. */ availabilityZone?: pulumi.Input; /** * The ID of the target. If the target type of the target group is instance, specify an instance ID. If the target type is ip, specify an IP address. If the target type is lambda, specify the ARN of the Lambda function. If the target type is alb, specify the ARN of the Application Load Balancer target. */ id: pulumi.Input; /** * The port on which the target is listening. If the target group protocol is GENEVE, the supported port is 6081. If the target type is alb, the targeted Application Load Balancer must have at least one listener whose port matches the target group port. Not used if the target is a Lambda function. */ port?: pulumi.Input; /** * The Server ID used by targets when using QUIC or TCP_QUIC protocols. */ quicServerId?: pulumi.Input; } interface TrustStoreRevocationRevocationContentArgs { /** * The type of revocation file. */ revocationType?: pulumi.Input; /** * The Amazon S3 bucket for the revocation file. */ s3Bucket?: pulumi.Input; /** * The Amazon S3 path for the revocation file. */ s3Key?: pulumi.Input; /** * The Amazon S3 object version of the revocation file. */ s3ObjectVersion?: pulumi.Input; } } export declare namespace elementalinference { interface FeedClippingConfigArgs { callbackMetadata?: pulumi.Input; } interface FeedCroppingConfigArgs { } interface FeedGetOutputArgs { description?: pulumi.Input; name: pulumi.Input; outputConfig: pulumi.Input; status: pulumi.Input; } interface FeedOutputConfig0PropertiesArgs { cropping: pulumi.Input; } interface FeedOutputConfig1PropertiesArgs { clipping: pulumi.Input; } } export declare namespace emr { interface StepHadoopJarStepConfigArgs { /** * A list of command line arguments passed to the JAR file's main function when executed. */ args?: pulumi.Input[]>; /** * A path to a JAR file run during the step. */ jar: pulumi.Input; /** * The name of the main class in the specified Java file. If not specified, the JAR file should specify a Main-Class in its manifest file. */ mainClass?: pulumi.Input; /** * A list of Java properties that are set when the step runs. You can use these properties to pass key value pairs to your main function. */ stepProperties?: pulumi.Input[]>; } interface StepKeyValueArgs { /** * The unique identifier of a key-value pair. */ key?: pulumi.Input; /** * The value part of the identified key. */ value?: pulumi.Input; } } export declare namespace emrcontainers { interface EndpointCloudWatchMonitoringConfigurationArgs { logGroupName: pulumi.Input; logStreamNamePrefix?: pulumi.Input; } interface EndpointConfigurationOverridesArgs { applicationConfiguration?: pulumi.Input[]>; monitoringConfiguration?: pulumi.Input; } interface EndpointContainerLogRotationConfigurationArgs { maxFilesToKeep: pulumi.Input; rotationSize: pulumi.Input; } interface EndpointEmreksConfigurationArgs { classification: pulumi.Input; configurations?: pulumi.Input[]>; properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface EndpointMonitoringConfigurationArgs { cloudWatchMonitoringConfiguration?: pulumi.Input; containerLogRotationConfiguration?: pulumi.Input; persistentAppUi?: pulumi.Input; s3MonitoringConfiguration?: pulumi.Input; } interface EndpointS3MonitoringConfigurationArgs { logUri: pulumi.Input; } /** * At-rest encryption configuration. */ interface SecurityConfigurationAtRestEncryptionConfigurationArgs { localDiskEncryptionConfiguration?: pulumi.Input; s3EncryptionConfiguration?: pulumi.Input; } /** * Authentication configuration for the security configuration. */ interface SecurityConfigurationAuthenticationConfigurationArgs { iamConfiguration?: pulumi.Input; identityCenterConfiguration?: pulumi.Input; } /** * Authorization configuration for the security configuration. */ interface SecurityConfigurationAuthorizationConfigurationArgs { lakeFormationConfiguration?: pulumi.Input; } /** * Container information. */ interface SecurityConfigurationContainerInfoArgs { eksInfo?: pulumi.Input; } /** * Container provider information. */ interface SecurityConfigurationContainerProviderArgs { /** * The container provider ID. */ id: pulumi.Input; info?: pulumi.Input; /** * The container provider type. */ type: pulumi.Input; } /** * Security configuration data containing encryption and authorization settings. */ interface SecurityConfigurationDataArgs { authenticationConfiguration?: pulumi.Input; authorizationConfiguration?: pulumi.Input; encryptionConfiguration?: pulumi.Input; } /** * EKS information. */ interface SecurityConfigurationEksInfoArgs { /** * The EKS namespace. */ namespace?: pulumi.Input; } /** * Encryption configuration for the security configuration. */ interface SecurityConfigurationEncryptionConfigurationArgs { atRestEncryptionConfiguration?: pulumi.Input; inTransitEncryptionConfiguration?: pulumi.Input; } /** * IAM configuration. */ interface SecurityConfigurationIamConfigurationArgs { /** * The system role ARN. */ systemRole?: pulumi.Input; } /** * Identity Center configuration. */ interface SecurityConfigurationIdentityCenterConfigurationArgs { /** * Whether to enable Identity Center integration. */ enableIdentityCenter?: pulumi.Input; /** * Whether Identity Center application assignment is required. */ identityCenterApplicationAssignmentRequired?: pulumi.Input; /** * The ARN of the Identity Center instance. */ identityCenterInstanceArn?: pulumi.Input; } /** * In-transit encryption configuration. */ interface SecurityConfigurationInTransitEncryptionConfigurationArgs { tlsCertificateConfiguration?: pulumi.Input; } /** * Lake Formation configuration. */ interface SecurityConfigurationLakeFormationConfigurationArgs { /** * The session tag to authorize Lake Formation access. */ authorizedSessionTagValue?: pulumi.Input; /** * Whether query access control is enabled. */ queryAccessControlEnabled?: pulumi.Input; /** * The ARN of the query engine role. */ queryEngineRoleArn?: pulumi.Input; secureNamespaceInfo?: pulumi.Input; } /** * Local disk encryption configuration. */ interface SecurityConfigurationLocalDiskEncryptionConfigurationArgs { /** * The AWS KMS key ID. */ awsKmsKeyId?: pulumi.Input; /** * The encryption key provider type. */ encryptionKeyProviderType?: pulumi.Input; } /** * S3 encryption configuration. */ interface SecurityConfigurationS3EncryptionConfigurationArgs { /** * The S3 encryption option. */ encryptionOption?: pulumi.Input; /** * The KMS key ID for encryption. */ kmsKeyId?: pulumi.Input; } /** * Secure namespace information for Lake Formation. */ interface SecurityConfigurationSecureNamespaceInfoArgs { /** * The ID of the cluster. */ clusterId?: pulumi.Input; /** * The namespace. */ namespace?: pulumi.Input; } /** * TLS certificate configuration for in-transit encryption. */ interface SecurityConfigurationTlsCertificateConfigurationArgs { /** * The certificate provider type. */ certificateProviderType?: pulumi.Input; /** * The ARN of the secret containing the private key. */ privateKeySecretArn?: pulumi.Input; /** * The ARN of the secret containing the public key. */ publicKeySecretArn?: pulumi.Input; } interface VirtualClusterContainerInfoArgs { /** * The information about the Amazon EKS cluster. */ eksInfo: pulumi.Input; } interface VirtualClusterContainerProviderArgs { /** * The ID of the container cluster */ id: pulumi.Input; /** * The information about the container cluster. */ info: pulumi.Input; /** * The type of the container provider */ type: pulumi.Input; } interface VirtualClusterEksInfoArgs { /** * The namespaces of the EKS cluster. * * *Minimum* : 1 * * *Maximum* : 63 * * *Pattern* : `[a-z0-9]([-a-z0-9]*[a-z0-9])?` */ namespace: pulumi.Input; } } export declare namespace emrserverless { /** * Configuration for Auto Start of Application */ interface ApplicationAutoStartConfigurationArgs { /** * If set to true, the Application will automatically start. Defaults to true. */ enabled?: pulumi.Input; } /** * Configuration for Auto Stop of Application */ interface ApplicationAutoStopConfigurationArgs { /** * If set to true, the Application will automatically stop after being idle. Defaults to true. */ enabled?: pulumi.Input; /** * The amount of time [in minutes] to wait before auto stopping the Application when idle. Defaults to 15 minutes. */ idleTimeoutMinutes?: pulumi.Input; } interface ApplicationCloudWatchLoggingConfigurationArgs { /** * If set to false, CloudWatch logging will be turned off. Defaults to false. */ enabled?: pulumi.Input; /** * KMS key ARN to encrypt the logs stored in given CloudWatch log-group. */ encryptionKeyArn?: pulumi.Input; /** * Log-group name to produce log-streams on CloudWatch. If undefined, logs will be produced in a default log-group /aws/emr-serverless */ logGroupName?: pulumi.Input; /** * Log-stream name prefix by which log-stream names will start in the CloudWatch Log-group. */ logStreamNamePrefix?: pulumi.Input; /** * The specific log-streams which need to be uploaded to CloudWatch. */ logTypeMap?: pulumi.Input[]>; } /** * Configuration for a JobRun. */ interface ApplicationConfigurationObjectArgs { /** * String with a maximum length of 1024. */ classification: pulumi.Input; configurations?: pulumi.Input[]>; properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The IAM IdentityCenter configuration for trusted-identity-propagation on this application. Supported with release labels emr-7.8.0 and above. */ interface ApplicationIdentityCenterConfigurationArgs { /** * The IAM IdentityCenter instance arn */ identityCenterInstanceArn?: pulumi.Input; } /** * The image configuration. */ interface ApplicationImageConfigurationInputArgs { /** * The URI of an image in the Amazon ECR registry. This field is required when you create a new application. If you leave this field blank in an update, Amazon EMR will remove the image configuration. */ imageUri?: pulumi.Input; } interface ApplicationInitialCapacityConfigArgs { workerConfiguration: pulumi.Input; /** * Initial count of workers to be initialized when an Application is started. This count will be continued to be maintained until the Application is stopped */ workerCount: pulumi.Input; } interface ApplicationInitialCapacityConfigKeyValuePairArgs { /** * Worker type for an analytics framework. */ key: pulumi.Input; value: pulumi.Input; } interface ApplicationInteractiveConfigurationArgs { /** * Enables an Apache Livy endpoint that you can connect to and run interactive jobs */ livyEndpointEnabled?: pulumi.Input; /** * Enabled you to connect an Application to Amazon EMR Studio to run interactive workloads in a notebook */ studioEnabled?: pulumi.Input; } interface ApplicationLogTypeMapKeyValuePairArgs { key: pulumi.Input; value: pulumi.Input[]>; } interface ApplicationManagedPersistenceMonitoringConfigurationArgs { /** * If set to false, managed logging will be turned off. Defaults to true. */ enabled?: pulumi.Input; /** * KMS key ARN to encrypt the logs stored in managed persistence */ encryptionKeyArn?: pulumi.Input; } interface ApplicationMaximumAllowedResourcesArgs { /** * Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional. */ cpu: pulumi.Input; /** * Per worker Disk resource. GB is the only supported unit and specifying GB is optional */ disk?: pulumi.Input; /** * Per worker memory resource. GB is the only supported unit and specifying GB is optional. */ memory: pulumi.Input; } /** * Monitoring configuration for batch and interactive JobRun. */ interface ApplicationMonitoringConfigurationArgs { /** * CloudWatch logging configurations for a JobRun. */ cloudWatchLoggingConfiguration?: pulumi.Input; /** * Managed log persistence configurations for a JobRun. */ managedPersistenceMonitoringConfiguration?: pulumi.Input; /** * Prometheus monitoring configurations for a JobRun. */ prometheusMonitoringConfiguration?: pulumi.Input; /** * S3 monitoring configurations for a JobRun. */ s3MonitoringConfiguration?: pulumi.Input; } interface ApplicationNetworkConfigurationArgs { /** * The ID of the security groups in the VPC to which you want to connect your job or application. */ securityGroupIds?: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect your job or application. */ subnetIds?: pulumi.Input[]>; } interface ApplicationPrometheusMonitoringConfigurationArgs { /** * The remote write URL in the Amazon Managed Service for Prometheus workspace to send metrics to. */ remoteWriteUrl?: pulumi.Input; } interface ApplicationS3MonitoringConfigurationArgs { /** * KMS key ARN to encrypt the logs stored in given s3 */ encryptionKeyArn?: pulumi.Input; logUri?: pulumi.Input; } /** * The scheduler configuration for batch and streaming jobs running on this application. Supported with release labels emr-7.0.0 and above. */ interface ApplicationSchedulerConfigurationArgs { /** * The maximum concurrent job runs on this application. If scheduler configuration is enabled on your application, the default value is 15. The valid range is 1 to 1000. */ maxConcurrentRuns?: pulumi.Input; /** * The maximum duration in minutes for the job in QUEUED state. If scheduler configuration is enabled on your application, the default value is 360 minutes (6 hours). The valid range is from 15 to 720. */ queueTimeoutMinutes?: pulumi.Input; } interface ApplicationWorkerConfigurationArgs { /** * Per worker CPU resource. vCPU is the only supported unit and specifying vCPU is optional. */ cpu: pulumi.Input; /** * Per worker Disk resource. GB is the only supported unit and specifying GB is optional */ disk?: pulumi.Input; /** * Per worker DiskType resource. Shuffle optimized and Standard are only supported types and specifying diskType is optional */ diskType?: pulumi.Input; /** * Per worker memory resource. GB is the only supported unit and specifying GB is optional. */ memory: pulumi.Input; } /** * The specifications for a worker type. */ interface ApplicationWorkerTypeSpecificationInputArgs { /** * The image configuration for a worker type. */ imageConfiguration?: pulumi.Input; } } export declare namespace entityresolution { interface IdMappingWorkflowIdMappingIncrementalRunConfigArgs { incrementalRunType: pulumi.Input; } interface IdMappingWorkflowIdMappingRuleBasedPropertiesArgs { /** * The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` . * * If you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B. * * If you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of the `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type. */ attributeMatchingModel: pulumi.Input; /** * The type of matching record that is allowed to be used in an ID mapping workflow. * * If the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source can be matched to the same record in the target. * * If the value is set to `MANY_SOURCE_TO_ONE_TARGET` , multiple records in the source can be matched to one record in the target. */ recordMatchingModel: pulumi.Input; /** * The set of rules you can use in an ID mapping workflow. The limitations specified for the source or target to define the match rules must be compatible. */ ruleDefinitionType?: pulumi.Input; /** * The rules that can be used for ID mapping. */ rules?: pulumi.Input[]>; } interface IdMappingWorkflowIdMappingTechniquesArgs { /** * The type of ID mapping. */ idMappingType?: pulumi.Input; normalizationVersion?: pulumi.Input; /** * An object which defines any additional configurations required by the provider service. */ providerProperties?: pulumi.Input; /** * An object which defines any additional configurations required by rule-based matching. */ ruleBasedProperties?: pulumi.Input; } interface IdMappingWorkflowInputSourceArgs { /** * An Glue table ARN for the input source table, MatchingWorkflow arn or IdNamespace ARN */ inputSourceArn: pulumi.Input; /** * The ARN (Amazon Resource Name) that AWS Entity Resolution generated for the `SchemaMapping` . */ schemaArn?: pulumi.Input; /** * The type of ID namespace. There are two types: `SOURCE` and `TARGET` . * * The `SOURCE` contains configurations for `sourceId` data that will be processed in an ID mapping workflow. * * The `TARGET` contains a configuration of `targetId` which all `sourceIds` will resolve to. */ type?: pulumi.Input; } interface IdMappingWorkflowIntermediateSourceConfigurationArgs { /** * The s3 path that would be used to stage the intermediate data being generated during workflow execution. */ intermediateS3Path: pulumi.Input; } interface IdMappingWorkflowOutputSourceArgs { /** * Customer AWS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key. */ kmsArn?: pulumi.Input; /** * The S3 path to which Entity Resolution will write the output table */ outputS3Path: pulumi.Input; } interface IdMappingWorkflowProviderPropertiesArgs { /** * The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently. */ intermediateSourceConfiguration?: pulumi.Input; /** * Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format */ providerConfiguration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Arn of the Provider Service being used. */ providerServiceArn: pulumi.Input; } interface IdMappingWorkflowRuleArgs { /** * A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match. */ matchingKeys: pulumi.Input[]>; /** * A name for the matching rule. */ ruleName: pulumi.Input; } interface IdNamespaceIdMappingWorkflowPropertiesArgs { /** * The type of ID mapping. */ idMappingType: pulumi.Input; /** * An object which defines any additional configurations required by the provider service. */ providerProperties?: pulumi.Input; /** * An object which defines any additional configurations required by rule-based matching. */ ruleBasedProperties?: pulumi.Input; } interface IdNamespaceInputSourceArgs { /** * An AWS Glue table Amazon Resource Name (ARN) or a matching workflow ARN for the input source table. */ inputSourceArn: pulumi.Input; /** * The name of the schema. */ schemaName?: pulumi.Input; } interface IdNamespaceNamespaceProviderPropertiesArgs { /** * Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format. */ providerConfiguration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The Amazon Resource Name (ARN) of the provider service. */ providerServiceArn: pulumi.Input; } interface IdNamespaceNamespaceRuleBasedPropertiesArgs { /** * The comparison type. You can either choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` . * * If you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B. * * If you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A matches the value of `BusinessEmail` field of Profile B, the two profiles are matched on the `Email` attribute type. */ attributeMatchingModel?: pulumi.Input; /** * The type of matching record that is allowed to be used in an ID mapping workflow. * * If the value is set to `ONE_SOURCE_TO_ONE_TARGET` , only one record in the source is matched to one record in the target. * * If the value is set to `MANY_SOURCE_TO_ONE_TARGET` , all matching records in the source are matched to one record in the target. */ recordMatchingModels?: pulumi.Input[]>; /** * The sets of rules you can use in an ID mapping workflow. The limitations specified for the source and target must be compatible. */ ruleDefinitionTypes?: pulumi.Input[]>; /** * The rules for the ID namespace. */ rules?: pulumi.Input[]>; } interface IdNamespaceRuleArgs { /** * A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match. */ matchingKeys: pulumi.Input[]>; /** * A name for the matching rule. */ ruleName: pulumi.Input; } interface MatchingWorkflowCustomerProfilesIntegrationConfigArgs { domainArn: pulumi.Input; objectTypeArn: pulumi.Input; } interface MatchingWorkflowIncrementalRunConfigArgs { /** * The type of incremental run. The only valid value is `IMMEDIATE` . This appears as "Automatic" in the console. * * > For workflows where `resolutionType` is `ML_MATCHING` or `PROVIDER` , incremental processing is not supported. */ incrementalRunType: pulumi.Input; } interface MatchingWorkflowInputSourceArgs { /** * Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890. */ applyNormalization?: pulumi.Input; /** * An Glue table ARN for the input source table */ inputSourceArn: pulumi.Input; /** * The name of the schema. */ schemaArn: pulumi.Input; } interface MatchingWorkflowIntermediateSourceConfigurationArgs { /** * The s3 path that would be used to stage the intermediate data being generated during workflow execution. */ intermediateS3Path: pulumi.Input; } interface MatchingWorkflowOutputAttributeArgs { /** * Enables the ability to hash the column values in the output. */ hashed?: pulumi.Input; /** * A name of a column to be written to the output. This must be an `InputField` name in the schema mapping. */ name: pulumi.Input; } interface MatchingWorkflowOutputSourceArgs { /** * Normalizes the attributes defined in the schema in the input data. For example, if an attribute has an `AttributeType` of `PHONE_NUMBER` , and the data in the input table is in a format of 1234567890, AWS Entity Resolution will normalize this field in the output to (123)-456-7890. */ applyNormalization?: pulumi.Input; customerProfilesIntegrationConfig?: pulumi.Input; /** * Customer KMS ARN for encryption at rest. If not provided, system will use an AWS Entity Resolution managed KMS key. */ kmsArn?: pulumi.Input; /** * A list of `OutputAttribute` objects, each of which have the fields `Name` and `Hashed` . Each of these objects selects a column to be included in the output table, and whether the values of the column should be hashed. */ output: pulumi.Input[]>; /** * The S3 path to which Entity Resolution will write the output table */ outputS3Path?: pulumi.Input; } interface MatchingWorkflowProviderPropertiesArgs { /** * The Amazon S3 location that temporarily stores your data while it processes. Your information won't be saved permanently. */ intermediateSourceConfiguration?: pulumi.Input; /** * Additional Provider configuration that would be required for the provider service. The Configuration must be in JSON string format */ providerConfiguration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Arn of the Provider service being used. */ providerServiceArn: pulumi.Input; } interface MatchingWorkflowResolutionTechniquesArgs { /** * The properties of the provider service. */ providerProperties?: pulumi.Input; /** * The type of matching workflow to create. Specify one of the following types: * * - `RULE_MATCHING` : Match records using configurable rule-based criteria * - `ML_MATCHING` : Match records using machine learning models * - `PROVIDER` : Match records using a third-party matching provider */ resolutionType?: pulumi.Input; /** * An object which defines the list of matching rules to run and has a field `rules` , which is a list of rule objects. */ ruleBasedProperties?: pulumi.Input; /** * An object containing the `rules` for a matching workflow. */ ruleConditionProperties?: pulumi.Input; } interface MatchingWorkflowRuleArgs { /** * A list of `MatchingKeys` . The `MatchingKeys` must have been defined in the `SchemaMapping` . Two records are considered to match according to this rule if all of the `MatchingKeys` match. */ matchingKeys: pulumi.Input[]>; /** * A name for the matching rule. */ ruleName: pulumi.Input; } interface MatchingWorkflowRuleBasedPropertiesArgs { /** * The comparison type. You can choose `ONE_TO_ONE` or `MANY_TO_MANY` as the `attributeMatchingModel` . * * If you choose `ONE_TO_ONE` , the system can only match attributes if the sub-types are an exact match. For example, for the `Email` attribute type, the system will only consider it a match if the value of the `Email` field of Profile A matches the value of the `Email` field of Profile B. * * If you choose `MANY_TO_MANY` , the system can match attributes across the sub-types of an attribute type. For example, if the value of the `Email` field of Profile A and the value of `BusinessEmail` field of Profile B matches, the two profiles are matched on the `Email` attribute type. */ attributeMatchingModel: pulumi.Input; /** * An indicator of whether to generate IDs and index the data or not. * * If you choose `IDENTIFIER_GENERATION` , the process generates IDs and indexes the data. * * If you choose `INDEXING` , the process indexes the data without generating IDs. */ matchPurpose?: pulumi.Input; /** * A list of `Rule` objects, each of which have fields `RuleName` and `MatchingKeys` . */ rules: pulumi.Input[]>; } interface MatchingWorkflowRuleConditionArgs { /** * A statement that specifies the conditions for a matching rule. * * If your data is accurate, use an Exact matching function: `Exact` or `ExactManyToMany` . * * If your data has variations in spelling or pronunciation, use a Fuzzy matching function: `Cosine` , `Levenshtein` , or `Soundex` . * * Use operators if you want to combine ( `AND` ), separate ( `OR` ), or group matching functions `(...)` . * * For example: `(Cosine(a, 10) AND Exact(b, true)) OR ExactManyToMany(c, d)` */ condition?: pulumi.Input; /** * A name for the matching rule. * * For example: `Rule1` */ ruleName?: pulumi.Input; } interface MatchingWorkflowRuleConditionPropertiesArgs { /** * A list of rule objects, each of which have fields `ruleName` and `condition` . */ rules: pulumi.Input[]>; } interface SchemaMappingSchemaInputAttributeArgs { fieldName: pulumi.Input; groupName?: pulumi.Input; hashed?: pulumi.Input; matchKey?: pulumi.Input; /** * The subtype of the Attribute. Would be required only when type is PROVIDER_ID */ subType?: pulumi.Input; type: pulumi.Input; } } export declare namespace events { interface ConnectionApiKeyAuthParametersArgs { /** * The name of the API key to use for authorization. */ apiKeyName: pulumi.Input; /** * The value for the API key to use for authorization. */ apiKeyValue: pulumi.Input; } interface ConnectionAuthParametersArgs { /** * The API Key parameters to use for authorization. */ apiKeyAuthParameters?: pulumi.Input; /** * The authorization parameters for Basic authorization. */ basicAuthParameters?: pulumi.Input; /** * For private OAuth authentication endpoints. The parameters EventBridge uses to authenticate against the endpoint. * * For more information, see [Authorization methods for connections](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-target-connection-auth.html) in the **Amazon EventBridge User Guide** . */ connectivityParameters?: pulumi.Input; /** * Additional parameters for the connection that are passed through with every invocation to the HTTP endpoint. */ invocationHttpParameters?: pulumi.Input; /** * The OAuth parameters to use for authorization. */ oAuthParameters?: pulumi.Input; } interface ConnectionBasicAuthParametersArgs { /** * The password associated with the user name to use for Basic authorization. */ password: pulumi.Input; /** * The user name to use for Basic authorization. */ username: pulumi.Input; } interface ConnectionClientParametersArgs { /** * The client ID to use for OAuth authorization. */ clientId: pulumi.Input; /** * The client secret assciated with the client ID to use for OAuth authorization. */ clientSecret: pulumi.Input; } interface ConnectionConnectivityParametersArgs { /** * The parameters for EventBridge to use when invoking the resource endpoint. */ resourceParameters: pulumi.Input; } interface ConnectionHttpParametersArgs { /** * Any additional body string parameters for the connection. */ bodyParameters?: pulumi.Input[]>; /** * Any additional header parameters for the connection. */ headerParameters?: pulumi.Input[]>; /** * Any additional query string parameters for the connection. */ queryStringParameters?: pulumi.Input[]>; } interface ConnectionOAuthParametersArgs { /** * The URL to the authorization endpoint when OAuth is specified as the authorization type. */ authorizationEndpoint: pulumi.Input; /** * The client parameters for OAuth authorization. */ clientParameters: pulumi.Input; /** * The method to use for the authorization request. */ httpMethod: pulumi.Input; /** * Details about the additional parameters to use for the connection. */ oAuthHttpParameters?: pulumi.Input; } interface ConnectionParameterArgs { /** * Specifies whether the value is secret. */ isValueSecret?: pulumi.Input; /** * The key for a query string parameter. */ key: pulumi.Input; /** * The value associated with the key for the query string parameter. */ value: pulumi.Input; } interface ConnectionResourceParametersArgs { /** * For connections to private APIs, the Amazon Resource Name (ARN) of the resource association EventBridge created between the connection and the private API's resource configuration. * * > The value of this property is set by EventBridge . Any value you specify in your template is ignored. */ resourceAssociationArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon VPC Lattice resource configuration for the resource endpoint. */ resourceConfigurationArn: pulumi.Input; } /** * Dead Letter Queue for the event bus. */ interface DeadLetterConfigPropertiesArgs { /** * The ARN of the SQS queue specified as the target for the dead-letter queue. */ arn?: pulumi.Input; } interface EndpointEventBusArgs { eventBusArn: pulumi.Input; } interface EndpointFailoverConfigArgs { /** * The main Region of the endpoint. */ primary: pulumi.Input; /** * The Region that events are routed to when failover is triggered or event replication is enabled. */ secondary: pulumi.Input; } interface EndpointPrimaryArgs { /** * The ARN of the health check used by the endpoint to determine whether failover is triggered. */ healthCheck: pulumi.Input; } interface EndpointReplicationConfigArgs { /** * The state of event replication. */ state: pulumi.Input; } interface EndpointRoutingConfigArgs { /** * The failover configuration for an endpoint. This includes what triggers failover and what happens when it's triggered. */ failoverConfig: pulumi.Input; } interface EndpointSecondaryArgs { /** * Defines the secondary Region. */ route: pulumi.Input; } /** * This parameter enables you to limit the permission to accounts that fulfill a certain condition, such as being a member of a certain AWS organization. */ interface EventBusPolicyConditionArgs { /** * Specifies the value for the key. Currently, this must be the ID of the organization. */ key?: pulumi.Input; /** * Specifies the type of condition. Currently the only supported value is StringEquals. */ type?: pulumi.Input; /** * Specifies the key for the condition. Currently the only supported key is aws:PrincipalOrgID. */ value?: pulumi.Input; } /** * The private resource the HTTP request will be sent to. */ interface InvocationConnectivityParametersPropertiesArgs { /** * The parameters for EventBridge to use when invoking the resource endpoint. */ resourceParameters: pulumi.Input; } /** * The logging configuration settings for vended logs. */ interface LogConfigPropertiesArgs { /** * Configures whether or not to include event detail, input transformer details, target properties, and target input in the applicable log messages. */ includeDetail?: pulumi.Input; /** * Configures the log level of the EventBus and determines which log messages are sent to Ingestion Hub for delivery. */ level?: pulumi.Input; } interface RuleAppSyncParametersArgs { /** * The GraphQL operation; that is, the query, mutation, or subscription to be parsed and executed by the GraphQL service. * * For more information, see [Operations](https://docs.aws.amazon.com/appsync/latest/devguide/graphql-architecture.html#graphql-operations) in the *AWS AppSync User Guide* . */ graphQlOperation: pulumi.Input; } interface RuleAwsVpcConfigurationArgs { /** * Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` . */ assignPublicIp?: pulumi.Input; /** * Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets. */ subnets: pulumi.Input[]>; } interface RuleBatchArrayPropertiesArgs { /** * The size of the array, if this is an array batch job. Valid values are integers between 2 and 10,000. */ size?: pulumi.Input; } interface RuleBatchParametersArgs { /** * The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job. */ arrayProperties?: pulumi.Input; /** * The ARN or name of the job definition to use if the event target is an AWS Batch job. This job definition must already exist. */ jobDefinition: pulumi.Input; /** * The name to use for this execution of the job, if the target is an AWS Batch job. */ jobName: pulumi.Input; /** * The retry strategy to use for failed jobs, if the target is an AWS Batch job. The retry strategy is the number of times to retry the failed job execution. Valid values are 1–10. When you specify a retry strategy here, it overrides the retry strategy defined in the job definition. */ retryStrategy?: pulumi.Input; } interface RuleBatchRetryStrategyArgs { /** * The number of times to attempt to retry, if the job fails. Valid values are 1–10. */ attempts?: pulumi.Input; } interface RuleCapacityProviderStrategyItemArgs { /** * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used. */ base?: pulumi.Input; /** * The short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. */ weight?: pulumi.Input; } interface RuleDeadLetterConfigArgs { /** * The ARN of the SQS queue specified as the target for the dead-letter queue. */ arn?: pulumi.Input; } interface RuleEcsParametersArgs { /** * The capacity provider strategy to use for the task. * * If a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used. */ capacityProviderStrategy?: pulumi.Input[]>; /** * Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide. */ enableEcsManagedTags?: pulumi.Input; /** * Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * Specifies an ECS task group for the task. The maximum length is 255 characters. */ group?: pulumi.Input; /** * Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* . */ launchType?: pulumi.Input; /** * Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks. * * If you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails. */ networkConfiguration?: pulumi.Input; /** * An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). */ placementConstraints?: pulumi.Input[]>; /** * The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. */ placementStrategies?: pulumi.Input[]>; /** * Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` . * * This structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* . */ platformVersion?: pulumi.Input; /** * Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the TagResource API action. */ propagateTags?: pulumi.Input; /** * The reference ID to use for the task. */ referenceId?: pulumi.Input; /** * The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference. */ tagList?: pulumi.Input[]>; /** * The number of tasks to create based on `TaskDefinition` . The default is 1. */ taskCount?: pulumi.Input; /** * The ARN of the task definition to use if the event target is an Amazon ECS task. */ taskDefinitionArn: pulumi.Input; } interface RuleHttpParametersArgs { /** * The headers that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination. */ headerParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The path parameter values to be used to populate API Gateway API or EventBridge ApiDestination path wildcards ("*"). */ pathParameterValues?: pulumi.Input[]>; /** * The query string keys/values that need to be sent as part of request invoking the API Gateway API or EventBridge ApiDestination. */ queryStringParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface RuleInputTransformerArgs { /** * Map of JSON paths to be extracted from the event. You can then insert these in the template in `InputTemplate` to produce the output you want to be sent to the target. * * `InputPathsMap` is an array key-value pairs, where each value is a valid JSON path. You can have as many as 100 key-value pairs. You must use JSON dot notation, not bracket notation. * * The keys cannot start with " AWS ." */ inputPathsMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Input template where you specify placeholders that will be filled with the values of the keys from `InputPathsMap` to customize the data sent to the target. Enclose each `InputPathsMaps` value in brackets: < *value* > * * If `InputTemplate` is a JSON object (surrounded by curly braces), the following restrictions apply: * * - The placeholder cannot be used as an object key. * * The following example shows the syntax for using `InputPathsMap` and `InputTemplate` . * * `"InputTransformer":` * * `{` * * `"InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},` * * `"InputTemplate": " is in state "` * * `}` * * To have the `InputTemplate` include quote marks within a JSON string, escape each quote marks with a slash, as in the following example: * * `"InputTransformer":` * * `{` * * `"InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},` * * `"InputTemplate": " is in state \"\""` * * `}` * * The `InputTemplate` can also be valid JSON with varibles in quotes or out, as in the following example: * * `"InputTransformer":` * * `{` * * `"InputPathsMap": {"instance": "$.detail.instance","status": "$.detail.status"},` * * `"InputTemplate": '{"myInstance": ,"myStatus": " is in state \"\""}'` * * `}` */ inputTemplate: pulumi.Input; } interface RuleKinesisParametersArgs { /** * The JSON path to be extracted from the event and used as the partition key. For more information, see [Amazon Kinesis Streams Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/key-concepts.html#partition-key) in the *Amazon Kinesis Streams Developer Guide* . */ partitionKeyPath: pulumi.Input; } interface RuleNetworkConfigurationArgs { /** * Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode. */ awsVpcConfiguration?: pulumi.Input; } interface RulePlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide. */ expression?: pulumi.Input; /** * The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates. */ type?: pulumi.Input; } interface RulePlacementStrategyArgs { /** * The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used. */ field?: pulumi.Input; /** * The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). */ type?: pulumi.Input; } interface RuleRedshiftDataParametersArgs { /** * The name of the database. Required when authenticating using temporary credentials. */ database: pulumi.Input; /** * The database user name. Required when authenticating using temporary credentials. */ dbUser?: pulumi.Input; /** * The name or ARN of the secret that enables access to the database. Required when authenticating using AWS Secrets Manager. */ secretManagerArn?: pulumi.Input; /** * The SQL statement text to run. */ sql?: pulumi.Input; /** * One or more SQL statements to run. The SQL statements are run as a single transaction. They run serially in the order of the array. Subsequent SQL statements don't start until the previous statement in the array completes. If any SQL statement fails, then because they are run as one transaction, all work is rolled back. */ sqls?: pulumi.Input[]>; /** * The name of the SQL statement. You can name the SQL statement when you create it to identify the query. */ statementName?: pulumi.Input; /** * Indicates whether to send an event back to EventBridge after the SQL statement runs. */ withEvent?: pulumi.Input; } interface RuleRetryPolicyArgs { /** * The maximum amount of time, in seconds, to continue to make retry attempts. */ maximumEventAgeInSeconds?: pulumi.Input; /** * The maximum number of retry attempts to make before the request fails. Retry attempts continue until either the maximum number of attempts is made or until the duration of the `MaximumEventAgeInSeconds` is met. */ maximumRetryAttempts?: pulumi.Input; } interface RuleRunCommandParametersArgs { /** * Currently, we support including only one RunCommandTarget block, which specifies either an array of InstanceIds or a tag. */ runCommandTargets: pulumi.Input[]>; } interface RuleRunCommandTargetArgs { /** * Can be either `tag:` *tag-key* or `InstanceIds` . */ key: pulumi.Input; /** * If `Key` is `tag:` *tag-key* , `Values` is a list of tag values. If `Key` is `InstanceIds` , `Values` is a list of Amazon EC2 instance IDs. */ values: pulumi.Input[]>; } interface RuleSageMakerPipelineParameterArgs { /** * Name of parameter to start execution of a SageMaker AI Model Building Pipeline. */ name: pulumi.Input; /** * Value of parameter to start execution of a SageMaker AI Model Building Pipeline. */ value: pulumi.Input; } interface RuleSageMakerPipelineParametersArgs { /** * List of Parameter names and values for SageMaker AI Model Building Pipeline execution. */ pipelineParameterList?: pulumi.Input[]>; } interface RuleSqsParametersArgs { /** * The ID of the message group to use as the target. */ messageGroupId: pulumi.Input; } interface RuleTagArgs { /** * A string you can use to assign a value. The combination of tag keys and values can help you organize and categorize your resources. */ key?: pulumi.Input; /** * The value for the specified tag key. */ value?: pulumi.Input; } interface RuleTargetArgs { /** * Contains the GraphQL operation to be parsed and executed, if the event target is an AWS AppSync API. */ appSyncParameters?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the target. */ arn: pulumi.Input; /** * If the event target is an AWS Batch job, this contains the job definition, job name, and other parameters. For more information, see [Jobs](https://docs.aws.amazon.com/batch/latest/userguide/jobs.html) in the *AWS Batch User Guide* . */ batchParameters?: pulumi.Input; /** * The `DeadLetterConfig` that defines the target queue to send dead-letter queue events to. */ deadLetterConfig?: pulumi.Input; /** * Contains the Amazon ECS task definition and task count to be used, if the event target is an Amazon ECS task. For more information about Amazon ECS tasks, see [Task Definitions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_defintions.html) in the *Amazon EC2 Container Service Developer Guide* . */ ecsParameters?: pulumi.Input; /** * Contains the HTTP parameters to use when the target is a API Gateway endpoint or EventBridge ApiDestination. * * If you specify an API Gateway API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence. */ httpParameters?: pulumi.Input; /** * The ID of the target within the specified rule. Use this ID to reference the target when updating the rule. We recommend using a memorable and unique string. */ id: pulumi.Input; /** * Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) . */ input?: pulumi.Input; /** * The value of the JSONPath that is used for extracting part of the matched event when passing it to the target. You may use JSON dot notation or bracket notation. For more information about JSON paths, see [JSONPath](https://docs.aws.amazon.com/http://goessner.net/articles/JsonPath/) . */ inputPath?: pulumi.Input; /** * Settings to enable you to provide custom input to a target based on certain event data. You can extract one or more key-value pairs from the event and then use that data to send customized input to the target. */ inputTransformer?: pulumi.Input; /** * The custom parameter you can use to control the shard assignment, when the target is a Kinesis data stream. If you do not include this parameter, the default is to use the `eventId` as the partition key. */ kinesisParameters?: pulumi.Input; /** * Contains the Amazon Redshift Data API parameters to use when the target is a Amazon Redshift cluster. * * If you specify a Amazon Redshift Cluster as a Target, you can use this to specify parameters to invoke the Amazon Redshift Data API ExecuteStatement based on EventBridge events. */ redshiftDataParameters?: pulumi.Input; /** * The retry policy configuration to use for the dead-letter queue. */ retryPolicy?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be used for this target when the rule is triggered. If one rule triggers multiple targets, you can use a different IAM role for each target. */ roleArn?: pulumi.Input; /** * Parameters used when you are using the rule to invoke Amazon EC2 Run Command. */ runCommandParameters?: pulumi.Input; /** * Contains the SageMaker AI Model Building Pipeline parameters to start execution of a SageMaker AI Model Building Pipeline. * * If you specify a SageMaker AI Model Building Pipeline as a target, you can use this to specify parameters to start a pipeline execution based on EventBridge events. */ sageMakerPipelineParameters?: pulumi.Input; /** * Contains the message group ID to use when the target is an Amazon SQS fair or FIFO queue. * * If you specify a fair or FIFO queue as a target, the queue must have content-based deduplication enabled. */ sqsParameters?: pulumi.Input; } } export declare namespace eventschemas { } export declare namespace evidently { interface ExperimentMetricGoalObjectArgs { /** * `INCREASE` means that a variation with a higher number for this metric is performing better. * * `DECREASE` means that a variation with a lower number for this metric is performing better. */ desiredChange: pulumi.Input; /** * The JSON path to reference the entity id in the event. */ entityIdKey: pulumi.Input; /** * Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't. */ eventPattern?: pulumi.Input; /** * A name for the metric. It can include up to 255 characters. */ metricName: pulumi.Input; /** * A label for the units that the metric is measuring. */ unitLabel?: pulumi.Input; /** * The JSON path to reference the numerical metric value in the event. */ valueKey: pulumi.Input; } interface ExperimentOnlineAbConfigObjectArgs { /** * The name of the variation that is to be the default variation that the other variations are compared to. */ controlTreatmentName?: pulumi.Input; /** * A set of key-value pairs. The keys are treatment names, and the values are the portion of experiment traffic to be assigned to that treatment. Specify the traffic portion in thousandths of a percent, so 20,000 for a variation would allocate 20% of the experiment traffic to that variation. */ treatmentWeights?: pulumi.Input[]>; } interface ExperimentRunningStatusObjectArgs { /** * Provide the analysis Completion time for an experiment */ analysisCompleteTime?: pulumi.Input; /** * Provide CANCELLED or COMPLETED desired state when stopping an experiment */ desiredState?: pulumi.Input; /** * Reason is a required input for stopping the experiment */ reason?: pulumi.Input; /** * Provide START or STOP action to apply on an experiment */ status?: pulumi.Input; } interface ExperimentTreatmentObjectArgs { /** * The description of the treatment. */ description?: pulumi.Input; /** * The name of the feature for this experiment. */ feature: pulumi.Input; /** * A name for this treatment. It can include up to 127 characters. */ treatmentName: pulumi.Input; /** * The name of the variation to use for this treatment. */ variation: pulumi.Input; } interface ExperimentTreatmentToWeightArgs { /** * The portion of experiment traffic to allocate to this treatment. Specify the traffic portion in thousandths of a percent, so 20,000 allocated to a treatment would allocate 20% of the experiment traffic to that treatment. */ splitWeight: pulumi.Input; /** * The name of the treatment. */ treatment: pulumi.Input; } interface FeatureEntityOverrideArgs { /** * The entity ID to be served the variation specified in `Variation` . */ entityId?: pulumi.Input; /** * The name of the variation to serve to the user session that matches the `EntityId` . */ variation?: pulumi.Input; } interface FeatureVariationObjectArgs { /** * The value assigned to this variation, if the variation type is boolean. */ booleanValue?: pulumi.Input; /** * The value assigned to this variation, if the variation type is a double. */ doubleValue?: pulumi.Input; /** * The value assigned to this variation, if the variation type is a long. */ longValue?: pulumi.Input; /** * The value assigned to this variation, if the variation type is a string. */ stringValue?: pulumi.Input; /** * A name for the variation. It can include up to 127 characters. */ variationName?: pulumi.Input; } interface LaunchExecutionStatusObjectArgs { /** * Provide CANCELLED or COMPLETED as the launch desired state. Defaults to Completed if not provided. */ desiredState?: pulumi.Input; /** * Provide a reason for stopping the launch. Defaults to empty if not provided. */ reason?: pulumi.Input; /** * Provide START or STOP action to apply on a launch */ status: pulumi.Input; } interface LaunchGroupObjectArgs { /** * A description of the launch group. */ description?: pulumi.Input; /** * The feature that this launch is using. */ feature: pulumi.Input; /** * A name for this launch group. It can include up to 127 characters. */ groupName: pulumi.Input; /** * The feature variation to use for this launch group. */ variation: pulumi.Input; } interface LaunchGroupToWeightArgs { /** * The name of the launch group. It can include up to 127 characters. */ groupName: pulumi.Input; /** * The portion of launch traffic to allocate to this launch group. * * This is represented in thousandths of a percent. For example, specify 20,000 to allocate 20% of the launch audience to this launch group. */ splitWeight: pulumi.Input; } interface LaunchMetricDefinitionObjectArgs { /** * The JSON path to reference the entity id in the event. */ entityIdKey: pulumi.Input; /** * Event patterns have the same structure as the events they match. Rules use event patterns to select events. An event pattern either matches an event or it doesn't. */ eventPattern?: pulumi.Input; /** * A name for the metric. It can include up to 255 characters. */ metricName: pulumi.Input; /** * A label for the units that the metric is measuring. */ unitLabel?: pulumi.Input; /** * The JSON path to reference the numerical metric value in the event. */ valueKey: pulumi.Input; } interface LaunchSegmentOverrideArgs { /** * A number indicating the order to use to evaluate segment overrides, if there are more than one. Segment overrides with lower numbers are evaluated first. */ evaluationOrder: pulumi.Input; /** * The ARN of the segment to use for this override. */ segment: pulumi.Input; /** * The traffic allocation percentages among the feature variations to assign to this segment. This is a set of key-value pairs. The keys are variation names. The values represent the amount of traffic to allocate to that variation for this segment. This is expressed in thousandths of a percent, so a weight of 50000 represents 50% of traffic. */ weights: pulumi.Input[]>; } interface LaunchStepConfigArgs { /** * An array of structures that define how much launch traffic to allocate to each launch group during this step of the launch. */ groupWeights: pulumi.Input[]>; /** * An array of structures that you can use to specify different traffic splits for one or more audience *segments* . A segment is a portion of your audience that share one or more characteristics. Examples could be Chrome browser users, users in Europe, or Firefox browser users in Europe who also fit other criteria that your application collects, such as age. * * For more information, see [Use segments to focus your audience](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch-Evidently-segments.html) . */ segmentOverrides?: pulumi.Input[]>; /** * The date and time to start this step of the launch. Use UTC format, `yyyy-MM-ddTHH:mm:ssZ` . For example, `2025-11-25T23:59:59Z` */ startTime: pulumi.Input; } interface ProjectAppConfigResourceObjectArgs { /** * The ID of the AWS AppConfig application to use for client-side evaluation. */ applicationId: pulumi.Input; /** * The ID of the AWS AppConfig environment to use for client-side evaluation. */ environmentId: pulumi.Input; } /** * Destinations for data. */ interface ProjectDataDeliveryObjectArgs { /** * If the project stores evaluation events in CloudWatch Logs , this structure stores the log group name. */ logGroup?: pulumi.Input; /** * If the project stores evaluation events in an Amazon S3 bucket, this structure stores the bucket name and bucket prefix. */ s3?: pulumi.Input; } interface ProjectS3DestinationArgs { /** * The name of the bucket in which Evidently stores evaluation events. */ bucketName: pulumi.Input; /** * The bucket prefix in which Evidently stores evaluation events. */ prefix?: pulumi.Input; } } export declare namespace evs { /** * The connectivity configuration for the environment. Amazon EVS requires that you specify two route server peer IDs. During environment creation, the route server endpoints peer with the NSX uplink VLAN for connectivity to the NSX overlay network. */ interface ConnectivityInfoPropertiesArgs { /** * The unique IDs for private route server peers. */ privateRouteServerPeerings: pulumi.Input[]>; } interface EnvironmentHostInfoForCreateArgs { /** * The unique ID of the Amazon EC2 Dedicated Host. */ dedicatedHostId?: pulumi.Input; /** * The DNS hostname of the host. DNS hostnames for hosts must be unique across Amazon EVS environments and within VCF. */ hostName: pulumi.Input; /** * The EC2 instance type that represents the host. */ instanceType: pulumi.Input; /** * The name of the SSH key that is used to access the host. */ keyName: pulumi.Input; /** * The unique ID of the placement group where the host is placed. */ placementGroupId?: pulumi.Input; } interface EnvironmentInitialVlanInfoArgs { /** * The CIDR block that you provide to create an Amazon EVS VLAN subnet. Amazon EVS VLAN subnets have a minimum CIDR block size of /28 and a maximum size of /24. Amazon EVS VLAN subnet CIDR blocks must not overlap with other subnets in the VPC. */ cidr: pulumi.Input; } /** * The initial Vlan configuration only required upon creation. Modification after creation will have no effect */ interface InitialVlansPropertiesArgs { /** * The edge VTEP VLAN subnet. This VLAN subnet manages traffic flowing between the internal network and external networks, including internet access and other site connections. */ edgeVTep: pulumi.Input; /** * An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations. */ expansionVlan1: pulumi.Input; /** * An additional VLAN subnet that can be used to extend VCF capabilities once configured. For example, you can configure an expansion VLAN subnet to use NSX Federation for centralized management and synchronization of multiple NSX deployments across different locations. */ expansionVlan2: pulumi.Input; /** * The HCX VLAN subnet. This VLAN subnet allows the HCX Interconnnect (IX) and HCX Network Extension (NE) to reach their peers and enable HCX Service Mesh creation. * * If you plan to use a public HCX VLAN subnet, the following requirements must be met: * * - Must have a /28 netmask and be allocated from the IPAM public pool. Required for HCX internet access configuration. * - The HCX public VLAN CIDR block must be added to the VPC as a secondary CIDR block. * - Must have at least two Elastic IP addresses to be allocated from the public IPAM pool for HCX components. */ hcx: pulumi.Input; /** * A unique ID for a network access control list that the HCX VLAN uses. Required when `isHcxPublic` is set to `true` . */ hcxNetworkAclId?: pulumi.Input; /** * Determines if the HCX VLAN that Amazon EVS provisions is public or private. */ isHcxPublic?: pulumi.Input; /** * The NSX uplink VLAN subnet. This VLAN subnet allows connectivity to the NSX overlay network. */ nsxUpLink: pulumi.Input; /** * The vMotion VLAN subnet. This VLAN subnet carries traffic for vSphere vMotion. */ vMotion: pulumi.Input; /** * The vSAN VLAN subnet. This VLAN subnet carries the communication between ESXi hosts to implement a vSAN shared storage pool. */ vSan: pulumi.Input; /** * The VTEP VLAN subnet. This VLAN subnet handles internal network traffic between virtual machines within a VCF instance. */ vTep: pulumi.Input; /** * The VM management VLAN subnet. This VLAN subnet carries traffic for vSphere virtual machines. */ vmManagement: pulumi.Input; /** * The host VMkernel management VLAN subnet. This VLAN subnet carries traffic for managing ESXi hosts and communicating with VMware vCenter Server. */ vmkManagement: pulumi.Input; } /** * The license information for an EVS environment */ interface LicenseInfoPropertiesArgs { /** * The VCF solution key. This license unlocks VMware VCF product features, including vSphere, NSX, SDDC Manager, and vCenter Server. The VCF solution key must cover a minimum of 256 cores. */ solutionKey: pulumi.Input; /** * The VSAN license key. This license unlocks vSAN features. The vSAN license key must provide at least 110 TiB of vSAN capacity. */ vsanKey: pulumi.Input; } /** * The security groups that allow traffic between the Amazon EVS control plane and your VPC for service access. If a security group is not specified, Amazon EVS uses the default security group in your account for service access. */ interface ServiceAccessSecurityGroupsPropertiesArgs { /** * The security groups that allow service access. */ securityGroups?: pulumi.Input[]>; } /** * The DNS hostnames to be used by the VCF management appliances in your environment. * * For environment creation to be successful, each hostname entry must resolve to a domain name that you've registered in your DNS service of choice and configured in the DHCP option set of your VPC. DNS hostnames cannot be changed after environment creation has started. */ interface VcfHostnamesPropertiesArgs { /** * The hostname for VMware Cloud Builder. */ cloudBuilder: pulumi.Input; /** * The VMware NSX hostname. */ nsx: pulumi.Input; /** * The hostname for the first NSX Edge node. */ nsxEdge1: pulumi.Input; /** * The hostname for the second NSX Edge node. */ nsxEdge2: pulumi.Input; /** * The hostname for the first VMware NSX Manager virtual machine (VM). */ nsxManager1: pulumi.Input; /** * The hostname for the second VMware NSX Manager virtual machine (VM). */ nsxManager2: pulumi.Input; /** * The hostname for the third VMware NSX Manager virtual machine (VM). */ nsxManager3: pulumi.Input; /** * The hostname for SDDC Manager. */ sddcManager: pulumi.Input; /** * The VMware vCenter hostname. */ vCenter: pulumi.Input; } } export declare namespace finspace { /** * Additional parameters to identify Federation mode */ interface EnvironmentFederationParametersArgs { /** * SAML metadata URL to link with the Environment */ applicationCallBackUrl?: pulumi.Input; /** * Attribute map for SAML configuration */ attributeMap?: pulumi.Input[]>; /** * Federation provider name to link with the Environment */ federationProviderName?: pulumi.Input; /** * SAML metadata URL to link with the Environment */ federationUrn?: pulumi.Input; /** * SAML metadata document to link the federation provider to the Environment */ samlMetadataDocument?: pulumi.Input; /** * SAML metadata URL to link with the Environment */ samlMetadataUrl?: pulumi.Input; } interface EnvironmentFederationParametersAttributeMapItemPropertiesArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key?: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value?: pulumi.Input; } /** * Parameters of the first Superuser for the FinSpace Environment */ interface EnvironmentSuperuserParametersArgs { /** * Email address */ emailAddress?: pulumi.Input; /** * First name */ firstName?: pulumi.Input; /** * Last name */ lastName?: pulumi.Input; } } export declare namespace fis { /** * Specifies an action for the experiment template. */ interface ExperimentTemplateActionArgs { /** * The ID of the action. */ actionId: pulumi.Input; /** * A description for the action. */ description?: pulumi.Input; /** * The parameters for the action, if applicable. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of the action that must be completed before the current action starts. */ startAfter?: pulumi.Input[]>; /** * One or more targets for the action. */ targets?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface ExperimentTemplateCloudWatchDashboardArgs { /** * The Amazon Resource Name (ARN) of the CloudWatch dashboard to include in the experiment report. */ dashboardIdentifier: pulumi.Input; } interface ExperimentTemplateExperimentOptionsArgs { /** * The account targeting setting for the experiment template. */ accountTargeting?: pulumi.Input; /** * The target resolution failure mode for the experiment template. */ emptyTargetResolutionMode?: pulumi.Input; } interface ExperimentTemplateExperimentReportConfigurationArgs { /** * The data sources for the experiment report. */ dataSources?: pulumi.Input; /** * The output destinations of the experiment report. */ outputs: pulumi.Input; /** * The duration after the experiment end time for the data sources to include in the report. */ postExperimentDuration?: pulumi.Input; /** * The duration before the experiment start time for the data sources to include in the report. */ preExperimentDuration?: pulumi.Input; } /** * The data sources for the experiment report. */ interface ExperimentTemplateExperimentReportConfigurationDataSourcesPropertiesArgs { cloudWatchDashboards?: pulumi.Input[]>; } /** * The output destinations of the experiment report. */ interface ExperimentTemplateExperimentReportConfigurationOutputsPropertiesArgs { experimentReportS3Configuration: pulumi.Input; } interface ExperimentTemplateExperimentReportConfigurationOutputsPropertiesExperimentReportS3ConfigurationPropertiesArgs { bucketName: pulumi.Input; prefix?: pulumi.Input; } interface ExperimentTemplateLogConfigurationArgs { /** * The configuration for experiment logging to CloudWatch Logs . */ cloudWatchLogsConfiguration?: pulumi.Input; /** * The schema version. */ logSchemaVersion: pulumi.Input; /** * The configuration for experiment logging to Amazon S3 . */ s3Configuration?: pulumi.Input; } /** * The configuration for experiment logging to CloudWatch Logs . */ interface ExperimentTemplateLogConfigurationCloudWatchLogsConfigurationPropertiesArgs { logGroupArn: pulumi.Input; } /** * The configuration for experiment logging to Amazon S3 . */ interface ExperimentTemplateLogConfigurationS3ConfigurationPropertiesArgs { bucketName: pulumi.Input; prefix?: pulumi.Input; } interface ExperimentTemplateStopConditionArgs { source: pulumi.Input; value?: pulumi.Input; } /** * Specifies a target for an experiment. */ interface ExperimentTemplateTargetArgs { /** * The filters to apply to identify target resources using specific attributes. */ filters?: pulumi.Input[]>; /** * The parameters for the resource type. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The Amazon Resource Names (ARNs) of the targets. */ resourceArns?: pulumi.Input[]>; /** * The tags for the target resources. */ resourceTags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The resource type. */ resourceType: pulumi.Input; /** * Scopes the identified resources to a specific count or percentage. */ selectionMode: pulumi.Input; } /** * Describes a filter used for the target resource input in an experiment template. */ interface ExperimentTemplateTargetFilterArgs { path: pulumi.Input; values: pulumi.Input[]>; } } export declare namespace fms { /** * An FMS includeMap or excludeMap. */ interface PolicyIeMapArgs { /** * The account list for the map. */ account?: pulumi.Input[]>; /** * The organizational unit list for the map. */ orgunit?: pulumi.Input[]>; } /** * Network ACL common policy. */ interface PolicyNetworkAclCommonPolicyArgs { /** * The definition of the first and last rules for the network ACL policy. */ networkAclEntrySet: pulumi.Input; } /** * Network ACL entry. */ interface PolicyNetworkAclEntryArgs { /** * CIDR block. */ cidrBlock?: pulumi.Input; /** * Whether the entry is an egress entry. */ egress: pulumi.Input; /** * ICMP type and code. */ icmpTypeCode?: pulumi.Input; /** * IPv6 CIDR block. */ ipv6CidrBlock?: pulumi.Input; /** * Port range. */ portRange?: pulumi.Input; /** * Protocol. */ protocol: pulumi.Input; /** * Rule Action. */ ruleAction: pulumi.Input; } /** * ICMP type and code. */ interface PolicyNetworkAclEntryIcmpTypeCodePropertiesArgs { /** * Code. */ code: pulumi.Input; /** * Type. */ type: pulumi.Input; } /** * Port range. */ interface PolicyNetworkAclEntryPortRangePropertiesArgs { /** * From Port. */ from: pulumi.Input; /** * To Port. */ to: pulumi.Input; } /** * Network ACL entry set. */ interface PolicyNetworkAclEntrySetArgs { /** * The rules that you want to run first in the Firewall Manager managed network ACLs. * * > Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. * * You must specify at least one first entry or one last entry in any network ACL policy. */ firstEntries?: pulumi.Input[]>; /** * Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries. * * If forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* . */ forceRemediateForFirstEntries: pulumi.Input; /** * Applies only when remediation is enabled for the policy as a whole. Firewall Manager uses this setting when it finds policy violations that involve conflicts between the custom entries and the policy entries. * * If forced remediation is disabled, Firewall Manager marks the network ACL as noncompliant and does not try to remediate. For more information about the remediation behavior, see [Remediation for managed network ACLs](https://docs.aws.amazon.com/waf/latest/developerguide/network-acl-policies.html#network-acls-remediation) in the *AWS Firewall Manager Developer Guide* . */ forceRemediateForLastEntries: pulumi.Input; /** * The rules that you want to run last in the Firewall Manager managed network ACLs. * * > Provide these in the order in which you want them to run. Firewall Manager will assign the specific rule numbers for you, in the network ACLs that it creates. * * You must specify at least one first entry or one last entry in any network ACL policy. */ lastEntries?: pulumi.Input[]>; } /** * Network firewall policy. */ interface PolicyNetworkFirewallPolicyArgs { /** * Defines the deployment model to use for the firewall policy. To use a distributed model, set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` . */ firewallDeploymentModel: pulumi.Input; } /** * Firewall policy option. */ interface PolicyOptionArgs { /** * Defines a Firewall Manager network ACL policy. */ networkAclCommonPolicy?: pulumi.Input; /** * Defines the deployment model to use for the firewall policy. */ networkFirewallPolicy?: pulumi.Input; /** * Defines the policy options for a third-party firewall policy. */ thirdPartyFirewallPolicy?: pulumi.Input; } /** * A resource tag. */ interface PolicyResourceTagArgs { /** * The resource tag key. */ key: pulumi.Input; /** * The resource tag value. */ value?: pulumi.Input; } /** * Firewall security service policy data. */ interface PolicySecurityServicePolicyDataArgs { /** * Details about the service that are specific to the service type, in JSON format. * * - Example: `DNS_FIREWALL` * * `"{\"type\":\"DNS_FIREWALL\",\"preProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-1\",\"priority\":10}],\"postProcessRuleGroups\":[{\"ruleGroupId\":\"rslvr-frg-2\",\"priority\":9911}]}"` * * > Valid values for `preProcessRuleGroups` are between 1 and 99. Valid values for `postProcessRuleGroups` are between 9901 and 10000. * - Example: `NETWORK_FIREWALL` - Centralized deployment model * * `"{\"type\":\"NETWORK_FIREWALL\",\"awsNetworkFirewallConfig\":{\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\",\"priority\":1}],\"networkFirewallStatelessDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"customActionName\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"metricdimensionvalue\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\"}],\"networkFirewallLoggingConfiguration\":{\"logDestinationConfigs\":[{\"logDestinationType\":\"S3\",\"logType\":\"ALERT\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}},{\"logDestinationType\":\"S3\",\"logType\":\"FLOW\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}}],\"overrideExistingConfig\":true}},\"firewallDeploymentModel\":{\"centralizedFirewallDeploymentModel\":{\"centralizedFirewallOrchestrationConfig\":{\"inspectionVpcIds\":[{\"resourceId\":\"vpc-1234\",\"accountId\":\"123456789011\"}],\"firewallCreationConfig\":{\"endpointLocation\":{\"availabilityZoneConfigList\":[{\"availabilityZoneId\":null,\"availabilityZoneName\":\"us-east-1a\",\"allowedIPV4CidrList\":[\"10.0.0.0/28\"]}]}},\"allowedIPV4CidrList\":[]}}}}"` * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` . * - Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration * * `"{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\",\"priority\":1}],\"networkFirewallStatelessDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"customActionName\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"metricdimensionvalue\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\"}],\"networkFirewallOrchestrationConfig\":{\"singleFirewallEndpointPerVPC\":false,\"allowedIPV4CidrList\":[\"10.0.0.0/28\",\"192.168.0.0/28\"],\"routeManagementAction\":\"OFF\"},\"networkFirewallLoggingConfiguration\":{\"logDestinationConfigs\":[{\"logDestinationType\":\"S3\",\"logType\":\"ALERT\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}},{\"logDestinationType\":\"S3\",\"logType\":\"FLOW\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}}],\"overrideExistingConfig\":true}}"` * * With automatic Availbility Zone configuration, Firewall Manager chooses which Availability Zones to create the endpoints in. To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` . * - Example: `NETWORK_FIREWALL` - Distributed deployment model with automatic Availability Zone configuration and route management * * `"{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\",\"priority\":1}],\"networkFirewallStatelessDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"customActionName\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"metricdimensionvalue\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\"}],\"networkFirewallOrchestrationConfig\":{\"singleFirewallEndpointPerVPC\":false,\"allowedIPV4CidrList\":[\"10.0.0.0/28\",\"192.168.0.0/28\"],\"routeManagementAction\":\"MONITOR\",\"routeManagementTargetTypes\":[\"InternetGateway\"]},\"networkFirewallLoggingConfiguration\":{\"logDestinationConfigs\":[{\"logDestinationType\":\"S3\",\"logType\":\"ALERT\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}},{\"logDestinationType\":\"S3\",\"logType\": \"FLOW\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}}],\"overrideExistingConfig\":true}}"` * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` . * - Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration * * `"{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\",\"priority\":1}],\"networkFirewallStatelessDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"aws:forward_to_sfe\",\"fragmentcustomactionname\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"customActionName\", \"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"metricdimensionvalue\"}]}}},{\"actionName\":\"fragmentcustomactionname\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"fragmentmetricdimensionvalue\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\"}],\"networkFirewallOrchestrationConfig\":{\"firewallCreationConfig\":{ \"endpointLocation\":{\"availabilityZoneConfigList\":[{\"availabilityZoneName\":\"us-east-1a\",\"allowedIPV4CidrList\":[\"10.0.0.0/28\"]},{\"availabilityZoneName\":\"us-east-1b\",\"allowedIPV4CidrList\":[ \"10.0.0.0/28\"]}]} },\"singleFirewallEndpointPerVPC\":false,\"allowedIPV4CidrList\":null,\"routeManagementAction\":\"OFF\",\"networkFirewallLoggingConfiguration\":{\"logDestinationConfigs\":[{\"logDestinationType\":\"S3\",\"logType\":\"ALERT\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}},{\"logDestinationType\":\"S3\",\"logType\":\"FLOW\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}}],\"overrideExistingConfig\":boolean}}"` * * With custom Availability Zone configuration, you define which specific Availability Zones to create endpoints in by configuring `firewallCreationConfig` . To configure the Availability Zones in `firewallCreationConfig` , specify either the `availabilityZoneName` or `availabilityZoneId` parameter, not both parameters. * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` . * - Example: `NETWORK_FIREWALL` - Distributed deployment model with custom Availability Zone configuration and route management * * `"{\"type\":\"NETWORK_FIREWALL\",\"networkFirewallStatelessRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateless-rulegroup/test\",\"priority\":1}],\"networkFirewallStatelessDefaultActions\":[\"aws:forward_to_sfe\",\"customActionName\"],\"networkFirewallStatelessFragmentDefaultActions\":[\"aws:forward_to_sfe\",\"fragmentcustomactionname\"],\"networkFirewallStatelessCustomActions\":[{\"actionName\":\"customActionName\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"metricdimensionvalue\"}]}}},{\"actionName\":\"fragmentcustomactionname\",\"actionDefinition\":{\"publishMetricAction\":{\"dimensions\":[{\"value\":\"fragmentmetricdimensionvalue\"}]}}}],\"networkFirewallStatefulRuleGroupReferences\":[{\"resourceARN\":\"arn:aws:network-firewall:us-east-1:123456789011:stateful-rulegroup/test\"}],\"networkFirewallOrchestrationConfig\":{\"firewallCreationConfig\":{\"endpointLocation\":{\"availabilityZoneConfigList\":[{\"availabilityZoneName\":\"us-east-1a\",\"allowedIPV4CidrList\":[\"10.0.0.0/28\"]},{\"availabilityZoneName\":\"us-east-1b\",\"allowedIPV4CidrList\":[\"10.0.0.0/28\"]}]}},\"singleFirewallEndpointPerVPC\":false,\"allowedIPV4CidrList\":null,\"routeManagementAction\":\"MONITOR\",\"routeManagementTargetTypes\":[\"InternetGateway\"],\"routeManagementConfig\":{\"allowCrossAZTrafficIfNoEndpoint\":true}},\"networkFirewallLoggingConfiguration\":{\"logDestinationConfigs\":[{\"logDestinationType\":\"S3\",\"logType\":\"ALERT\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}},{\"logDestinationType\":\"S3\",\"logType\":\"FLOW\",\"logDestination\":{\"bucketName\":\"s3-bucket-name\"}}],\"overrideExistingConfig\":boolean}}"` * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-networkfirewallpolicy.html) to `DISTRIBUTED` . * - Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall centralized deployment model * * `"{ \"type\":\"THIRD_PARTY_FIREWALL\", \"thirdPartyFirewall\":\"PALO_ALTO_NETWORKS_CLOUD_NGFW\", \"thirdPartyFirewallConfig\":{ \"thirdPartyFirewallPolicyList\":[\"global-1\"] },\"firewallDeploymentModel\":{\"centralizedFirewallDeploymentModel\":{\"centralizedFirewallOrchestrationConfig\":{\"inspectionVpcIds\":[{\"resourceId\":\"vpc-1234\",\"accountId\":\"123456789011\"}],\"firewallCreationConfig\":{\"endpointLocation\":{\"availabilityZoneConfigList\":[{\"availabilityZoneId\":null,\"availabilityZoneName\":\"us-east-1a\",\"allowedIPV4CidrList\":[\"10.0.0.0/28\"]}]}},\"allowedIPV4CidrList\":[]}}}}"` * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `CENTRALIZED` . * - Example: `THIRD_PARTY_FIREWALL` - Palo Alto Networks Cloud Next-Generation Firewall distributed deployment model * * `"{\"type\":\"THIRD_PARTY_FIREWALL\",\"thirdPartyFirewall\":\"PALO_ALTO_NETWORKS_CLOUD_NGFW\",\"thirdPartyFirewallConfig\":{\"thirdPartyFirewallPolicyList\":[\"global-1\"] },\"firewallDeploymentModel\":{ \"distributedFirewallDeploymentModel\":{ \"distributedFirewallOrchestrationConfig\":{\"firewallCreationConfig\":{\"endpointLocation\":{ \"availabilityZoneConfigList\":[ {\"availabilityZoneName\":\"${AvailabilityZone}\" } ] } }, \"allowedIPV4CidrList\":[ ] } } } }"` * * To use the distributed deployment model, you must set [FirewallDeploymentModel](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-fms-policy-thirdpartyfirewallpolicy.html) to `DISTRIBUTED` . * - Specification for `SHIELD_ADVANCED` for Amazon CloudFront distributions * * `"{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": {\"automaticResponseStatus\":\"ENABLED|IGNORED|DISABLED\", \"automaticResponseAction\":\"BLOCK|COUNT\"}, \"overrideCustomerWebaclClassic\":true|false}"` * * For example: `"{\"type\":\"SHIELD_ADVANCED\",\"automaticResponseConfiguration\": {\"automaticResponseStatus\":\"ENABLED\", \"automaticResponseAction\":\"COUNT\"}}"` * * The default value for `automaticResponseStatus` is `IGNORED` . The value for `automaticResponseAction` is only required when `automaticResponseStatus` is set to `ENABLED` . The default value for `overrideCustomerWebaclClassic` is `false` . * * For other resource types that you can protect with a Shield Advanced policy, this `ManagedServiceData` configuration is an empty string. * - Example: `WAFV2` * * `"{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"version\":null,\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesAmazonIpReputationList\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}"` * * In the `loggingConfiguration` , you can specify one `logDestinationConfigs` , you can optionally provide up to 20 `redactedFields` , and the `RedactedFieldType` must be one of `URI` , `QUERY_STRING` , `HEADER` , or `METHOD` . * - Example: `AWS WAF Classic` * * `"{\"type\": \"WAF\", \"ruleGroups\": [{\"id\":\"12345678-1bcd-9012-efga-0987654321ab\", \"overrideAction\" : {\"type\": \"COUNT\"}}], \"defaultAction\": {\"type\": \"BLOCK\"}}"` * - Example: `WAFV2` - AWS Firewall Manager support for AWS WAF managed rule group versioning * * `"{\"type\":\"WAFV2\",\"preProcessRuleGroups\":[{\"ruleGroupArn\":null,\"overrideAction\":{\"type\":\"NONE\"},\"managedRuleGroupIdentifier\":{\"versionEnabled\":true,\"version\":\"Version_2.0\",\"vendorName\":\"AWS\",\"managedRuleGroupName\":\"AWSManagedRulesCommonRuleSet\"},\"ruleGroupType\":\"ManagedRuleGroup\",\"excludeRules\":[{\"name\":\"NoUserAgent_HEADER\"}]}],\"postProcessRuleGroups\":[],\"defaultAction\":{\"type\":\"ALLOW\"},\"overrideCustomerWebACLAssociation\":false,\"loggingConfiguration\":{\"logDestinationConfigs\":[\"arn:aws:firehose:us-west-2:12345678912:deliverystream/aws-waf-logs-fms-admin-destination\"],\"redactedFields\":[{\"redactedFieldType\":\"SingleHeader\",\"redactedFieldValue\":\"Cookies\"},{\"redactedFieldType\":\"Method\"}]}}"` * * To use a specific version of a AWS WAF managed rule group in your Firewall Manager policy, you must set `versionEnabled` to `true` , and set `version` to the version you'd like to use. If you don't set `versionEnabled` to `true` , or if you omit `versionEnabled` , then Firewall Manager uses the default version of the AWS WAF managed rule group. * - Example: `SECURITY_GROUPS_COMMON` * * `"{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"` * - Example: Shared VPCs. Apply the preceding policy to resources in shared VPCs as well as to those in VPCs that the account owns * * `"{\"type\":\"SECURITY_GROUPS_COMMON\",\"revertManualSecurityGroupChanges\":false,\"exclusiveResourceSecurityGroupManagement\":false, \"applyToAllEC2InstanceENIs\":false,\"includeSharedVPC\":true,\"securityGroups\":[{\"id\":\" sg-000e55995d61a06bd\"}]}"` * - Example: `SECURITY_GROUPS_CONTENT_AUDIT` * * `"{\"type\":\"SECURITY_GROUPS_CONTENT_AUDIT\",\"securityGroups\":[{\"id\":\"sg-000e55995d61a06bd\"}],\"securityGroupAction\":{\"type\":\"ALLOW\"}}"` * * The security group action for content audit can be `ALLOW` or `DENY` . For `ALLOW` , all in-scope security group rules must be within the allowed range of the policy's security group rules. For `DENY` , all in-scope security group rules must not contain a value or a range that matches a rule value or range in the policy security group. * - Example: `SECURITY_GROUPS_USAGE_AUDIT` * * `"{\"type\":\"SECURITY_GROUPS_USAGE_AUDIT\",\"deleteUnusedSecurityGroups\":true,\"coalesceRedundantSecurityGroups\":true}"` */ managedServiceData?: pulumi.Input; /** * Contains the settings to configure a network ACL policy, a AWS Network Firewall firewall policy deployment model, or a third-party firewall policy. */ policyOption?: pulumi.Input; /** * The service that the policy is using to protect the resources. This specifies the type of policy that is created, either an AWS WAF policy, a Shield Advanced policy, or a security group policy. For security group policies, Firewall Manager supports one security group for each common policy and for each content audit policy. This is an adjustable limit that you can increase by contacting SUPlong . */ type: pulumi.Input; } /** * Third party firewall policy. */ interface PolicyThirdPartyFirewallPolicyArgs { /** * Defines the deployment model to use for the third-party firewall policy. */ firewallDeploymentModel: pulumi.Input; } } export declare namespace forecast { interface DatasetAttributesItemPropertiesArgs { /** * Name of the dataset field */ attributeName?: pulumi.Input; /** * Data type of the field */ attributeType?: pulumi.Input; } /** * A Key Management Service (KMS) key and the Identity and Access Management (IAM) role that Amazon Forecast can assume to access the key. */ interface EncryptionConfigPropertiesArgs { /** * The Amazon Resource Name (ARN) of the KMS key. */ kmsKeyArn?: pulumi.Input; /** * The ARN of the IAM role that Amazon Forecast can assume to access the AWS key. * * Passing a role across AWS accounts is not allowed. If you pass a role that isn't in your account, you get an `InvalidInputException` error. */ roleArn?: pulumi.Input; } /** * The schema for the dataset. The schema attributes and their order must match the fields in your data. The dataset `Domain` and `DatasetType` that you choose determine the minimum required fields in your training data. For information about the required fields for a specific dataset domain and type, see [Dataset Domains and Dataset Types](https://docs.aws.amazon.com/forecast/latest/dg/howitworks-domains-ds-types.html) . */ interface SchemaPropertiesArgs { /** * An array of attributes specifying the name and type of each field in a dataset. */ attributes?: pulumi.Input[]>; } } export declare namespace frauddetector { interface DetectorEntityTypeArgs { /** * The entity type ARN. */ arn?: pulumi.Input; /** * The time when the entity type was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these Variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the entity type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The entity type name. */ name?: pulumi.Input; /** * Tags associated with this entity type. */ tags?: pulumi.Input[]>; } interface DetectorEventTypeArgs { /** * The ARN of the event type. */ arn?: pulumi.Input; /** * The time when the event type was created. */ createdTime?: pulumi.Input; /** * The description of the event type. */ description?: pulumi.Input; /** * The event type entity types. */ entityTypes?: pulumi.Input[]>; /** * The event type event variables. */ eventVariables?: pulumi.Input[]>; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The event type labels. */ labels?: pulumi.Input[]>; /** * The time when the event type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The name for the event type */ name?: pulumi.Input; /** * Tags associated with this event type. */ tags?: pulumi.Input[]>; } interface DetectorEventVariableArgs { /** * The event variable ARN. */ arn?: pulumi.Input; /** * The time when the event variable was created. */ createdTime?: pulumi.Input; /** * The data source of the event variable. * * Valid values: `EVENT | EXTERNAL_MODEL_SCORE` * * When defining a variable within a detector, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource. */ dataSource?: pulumi.Input; /** * The data type of the event variable. * * Valid values: `STRING | INTEGER | BOOLEAN | FLOAT` */ dataType?: pulumi.Input; /** * The default value of the event variable. This is required if you are providing the details of your variables instead of the ARN. */ defaultValue?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the event variable was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The name of the event variable. */ name?: pulumi.Input; /** * Tags associated with this event variable. */ tags?: pulumi.Input[]>; /** * The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/create-a-variable.html#variable-types) . */ variableType?: pulumi.Input; } interface DetectorLabelArgs { /** * The label ARN. */ arn?: pulumi.Input; /** * The time when the label was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the label was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The label name. */ name?: pulumi.Input; /** * Tags associated with this label. */ tags?: pulumi.Input[]>; } /** * A model to associate with a detector. */ interface DetectorModelArgs { /** * The ARN of the model. */ arn?: pulumi.Input; } interface DetectorOutcomeArgs { /** * The outcome ARN. */ arn?: pulumi.Input; /** * The time when the outcome was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::Detector` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your detector but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the outcome was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The outcome name. */ name?: pulumi.Input; /** * Tags associated with this outcome. */ tags?: pulumi.Input[]>; } interface DetectorRuleArgs { /** * The rule ARN. */ arn?: pulumi.Input; /** * The time when the event type was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * The detector for which the rule is associated. */ detectorId?: pulumi.Input; /** * The rule expression. A rule expression captures the business logic. For more information, see [Rule language reference](https://docs.aws.amazon.com/frauddetector/latest/ug/rule-language-reference.html) . */ expression?: pulumi.Input; /** * The rule language. * * Valid Value: DETECTORPL */ language?: pulumi.Input; /** * The time when the event type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The rule outcome. */ outcomes?: pulumi.Input[]>; /** * The rule ID. */ ruleId?: pulumi.Input; /** * The rule version. */ ruleVersion?: pulumi.Input; /** * Tags associated with this event type. */ tags?: pulumi.Input[]>; } interface DetectorTagArgs { /** * A tag key. */ key: pulumi.Input; /** * A value assigned to a tag key. */ value: pulumi.Input; } interface EventTypeEntityTypeArgs { /** * The entity type ARN. */ arn?: pulumi.Input; /** * The time when the event type was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the event type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The entity type name. * * `^[0-9a-z_-]+$` */ name?: pulumi.Input; /** * Tags associated with this event type. */ tags?: pulumi.Input[]>; } interface EventTypeEventVariableArgs { /** * The event variable ARN. */ arn?: pulumi.Input; /** * The time when the event type was created. */ createdTime?: pulumi.Input; /** * The source of the event variable. * * Valid values: `EVENT | EXTERNAL_MODEL_SCORE` * * When defining a variable within a event type, you can only use the `EVENT` value for DataSource when the *Inline* property is set to true. If the *Inline* property is set false, you can use either `EVENT` or `MODEL_SCORE` for DataSource. */ dataSource?: pulumi.Input; /** * The data type of the event variable. For more information, see [Data types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#data-types) . */ dataType?: pulumi.Input; /** * The default value of the event variable */ defaultValue?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the Variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your event type but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the event type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The name of the event variable. */ name?: pulumi.Input; /** * Tags associated with this event type. */ tags?: pulumi.Input[]>; /** * The type of event variable. For more information, see [Variable types](https://docs.aws.amazon.com/frauddetector/latest/ug/variables.html#variable-types) . */ variableType?: pulumi.Input; } interface EventTypeLabelArgs { /** * The label ARN. */ arn?: pulumi.Input; /** * The time when the event type was created. */ createdTime?: pulumi.Input; /** * The description. */ description?: pulumi.Input; /** * Indicates whether the resource is defined within this CloudFormation template and impacts the create, update, and delete behavior of the stack. If the value is `true` , CloudFormation will create/update/delete the resource when creating/updating/deleting the stack. If the value is `false` , CloudFormation will validate that the object exists and then use it within the resource without making changes to the object. * * For example, when creating `AWS::FraudDetector::EventType` you must define at least two variables. You can set `Inline=true` for these variables and CloudFormation will create/update/delete the variables as part of stack operations. However, if you set `Inline=false` , CloudFormation will associate the variables to your EventType but not execute any changes to the variables. */ inline?: pulumi.Input; /** * The time when the event type was last updated. */ lastUpdatedTime?: pulumi.Input; /** * The label name. */ name?: pulumi.Input; /** * Tags associated with this event type. */ tags?: pulumi.Input[]>; } interface EventTypeTagArgs { /** * A tag key. */ key: pulumi.Input; /** * A value assigned to a tag key. */ value: pulumi.Input; } } export declare namespace fsx { /** * Specifies the type of updated objects (new, changed, deleted) that will be automatically exported from your file system to the linked S3 bucket. */ interface DataRepositoryAssociationAutoExportPolicyArgs { /** * The `AutoExportPolicy` can have the following event values: * * - `NEW` - New files and directories are automatically exported to the data repository as they are added to the file system. * - `CHANGED` - Changes to files and directories on the file system are automatically exported to the data repository. * - `DELETED` - Files and directories are automatically deleted on the data repository when they are deleted on the file system. * * You can define any combination of event types for your `AutoExportPolicy` . */ events: pulumi.Input[]>; } /** * Specifies the type of updated objects (new, changed, deleted) that will be automatically imported from the linked S3 bucket to your file system. */ interface DataRepositoryAssociationAutoImportPolicyArgs { /** * The `AutoImportPolicy` can have the following event values: * * - `NEW` - Amazon FSx automatically imports metadata of files added to the linked S3 bucket that do not currently exist in the FSx file system. * - `CHANGED` - Amazon FSx automatically updates file metadata and invalidates existing file content on the file system as files change in the data repository. * - `DELETED` - Amazon FSx automatically deletes files on the file system as corresponding files are deleted in the data repository. * * You can define any combination of event types for your `AutoImportPolicy` . */ events: pulumi.Input[]>; } /** * The configuration for an Amazon S3 data repository linked to an Amazon FSx Lustre file system with a data repository association. The configuration defines which file events (new, changed, or deleted files or directories) are automatically imported from the linked data repository to the file system or automatically exported from the file system to the data repository. */ interface DataRepositoryAssociationS3Args { /** * Describes a data repository association's automatic export policy. The `AutoExportPolicy` defines the types of updated objects on the file system that will be automatically exported to the data repository. As you create, modify, or delete files, Amazon FSx for Lustre automatically exports the defined changes asynchronously once your application finishes modifying the file. * * The `AutoExportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association. */ autoExportPolicy?: pulumi.Input; /** * Describes the data repository association's automatic import policy. The AutoImportPolicy defines how Amazon FSx keeps your file metadata and directory listings up to date by importing changes to your Amazon FSx for Lustre file system as you modify objects in a linked S3 bucket. * * The `AutoImportPolicy` is only supported on Amazon FSx for Lustre file systems with a data repository association. */ autoImportPolicy?: pulumi.Input; } interface S3AccessPointAttachmentFileSystemGidArgs { /** * The GID of the file system user. */ gid: pulumi.Input; } interface S3AccessPointAttachmentOntapFileSystemIdentityArgs { /** * Specifies the FSx for ONTAP user identity type, accepts either UNIX or WINDOWS. */ type: pulumi.Input; /** * Specifies the properties of the file system UNIX user. */ unixUser?: pulumi.Input; /** * Specifies the properties of the file system Windows user. */ windowsUser?: pulumi.Input; } interface S3AccessPointAttachmentOntapUnixFileSystemUserArgs { /** * The name of the UNIX user. */ name: pulumi.Input; } interface S3AccessPointAttachmentOntapWindowsFileSystemUserArgs { /** * The name of the Windows user. */ name: pulumi.Input; } interface S3AccessPointAttachmentOpenZfsFileSystemIdentityArgs { /** * Specifies the UID and GIDs of the file system POSIX user. */ posixUser: pulumi.Input; /** * Specifies the FSx for OpenZFS user identity type, accepts only POSIX. */ type: pulumi.Input; } interface S3AccessPointAttachmentOpenZfsPosixFileSystemUserArgs { /** * The GID of the file system user. */ gid: pulumi.Input; /** * The list of secondary GIDs for the file system user. */ secondaryGids?: pulumi.Input[]>; /** * The UID of the file system user. */ uid: pulumi.Input; } interface S3AccessPointAttachmentS3AccessPointArgs { /** * The S3 access point's alias. */ alias?: pulumi.Input; /** * The S3 access point's policy. */ policy?: any; /** * The S3 access point's ARN. */ resourceArn?: pulumi.Input; /** * The S3 access point's virtual private cloud (VPC) configuration. */ vpcConfiguration?: pulumi.Input; } interface S3AccessPointAttachmentS3AccessPointOntapConfigurationArgs { /** * The file system identity used to authorize file access requests made using the S3 access point. */ fileSystemIdentity: pulumi.Input; /** * The ID of the FSx for ONTAP volume that the S3 access point is attached to. */ volumeId: pulumi.Input; } interface S3AccessPointAttachmentS3AccessPointOpenZfsConfigurationArgs { /** * The file system identity used to authorize file access requests made using the S3 access point. */ fileSystemIdentity: pulumi.Input; /** * The ID of the FSx for OpenZFS volume that the S3 access point is attached to. */ volumeId: pulumi.Input; } interface S3AccessPointAttachmentS3AccessPointVpcConfigurationArgs { /** * Specifies the virtual private cloud (VPC) for the S3 access point VPC configuration, if one exists. */ vpcId: pulumi.Input; } } export declare namespace gamelift { interface AliasRoutingStrategyArgs { /** * A unique identifier for a fleet that the alias points to. If you specify SIMPLE for the Type property, you must specify this property. */ fleetId?: pulumi.Input; /** * The message text to be used with a terminal routing strategy. If you specify TERMINAL for the Type property, you must specify this property. */ message?: pulumi.Input; /** * Simple routing strategy. The alias resolves to one specific fleet. Use this type when routing to active fleets. */ type: pulumi.Input; } interface BuildStorageLocationArgs { /** * An Amazon S3 bucket identifier. This is the name of the S3 bucket. */ bucket: pulumi.Input; /** * The name of the zip file that contains the build files or script files. */ key: pulumi.Input; /** * The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter. */ objectVersion?: pulumi.Input; /** * The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket. */ roleArn: pulumi.Input; } /** * Defines the range of ports on the instance that allow inbound traffic to connect with containers in a fleet. */ interface ContainerFleetConnectionPortRangeArgs { /** * A starting value for a range of allowed port numbers. */ fromPort: pulumi.Input; /** * An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort. */ toPort: pulumi.Input; } /** * Provides details about how to drain old tasks and replace them with new updated tasks. */ interface ContainerFleetDeploymentConfigurationArgs { /** * The strategy to apply in case of impairment; defaults to MAINTAIN. */ impairmentStrategy?: pulumi.Input; /** * The minimum percentage of healthy required; defaults to 75. */ minimumHealthyPercentage?: pulumi.Input; /** * The protection strategy for deployment on the container fleet; defaults to WITH_PROTECTION. */ protectionStrategy?: pulumi.Input; } /** * A policy that limits the number of game sessions a player can create on the same fleet. This optional policy gives game owners control over how players can consume available game server resources. A resource creation policy makes the following statement: "An individual player can create a maximum number of new game sessions within a specified time period". * * The policy is evaluated when a player tries to create a new game session. For example, assume you have a policy of 10 new game sessions and a time period of 60 minutes. On receiving a CreateGameSession request, Amazon GameLift checks that the player (identified by CreatorId) has created fewer than 10 game sessions in the past 60 minutes. */ interface ContainerFleetGameSessionCreationLimitPolicyArgs { /** * The maximum number of game sessions that an individual can create during the policy period. */ newGameSessionsPerCreator?: pulumi.Input; /** * The time span used in evaluating the resource creation limit policy. */ policyPeriodInMinutes?: pulumi.Input; } /** * A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift hosting resource. New game sessions that are started on the fleet are assigned an IP address/port number combination, which must fall into the fleet's allowed ranges. For fleets created with a custom game server, the ranges reflect the server's game session assignments. For Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging and one for UDP, for use by the Realtime servers. */ interface ContainerFleetIpPermissionArgs { /** * A starting value for a range of allowed port numbers. */ fromPort: pulumi.Input; /** * A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: "000.000.000.000/[subnet mask]" or optionally the shortened version "0.0.0.0/[subnet mask]". */ ipRange: pulumi.Input; /** * The network communication protocol used by the fleet. */ protocol: pulumi.Input; /** * An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort. */ toPort: pulumi.Input; } /** * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region. */ interface ContainerFleetLocationCapacityArgs { /** * Defaults to MinSize if not defined. The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. If any auto-scaling policy is defined for the container fleet, the desired instance will only be applied once during fleet creation and will be ignored in updates to avoid conflicts with auto-scaling. During updates with any auto-scaling policy defined, if current desired instance is lower than the new MinSize, it will be increased to the new MinSize; if current desired instance is larger than the new MaxSize, it will be decreased to the new MaxSize. */ desiredEc2Instances?: pulumi.Input; /** * Configuration options for Amazon GameLift Servers-managed capacity behavior. */ managedCapacityConfiguration?: pulumi.Input; /** * The maximum value that is allowed for the fleet's instance count for a location. */ maxSize: pulumi.Input; /** * The minimum value allowed for the fleet's instance count for a location. */ minSize?: pulumi.Input; } /** * A remote location where a multi-location fleet can deploy EC2 instances for game hosting. */ interface ContainerFleetLocationConfigurationArgs { /** * An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting. */ location: pulumi.Input; locationCapacity?: pulumi.Input; /** * The player gateway status for the location. */ playerGatewayStatus?: pulumi.Input; stoppedActions?: pulumi.Input[]>; } /** * A policy the location and provider of logs from the fleet. */ interface ContainerFleetLogConfigurationArgs { /** * The type of log collection to use for a fleet. * * - `CLOUDWATCH` -- (default value) Send logs to an Amazon CloudWatch log group that you define. Each container emits a log stream, which is organized in the log group. * - `S3` -- Store logs in an Amazon S3 bucket that you define. This bucket must reside in the fleet's home AWS Region. * - `NONE` -- Don't collect container logs. */ logDestination?: pulumi.Input; /** * If log destination is CLOUDWATCH, logs are sent to the specified log group in Amazon CloudWatch. */ logGroupArn?: pulumi.Input; /** * The name of the S3 bucket to pull logs from if S3 is the LogDestination */ s3BucketName?: pulumi.Input; } /** * Configuration options for Amazon GameLift Servers managed capacity behavior. */ interface ContainerFleetManagedCapacityConfigurationArgs { /** * Length of time, in minutes, that Amazon GameLift Servers will wait before scaling in your MinSize and DesiredInstances to 0 after a period with no game session activity. */ scaleInAfterInactivityMinutes?: pulumi.Input; /** * The strategy Amazon GameLift Servers will use to automatically scale your capacity to and from zero in response to game session activity. Game session activity refers to any active running sessions or game session requests. When set to SCALE_TO_AND_FROM_ZERO, MinSize must not be specified and will be managed automatically. When set to MANUAL, MinSize is required. */ zeroCapacityStrategy: pulumi.Input; } /** * Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID. */ interface ContainerFleetScalingPolicyArgs { /** * Comparison operator to use when measuring a metric against the threshold value. */ comparisonOperator?: pulumi.Input; /** * Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered. */ evaluationPeriods?: pulumi.Input; /** * Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment. */ metricName: pulumi.Input; /** * A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique. */ name: pulumi.Input; /** * The type of scaling policy to create. For a target-based policy, set the parameter MetricName to 'PercentAvailableGameSessions' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment. */ policyType?: pulumi.Input; /** * Amount of adjustment to make, based on the scaling adjustment type. */ scalingAdjustment?: pulumi.Input; /** * The type of adjustment to make to a fleet's instance count. */ scalingAdjustmentType?: pulumi.Input; /** * An object that contains settings for a target-based scaling policy. */ targetConfiguration?: pulumi.Input; /** * Metric value used to trigger a scaling event. */ threshold?: pulumi.Input; } /** * Settings for a target-based scaling policy. A target-based policy tracks a particular fleet metric specifies a target value for the metric. As player usage changes, the policy triggers Amazon GameLift to adjust capacity so that the metric returns to the target value. The target configuration specifies settings as needed for the target based policy, including the target value. */ interface ContainerFleetTargetConfigurationArgs { /** * Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions). */ targetValue: pulumi.Input; } /** * A dependency that impacts a container's startup and shutdown. */ interface ContainerGroupDefinitionContainerDependencyArgs { /** * The type of dependency. */ condition: pulumi.Input; /** * A descriptive label for the container definition. The container being defined depends on this container's condition. */ containerName: pulumi.Input; } /** * An environment variable to set inside a container, in the form of a key-value pair. */ interface ContainerGroupDefinitionContainerEnvironmentArgs { /** * The environment variable name. */ name: pulumi.Input; /** * The environment variable value. */ value: pulumi.Input; } /** * Specifies how the process manager checks the health of containers. */ interface ContainerGroupDefinitionContainerHealthCheckArgs { /** * A string array representing the command that the container runs to determine if it is healthy. */ command: pulumi.Input[]>; /** * How often (in seconds) the health is checked. */ interval?: pulumi.Input; /** * How many times the process manager will retry the command after a timeout. (The first run of the command does not count as a retry.) */ retries?: pulumi.Input; /** * The optional grace period (in seconds) to give a container time to boostrap before teh health check is declared failed. */ startPeriod?: pulumi.Input; /** * How many seconds the process manager allows the command to run before canceling it. */ timeout?: pulumi.Input; } /** * Defines the mount point configuration within a container. */ interface ContainerGroupDefinitionContainerMountPointArgs { /** * The access permissions for the mounted path. */ accessLevel?: pulumi.Input; /** * The path inside the container where the mount is accessible. */ containerPath?: pulumi.Input; /** * The path on the host that will be mounted in the container. */ instancePath: pulumi.Input; } /** * A set of one or more port numbers that can be opened on the container. */ interface ContainerGroupDefinitionContainerPortRangeArgs { /** * A starting value for the range of allowed port numbers. */ fromPort: pulumi.Input; /** * Defines the protocol of these ports. */ protocol: pulumi.Input; /** * An ending value for the range of allowed port numbers. Port numbers are end-inclusive. This value must be equal to or greater than FromPort. */ toPort: pulumi.Input; } /** * Specifies the information required to run game servers with this container group */ interface ContainerGroupDefinitionGameServerContainerDefinitionArgs { /** * A descriptive label for the container definition. Container definition names must be unique with a container group definition. */ containerName: pulumi.Input; /** * A list of container dependencies that determines when this container starts up and shuts down. For container groups with multiple containers, dependencies let you define a startup/shutdown sequence across the containers. */ dependsOn?: pulumi.Input[]>; /** * The environment variables to pass to a container. */ environmentOverride?: pulumi.Input[]>; /** * Specifies the image URI of this container. */ imageUri: pulumi.Input; /** * A list of mount point configurations to be used in a container. */ mountPoints?: pulumi.Input[]>; /** * Defines the ports on the container. */ portConfiguration?: pulumi.Input; /** * The digest of the container image. */ resolvedImageDigest?: pulumi.Input; /** * The version of the server SDK used in this container group */ serverSdkVersion: pulumi.Input; } /** * Defines the ports on a container. */ interface ContainerGroupDefinitionPortConfigurationArgs { /** * Specifies one or more ranges of ports on a container. */ containerPortRanges: pulumi.Input[]>; } /** * Supports the function of the main container group */ interface ContainerGroupDefinitionSupportContainerDefinitionArgs { /** * A descriptive label for the container definition. */ containerName: pulumi.Input; /** * A list of container dependencies that determines when this container starts up and shuts down. For container groups with multiple containers, dependencies let you define a startup/shutdown sequence across the containers. */ dependsOn?: pulumi.Input[]>; /** * The environment variables to pass to a container. */ environmentOverride?: pulumi.Input[]>; /** * Specifies if the container is essential. If an essential container fails a health check, then all containers in the container group will be restarted. You must specify exactly 1 essential container in a container group. */ essential?: pulumi.Input; /** * Specifies how the health of the containers will be checked. */ healthCheck?: pulumi.Input; /** * Specifies the image URI of this container. */ imageUri: pulumi.Input; /** * The total memory limit of container groups following this definition in MiB */ memoryHardLimitMebibytes?: pulumi.Input; /** * A list of mount point configurations to be used in a container. */ mountPoints?: pulumi.Input[]>; /** * Defines the ports on the container. */ portConfiguration?: pulumi.Input; /** * The digest of the container image. */ resolvedImageDigest?: pulumi.Input; /** * The number of virtual CPUs to give to the support group */ vcpu?: pulumi.Input; } /** * Configuration for Anywhere fleet. */ interface FleetAnywhereConfigurationArgs { /** * Cost of compute can be specified on Anywhere Fleets to prioritize placement across Queue destinations based on Cost. */ cost: pulumi.Input; } /** * Information about the use of a TLS/SSL certificate for a fleet. TLS certificate generation is enabled at the fleet level, with one certificate generated for the fleet. When this feature is enabled, the certificate can be retrieved using the GameLift Server SDK call GetInstanceCertificate. All instances in a fleet share the same certificate. */ interface FleetCertificateConfigurationArgs { /** * Indicates whether a TLS/SSL certificate is generated for a fleet. * * Valid values include: * * - *GENERATED* - Generate a TLS/SSL certificate for this fleet. * - *DISABLED* - (default) Do not generate a TLS/SSL certificate for this fleet. */ certificateType: pulumi.Input; } /** * A range of IP addresses and port settings that allow inbound traffic to connect to server processes on an Amazon GameLift hosting resource. New game sessions that are started on the fleet are assigned an IP address/port number combination, which must fall into the fleet's allowed ranges. For fleets created with a custom game server, the ranges reflect the server's game session assignments. For Realtime Servers fleets, Amazon GameLift automatically opens two port ranges, one for TCP messaging and one for UDP, for use by the Realtime servers. */ interface FleetIpPermissionArgs { /** * A starting value for a range of allowed port numbers. */ fromPort: pulumi.Input; /** * A range of allowed IP addresses. This value must be expressed in CIDR notation. Example: "000.000.000.000/[subnet mask]" or optionally the shortened version "0.0.0.0/[subnet mask]". */ ipRange: pulumi.Input; /** * The network communication protocol used by the fleet. */ protocol: pulumi.Input; /** * An ending value for a range of allowed port numbers. Port numbers are end-inclusive. This value must be higher than FromPort. */ toPort: pulumi.Input; } /** * Current resource capacity settings in a specified fleet or location. The location value might refer to a fleet's remote location or its home Region. */ interface FleetLocationCapacityArgs { /** * Defaults to MinSize if not defined. The number of EC2 instances you want to maintain in the specified fleet location. This value must fall between the minimum and maximum size limits. */ desiredEc2Instances?: pulumi.Input; /** * Configuration options for Amazon GameLift Servers-managed capacity behavior. */ managedCapacityConfiguration?: pulumi.Input; /** * The maximum value that is allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "1". Once the fleet is active, you can change this value. */ maxSize: pulumi.Input; /** * The minimum value allowed for the fleet's instance count for a location. When creating a new fleet, GameLift automatically sets this value to "0". After the fleet is active, you can change this value. */ minSize?: pulumi.Input; } /** * A remote location where a multi-location fleet can deploy EC2 instances for game hosting. */ interface FleetLocationConfigurationArgs { /** * An AWS Region code, such as `us-west-2` . For a list of supported Regions and Local Zones, see [Amazon GameLift Servers service locations](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) for managed hosting. */ location: pulumi.Input; /** * Current resource capacity settings for managed EC2 fleets and managed container fleets. For multi-location fleets, location values might refer to a fleet's remote location or its home Region. * * *Returned by:* [DescribeFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetCapacity.html) , [DescribeFleetLocationCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_DescribeFleetLocationCapacity.html) , [UpdateFleetCapacity](https://docs.aws.amazon.com/gamelift/latest/apireference/API_UpdateFleetCapacity.html) */ locationCapacity?: pulumi.Input; /** * The player gateway status for the location. */ playerGatewayStatus?: pulumi.Input; } /** * Configuration options for Amazon GameLift Servers-managed capacity behavior. */ interface FleetManagedCapacityConfigurationArgs { /** * Length of time, in minutes, that Amazon GameLift Servers will wait before scaling in your MinSize and DesiredInstances to 0 after a period with no game session activity. */ scaleInAfterInactivityMinutes?: pulumi.Input; /** * The strategy Amazon GameLift Servers will use to automatically scale your capacity to and from zero in response to game session activity. Game session activity refers to any active running sessions or game session requests. When set to SCALE_TO_AND_FROM_ZERO, MinSize must not be specified and will be managed automatically. When set to MANUAL, MinSize is required. */ zeroCapacityStrategy: pulumi.Input; } /** * Configuration for player gateway. */ interface FleetPlayerGatewayConfigurationArgs { /** * The IP protocol supported by the game server. */ gameServerIpProtocolSupported?: pulumi.Input; } /** * A policy that limits the number of game sessions a player can create on the same fleet. This optional policy gives game owners control over how players can consume available game server resources. A resource creation policy makes the following statement: "An individual player can create a maximum number of new game sessions within a specified time period". * * The policy is evaluated when a player tries to create a new game session. For example, assume you have a policy of 10 new game sessions and a time period of 60 minutes. On receiving a CreateGameSession request, Amazon GameLift checks that the player (identified by CreatorId) has created fewer than 10 game sessions in the past 60 minutes. */ interface FleetResourceCreationLimitPolicyArgs { /** * The maximum number of game sessions that an individual can create during the policy period. */ newGameSessionsPerCreator?: pulumi.Input; /** * The time span used in evaluating the resource creation limit policy. */ policyPeriodInMinutes?: pulumi.Input; } /** * A collection of server process configurations that describe the processes to run on each instance in a fleet. All fleets must have a runtime configuration. Each instance in the fleet maintains server processes as specified in the runtime configuration, launching new ones as existing processes end. Each instance regularly checks for an updated runtime configuration makes adjustments as called for. * * The runtime configuration enables the instances in a fleet to run multiple processes simultaneously. Potential scenarios are as follows: (1) Run multiple processes of a single game server executable to maximize usage of your hosting resources. (2) Run one or more processes of different executables, such as your game server and a metrics tracking program. (3) Run multiple processes of a single game server but with different launch parameters, for example to run one process on each instance in debug mode. * * An Amazon GameLift instance is limited to 50 processes running simultaneously. A runtime configuration must specify fewer than this limit. To calculate the total number of processes specified in a runtime configuration, add the values of the ConcurrentExecutions parameter for each ServerProcess object in the runtime configuration. */ interface FleetRuntimeConfigurationArgs { /** * The maximum amount of time (in seconds) that a game session can remain in status ACTIVATING. If the game session is not active before the timeout, activation is terminated and the game session status is changed to TERMINATED. */ gameSessionActivationTimeoutSeconds?: pulumi.Input; /** * The maximum number of game sessions with status ACTIVATING to allow on an instance simultaneously. This setting limits the amount of instance resources that can be used for new game activations at any one time. */ maxConcurrentGameSessionActivations?: pulumi.Input; /** * A collection of server process configurations that describe which server processes to run on each instance in a fleet. */ serverProcesses?: pulumi.Input[]>; } /** * Rule that controls how a fleet is scaled. Scaling policies are uniquely identified by the combination of name and fleet ID. */ interface FleetScalingPolicyArgs { /** * Comparison operator to use when measuring a metric against the threshold value. */ comparisonOperator?: pulumi.Input; /** * Length of time (in minutes) the metric must be at or beyond the threshold before a scaling event is triggered. */ evaluationPeriods?: pulumi.Input; /** * The fleet location. */ location?: pulumi.Input; /** * Name of the Amazon GameLift-defined metric that is used to trigger a scaling adjustment. */ metricName: pulumi.Input; /** * A descriptive label that is associated with a fleet's scaling policy. Policy names do not need to be unique. */ name: pulumi.Input; /** * The type of scaling policy to create. For a target-based policy, set the parameter MetricName to 'PercentAvailableGameSessions' and specify a TargetConfiguration. For a rule-based policy set the following parameters: MetricName, ComparisonOperator, Threshold, EvaluationPeriods, ScalingAdjustmentType, and ScalingAdjustment. */ policyType?: pulumi.Input; /** * Amount of adjustment to make, based on the scaling adjustment type. */ scalingAdjustment?: pulumi.Input; /** * The type of adjustment to make to a fleet's instance count. */ scalingAdjustmentType?: pulumi.Input; /** * Current status of the scaling policy. The scaling policy can be in force only when in an ACTIVE status. Scaling policies can be suspended for individual fleets. If the policy is suspended for a fleet, the policy status does not change. */ status?: pulumi.Input; /** * An object that contains settings for a target-based scaling policy. */ targetConfiguration?: pulumi.Input; /** * Metric value used to trigger a scaling event. */ threshold?: pulumi.Input; /** * The current status of the fleet's scaling policies in a requested fleet location. The status PENDING_UPDATE indicates that an update was requested for the fleet but has not yet been completed for the location. */ updateStatus?: pulumi.Input; } /** * A set of instructions for launching server processes on each instance in a fleet. Each instruction set identifies the location of the server executable, optional launch parameters, and the number of server processes with this configuration to maintain concurrently on the instance. Server process configurations make up a fleet's RuntimeConfiguration. */ interface FleetServerProcessArgs { /** * The number of server processes that use this configuration to run concurrently on an instance. */ concurrentExecutions: pulumi.Input; /** * The location of the server executable in a custom game build or the name of the Realtime script file that contains the Init() function. Game builds and Realtime scripts are installed on instances at the root: * * Windows (for custom game builds only): C:\game. Example: "C:\game\MyGame\server.exe" * * Linux: /local/game. Examples: "/local/game/MyGame/server.exe" or "/local/game/MyRealtimeScript.js" */ launchPath: pulumi.Input; /** * An optional list of parameters to pass to the server executable or Realtime script on launch. */ parameters?: pulumi.Input; } /** * Settings for a target-based scaling policy. A target-based policy tracks a particular fleet metric specifies a target value for the metric. As player usage changes, the policy triggers Amazon GameLift to adjust capacity so that the metric returns to the target value. The target configuration specifies settings as needed for the target based policy, including the target value. */ interface FleetTargetConfigurationArgs { /** * Desired value to use with a target-based scaling policy. The value must be relevant for whatever metric the scaling policy is using. For example, in a policy using the metric PercentAvailableGameSessions, the target value should be the preferred size of the fleet's buffer (the percent of capacity that should be idle and ready for new game sessions). */ targetValue: pulumi.Input; } /** * Configuration settings to define a scaling policy for the Auto Scaling group that is optimized for game hosting. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource. */ interface GameServerGroupAutoScalingPolicyArgs { /** * Length of time, in seconds, it takes for a new instance to start new game server processes and register with Amazon GameLift Servers FleetIQ. Specifying a warm-up time can be useful, particularly with game servers that take a long time to start up, because it avoids prematurely starting new instances. */ estimatedInstanceWarmup?: pulumi.Input; /** * Settings for a target-based scaling policy applied to Auto Scaling group. These settings are used to create a target-based policy that tracks the GameLift FleetIQ metric `PercentUtilizedGameServers` and specifies a target value for the metric. As player usage changes, the policy triggers to adjust the game server group capacity so that the metric returns to the target value. */ targetTrackingConfiguration: pulumi.Input; } /** * An allowed instance type for your game server group. */ interface GameServerGroupInstanceDefinitionArgs { instanceType: pulumi.Input; weightedCapacity?: pulumi.Input; } /** * The EC2 launch template that contains configuration settings and game server code to be deployed to all instances in the game server group. Updating this game server group property will not take effect for the created EC2 Auto Scaling group, please update the EC2 Auto Scaling group directly after creating the resource. */ interface GameServerGroupLaunchTemplateArgs { /** * A unique identifier for an existing Amazon EC2 launch template. */ launchTemplateId?: pulumi.Input; /** * A readable identifier for an existing Amazon EC2 launch template. */ launchTemplateName?: pulumi.Input; /** * The version of the Amazon EC2 launch template to use. If no version is specified, the default version will be used. With Amazon EC2, you can specify a default version for a launch template. If none is set, the default is the first version created. */ version?: pulumi.Input; } /** * Settings for a target-based scaling policy applied to Auto Scaling group. */ interface GameServerGroupTargetTrackingConfigurationArgs { /** * Desired value to use with a game server group target-based scaling policy. */ targetValue: pulumi.Input; } /** * A fleet or alias designated in a game session queue. */ interface GameSessionQueueDestinationArgs { /** * The Amazon Resource Name (ARN) that is assigned to fleet or fleet alias. ARNs, which include a fleet ID or alias ID and a Region name, provide a unique identifier across all Regions. */ destinationArn?: pulumi.Input; } interface GameSessionQueueFilterConfigurationArgs { /** * A list of locations to allow game session placement in, in the form of AWS Region codes such as `us-west-2` . */ allowedLocations?: pulumi.Input[]>; } /** * Sets a latency cap for individual players when placing a game session. */ interface GameSessionQueuePlayerLatencyPolicyArgs { /** * The maximum latency value that is allowed for any player, in milliseconds. All policies must have a value set for this property. */ maximumIndividualPlayerLatencyMilliseconds?: pulumi.Input; /** * The length of time, in seconds, that the policy is enforced while placing a new game session. */ policyDurationSeconds?: pulumi.Input; } interface GameSessionQueuePriorityConfigurationArgs { /** * The prioritization order to use for fleet locations, when the `PriorityOrder` property includes `LOCATION` . Locations can include AWS Region codes (such as `us-west-2` ), local zones, and custom locations (for Anywhere fleets). Each location must be listed only once. For details, see [Amazon GameLift Servers service locations.](https://docs.aws.amazon.com/gamelift/latest/developerguide/gamelift-regions.html) */ locationOrder?: pulumi.Input[]>; /** * A custom sequence to use when prioritizing where to place new game sessions. Each priority type is listed once. * * - `LATENCY` -- Amazon GameLift Servers prioritizes locations where the average player latency is lowest. Player latency data is provided in each game session placement request. * - `COST` -- Amazon GameLift Servers prioritizes queue destinations with the lowest current hosting costs. Cost is evaluated based on the destination's location, instance type, and fleet type (Spot or On-Demand). * - `DESTINATION` -- Amazon GameLift Servers prioritizes based on the list order of destinations in the queue configuration. * - `LOCATION` -- Amazon GameLift Servers prioritizes based on the provided order of locations, as defined in `LocationOrder` . */ priorityOrder?: pulumi.Input[]>; } /** * A key-value pair that contains information about a game session. */ interface MatchmakingConfigurationGamePropertyArgs { /** * The game property identifier. */ key: pulumi.Input; /** * The game property value. */ value: pulumi.Input; } interface ScriptS3LocationArgs { /** * An Amazon S3 bucket identifier. This is the name of the S3 bucket. */ bucket: pulumi.Input; /** * The name of the zip file that contains the script files. */ key: pulumi.Input; /** * The version of the file, if object versioning is turned on for the bucket. Amazon GameLift uses this information when retrieving files from your S3 bucket. To retrieve a specific version of the file, provide an object version. To retrieve the latest version of the file, do not set this parameter. */ objectVersion?: pulumi.Input; /** * The Amazon Resource Name (ARN) for an IAM role that allows Amazon GameLift to access the S3 bucket. */ roleArn: pulumi.Input; } } export declare namespace gameliftstreams { interface ApplicationRuntimeEnvironmentArgs { /** * The operating system and other drivers. For Proton, this also includes the Proton compatibility layer. */ type: pulumi.Input; /** * Versioned container environment for the application operating system. */ version: pulumi.Input; } interface StreamGroupDefaultApplicationArgs { /** * An [Amazon Resource Name (ARN)](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference-arns.html) that uniquely identifies the application resource. Example ARN: `arn:aws:gameliftstreams:us-west-2:111122223333:application/a-9ZY8X7Wv6` . */ arn?: pulumi.Input; /** * An ID that uniquely identifies the application resource. Example ID: `a-9ZY8X7Wv6` . */ id?: pulumi.Input; } interface StreamGroupLocationConfigurationArgs { /** * This setting, if non-zero, indicates minimum streaming capacity which is allocated to you and is never released back to the service. You pay for this base level of capacity at all times, whether used or idle. */ alwaysOnCapacity?: pulumi.Input; /** * A location's name. For example, `us-east-1` . For a complete list of locations that Amazon GameLift Streams supports, refer to [Regions, quotas, and limitations](https://docs.aws.amazon.com/gameliftstreams/latest/developerguide/regions-quotas.html) in the *Amazon GameLift Streams Developer Guide* . */ locationName: pulumi.Input; maximumCapacity?: pulumi.Input; /** * This shape is deprecated. */ onDemandCapacity?: pulumi.Input; targetIdleCapacity?: pulumi.Input; vpcTransitConfiguration?: pulumi.Input; } interface StreamGroupVpcTransitConfigurationArgs { ipv4CidrBlocks: pulumi.Input[]>; vpcId: pulumi.Input; } } export declare namespace globalaccelerator { /** * ARN of resource to share. */ interface CrossAccountAttachmentResourceArgs { /** * An IP address range, in CIDR format, that is specified as resource. The address must be provisioned and advertised in AWS Global Accelerator by following the bring your own IP address (BYOIP) process for Global Accelerator * * For more information, see [Bring your own IP addresses (BYOIP)](https://docs.aws.amazon.com/global-accelerator/latest/dg/using-byoip.html) in the AWS Global Accelerator Developer Guide. */ cidr?: pulumi.Input; /** * The endpoint ID for the endpoint that is specified as a AWS resource. * * An endpoint ID for the cross-account feature is the ARN of an AWS resource, such as a Network Load Balancer, that Global Accelerator supports as an endpoint for an accelerator. */ endpointId?: pulumi.Input; /** * The AWS Region where a shared endpoint resource is located. */ region?: pulumi.Input; } /** * The configuration for a given endpoint */ interface EndpointGroupEndpointConfigurationArgs { /** * Attachment ARN that provides access control to the cross account endpoint. Not required for resources hosted in the same account as the endpoint group. */ attachmentArn?: pulumi.Input; /** * true if client ip should be preserved */ clientIpPreservationEnabled?: pulumi.Input; /** * Id of the endpoint. For Network/Application Load Balancer this value is the ARN. For EIP, this value is the allocation ID. For EC2 instances, this is the EC2 instance ID */ endpointId: pulumi.Input; /** * The weight for the endpoint. */ weight?: pulumi.Input; } /** * listener to endpoint port mapping. */ interface EndpointGroupPortOverrideArgs { /** * The endpoint port that you want a listener port to be mapped to. This is the port on the endpoint, such as the Application Load Balancer or Amazon EC2 instance. */ endpointPort: pulumi.Input; /** * The listener port that you want to map to a specific endpoint port. This is the port that user traffic arrives to the Global Accelerator on. */ listenerPort: pulumi.Input; } /** * A port range to support for connections from clients to your accelerator. */ interface ListenerPortRangeArgs { /** * The first port in the range of ports, inclusive. */ fromPort: pulumi.Input; /** * The last port in the range of ports, inclusive. */ toPort: pulumi.Input; } } export declare namespace glue { /** * Data lake access properties for the catalog. */ interface CatalogDataLakeAccessPropertiesArgs { /** * Allows third-party engines to access data in Amazon S3 locations that are registered with Lake Formation. */ allowFullTableExternalDataAccess?: pulumi.Input; /** * Specifies a federated catalog type for the native catalog resource. */ catalogType?: pulumi.Input; /** * Turns on or off data lake access for Apache Spark applications that access Amazon Redshift databases in the Data Catalog from any non-Redshift engine. */ dataLakeAccess?: pulumi.Input; /** * A role that will be assumed by Glue for transferring data into/out of the staging bucket during a query. */ dataTransferRole?: pulumi.Input; /** * An encryption key that will be used for the staging bucket that will be created along with the catalog. */ kmsKey?: pulumi.Input; /** * The name of the managed workgroup associated with the catalog. */ managedWorkgroupName?: pulumi.Input; /** * The status of the managed workgroup. */ managedWorkgroupStatus?: pulumi.Input; /** * The name of the Redshift database. */ redshiftDatabaseName?: pulumi.Input; } /** * The Lake Formation principal. */ interface CatalogDataLakePrincipalArgs { /** * An identifier for the Lake Formation principal. */ dataLakePrincipalIdentifier?: pulumi.Input; } /** * A FederatedCatalog structure that references an entity outside the Glue Data Catalog. */ interface CatalogFederatedCatalogArgs { /** * The name of the connection to an external data source. */ connectionName?: pulumi.Input; /** * A unique identifier for the federated catalog. */ identifier?: pulumi.Input; } /** * Permissions granted to a principal. */ interface CatalogPrincipalPermissionsArgs { /** * The permissions that are granted to the principal. */ permissions?: pulumi.Input[]>; principal?: pulumi.Input; } /** * A structure that specifies data lake access properties and other custom properties. */ interface CatalogPropertiesArgs { /** * Additional key-value properties for the catalog. */ customProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; dataLakeAccessProperties?: pulumi.Input; } /** * A structure that describes a target catalog for resource linking. */ interface CatalogTargetRedshiftCatalogArgs { /** * The Amazon Resource Name (ARN) of the catalog resource. */ catalogArn: pulumi.Input; } /** * Specifies an AWS Glue Data Catalog target. */ interface CrawlerCatalogTargetArgs { /** * The name of the connection for an Amazon S3-backed Data Catalog table to be a target of the crawl when using a Catalog connection type paired with a NETWORK Connection type. */ connectionName?: pulumi.Input; /** * The name of the database to be synchronized. */ databaseName?: pulumi.Input; /** * A valid Amazon dead-letter SQS ARN. For example, arn:aws:sqs:region:account:deadLetterQueue. */ dlqEventQueueArn?: pulumi.Input; /** * A valid Amazon SQS ARN. For example, arn:aws:sqs:region:account:sqs. */ eventQueueArn?: pulumi.Input; /** * A list of the tables to be synchronized. */ tables?: pulumi.Input[]>; } /** * Specifies a Delta data store to crawl one or more Delta tables. */ interface CrawlerDeltaTargetArgs { /** * The name of the connection to use to connect to the Delta table target. */ connectionName?: pulumi.Input; /** * Specifies whether the crawler will create native tables, to allow integration with query engines that support querying of the Delta transaction log directly. */ createNativeDeltaTable?: pulumi.Input; /** * A list of the Amazon S3 paths to the Delta tables. */ deltaTables?: pulumi.Input[]>; /** * Specifies whether to write the manifest files to the Delta table path. */ writeManifest?: pulumi.Input; } /** * Specifies an Amazon DynamoDB table to crawl. */ interface CrawlerDynamoDbTargetArgs { /** * The name of the DynamoDB table to crawl. */ path?: pulumi.Input; /** * Indicates whether to scan all the records, or to sample rows from the table. Scanning all the records can take a long time when the table is not a high throughput table. A value of true means to scan all records, while a value of false means to sample the records. If no value is specified, the value defaults to true. */ scanAll?: pulumi.Input; /** * The percentage of the configured read capacity units to use by the AWS Glue crawler. Read capacity units is a term defined by DynamoDB, and is a numeric value that acts as rate limiter for the number of reads that can be performed on that table per second. * * The valid values are null or a value between 0.1 to 1.5. A null value is used when user does not provide a value, and defaults to 0.5 of the configured Read Capacity Unit (for provisioned tables), or 0.25 of the max configured Read Capacity Unit (for tables using on-demand mode). */ scanRate?: pulumi.Input; } /** * Specifies Apache Hudi data store targets. */ interface CrawlerHudiTargetArgs { /** * The name of the connection to use to connect to the Hudi target. */ connectionName?: pulumi.Input; /** * A list of global patterns used to exclude from the crawl. */ exclusions?: pulumi.Input[]>; /** * The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Hudi metadata folder in your Amazon S3 path. Used to limit the crawler run time. */ maximumTraversalDepth?: pulumi.Input; /** * One or more Amazon S3 paths that contains Hudi metadata folders as s3://bucket/prefix . */ paths?: pulumi.Input[]>; } /** * Specifies Apache Iceberg data store targets. */ interface CrawlerIcebergTargetArgs { /** * The name of the connection to use to connect to the Iceberg target. */ connectionName?: pulumi.Input; /** * A list of global patterns used to exclude from the crawl. */ exclusions?: pulumi.Input[]>; /** * The maximum depth of Amazon S3 paths that the crawler can traverse to discover the Iceberg metadata folder in your Amazon S3 path. Used to limit the crawler run time. */ maximumTraversalDepth?: pulumi.Input; /** * One or more Amazon S3 paths that contains Iceberg metadata folders as s3://bucket/prefix . */ paths?: pulumi.Input[]>; } /** * Specifies a JDBC data store to crawl. */ interface CrawlerJdbcTargetArgs { /** * The name of the connection to use to connect to the JDBC target. */ connectionName?: pulumi.Input; /** * Specify a value of RAWTYPES or COMMENTS to enable additional metadata in table responses. RAWTYPES provides the native-level datatype. COMMENTS provides comments associated with a column or table in the database. * * If you do not need additional metadata, keep the field empty. */ enableAdditionalMetadata?: pulumi.Input[]>; /** * A list of glob patterns used to exclude from the crawl. For more information, see Catalog Tables with a Crawler. */ exclusions?: pulumi.Input[]>; /** * The path of the JDBC target. */ path?: pulumi.Input; } /** * Specifies AWS Lake Formation configuration settings for the crawler */ interface CrawlerLakeFormationConfigurationArgs { /** * Required for cross account crawls. For same account crawls as the target data, this can be left as null. */ accountId?: pulumi.Input; /** * Specifies whether to use AWS Lake Formation credentials for the crawler instead of the IAM role credentials. */ useLakeFormationCredentials?: pulumi.Input; } /** * Specifies an Amazon DocumentDB or MongoDB data store to crawl. */ interface CrawlerMongoDbTargetArgs { /** * The name of the connection to use to connect to the Amazon DocumentDB or MongoDB target. */ connectionName?: pulumi.Input; /** * The path of the Amazon DocumentDB or MongoDB target (database/collection). */ path?: pulumi.Input; } /** * When crawling an Amazon S3 data source after the first crawl is complete, specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run. For more information, see Incremental Crawls in AWS Glue in the developer guide. */ interface CrawlerRecrawlPolicyArgs { /** * Specifies whether to crawl the entire dataset again or to crawl only folders that were added since the last crawler run. A value of CRAWL_EVERYTHING specifies crawling the entire dataset again. A value of CRAWL_NEW_FOLDERS_ONLY specifies crawling only folders that were added since the last crawler run. A value of CRAWL_EVENT_MODE specifies crawling only the changes identified by Amazon S3 events. */ recrawlBehavior?: pulumi.Input; } /** * Specifies a data store in Amazon Simple Storage Service (Amazon S3). */ interface CrawlerS3TargetArgs { /** * The name of a connection which allows a job or crawler to access data in Amazon S3 within an Amazon Virtual Private Cloud environment (Amazon VPC). */ connectionName?: pulumi.Input; /** * A valid Amazon dead-letter SQS ARN. For example, arn:aws:sqs:region:account:deadLetterQueue. */ dlqEventQueueArn?: pulumi.Input; /** * A valid Amazon SQS ARN. For example, arn:aws:sqs:region:account:sqs. */ eventQueueArn?: pulumi.Input; /** * A list of glob patterns used to exclude from the crawl. */ exclusions?: pulumi.Input[]>; /** * The path to the Amazon S3 target. */ path?: pulumi.Input; /** * Sets the number of files in each leaf folder to be crawled when crawling sample files in a dataset. If not set, all the files are crawled. A valid value is an integer between 1 and 249. */ sampleSize?: pulumi.Input; } /** * A scheduling object using a cron statement to schedule an event. */ interface CrawlerScheduleArgs { /** * A cron expression used to specify the schedule. For more information, see Time-Based Schedules for Jobs and Crawlers. For example, to run something every day at 12:15 UTC, specify cron(15 12 * * ? *). */ scheduleExpression?: pulumi.Input; } /** * The policy that specifies update and delete behaviors for the crawler. The policy tells the crawler what to do in the event that it detects a change in a table that already exists in the customer's database at the time of the crawl. The SchemaChangePolicy does not affect whether or how new tables and partitions are added. New tables and partitions are always created regardless of the SchemaChangePolicy on a crawler. The SchemaChangePolicy consists of two components, UpdateBehavior and DeleteBehavior. */ interface CrawlerSchemaChangePolicyArgs { /** * The deletion behavior when the crawler finds a deleted object. A value of LOG specifies that if a table or partition is found to no longer exist, do not delete it, only log that it was found to no longer exist. A value of DELETE_FROM_DATABASE specifies that if a table or partition is found to have been removed, delete it from the database. A value of DEPRECATE_IN_DATABASE specifies that if a table has been found to no longer exist, to add a property to the table that says 'DEPRECATED' and includes a timestamp with the time of deprecation. */ deleteBehavior?: pulumi.Input; /** * The update behavior when the crawler finds a changed schema. A value of LOG specifies that if a table or a partition already exists, and a change is detected, do not update it, only log that a change was detected. Add new tables and new partitions (including on existing tables). A value of UPDATE_IN_DATABASE specifies that if a table or partition already exists, and a change is detected, update it. Add new tables and partitions. */ updateBehavior?: pulumi.Input; } /** * Specifies data stores to crawl. */ interface CrawlerTargetsArgs { /** * Specifies AWS Glue Data Catalog targets. */ catalogTargets?: pulumi.Input[]>; /** * Specifies an array of Delta data store targets. */ deltaTargets?: pulumi.Input[]>; /** * Specifies Amazon DynamoDB targets. */ dynamoDbTargets?: pulumi.Input[]>; /** * Specifies Apache Hudi data store targets. */ hudiTargets?: pulumi.Input[]>; /** * Specifies Apache Iceberg data store targets. */ icebergTargets?: pulumi.Input[]>; /** * Specifies JDBC targets. */ jdbcTargets?: pulumi.Input[]>; /** * A list of Mongo DB targets. */ mongoDbTargets?: pulumi.Input[]>; /** * Specifies Amazon Simple Storage Service (Amazon S3) targets. */ s3Targets?: pulumi.Input[]>; } /** * The AWS Lake Formation principal. */ interface DatabaseDataLakePrincipalArgs { /** * An identifier for the AWS Lake Formation principal. */ dataLakePrincipalIdentifier?: pulumi.Input; } /** * A FederatedDatabase structure that references an entity outside the AWS Glue Data Catalog. */ interface DatabaseFederatedDatabaseArgs { /** * The name of the connection to the external metastore. */ connectionName?: pulumi.Input; /** * A unique identifier for the federated database. */ identifier?: pulumi.Input; } /** * A structure that describes a target database for resource linking. */ interface DatabaseIdentifierArgs { /** * The ID of the Data Catalog in which the database resides. */ catalogId?: pulumi.Input; /** * The name of the catalog database. */ databaseName?: pulumi.Input; /** * Region of the target database. */ region?: pulumi.Input; } /** * The structure used to create or update a database. */ interface DatabaseInputArgs { /** * Creates a set of default permissions on the table for principals. Used by AWS Lake Formation. Not used in the normal course of AWS Glue operations. */ createTableDefaultPermissions?: pulumi.Input[]>; /** * A description of the database. */ description?: pulumi.Input; /** * A FederatedDatabase structure that references an entity outside the AWS Glue Data Catalog. */ federatedDatabase?: pulumi.Input; /** * The location of the database (for example, an HDFS path). */ locationUri?: pulumi.Input; /** * The name of the database. For hive compatibility, this is folded to lowercase when it is stored. */ name?: pulumi.Input; /** * These key-value pairs define parameters and properties of the database. */ parameters?: any; /** * A DatabaseIdentifier structure that describes a target database for resource linking. */ targetDatabase?: pulumi.Input; } /** * The permissions granted to a principal. */ interface DatabasePrincipalPrivilegesArgs { /** * The permissions that are granted to the principal. */ permissions?: pulumi.Input[]>; /** * The principal who is granted permissions. */ principal?: pulumi.Input; } /** * The configuration settings for the integration. */ interface IntegrationConfigArgs { /** * Enables continuous synchronization for on-demand data extractions. */ continuousSync?: pulumi.Input; /** * Specifies the frequency at which CDC (Change Data Capture) pulls or incremental loads should occur. */ refreshInterval?: pulumi.Input; /** * A collection of key-value pairs that specify additional properties for the integration source. These properties provide configuration options that can be used to customize the behavior of the ODB source during data integration operations. */ sourceProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface JobCommandArgs { /** * The name of the job command */ name?: pulumi.Input; /** * The Python version being used to execute a Python shell job. */ pythonVersion?: pulumi.Input; /** * Runtime is used to specify the versions of Ray, Python and additional libraries available in your environment */ runtime?: pulumi.Input; /** * Specifies the Amazon Simple Storage Service (Amazon S3) path to a script that executes a job */ scriptLocation?: pulumi.Input; } interface JobConnectionsListArgs { /** * A list of connections used by the job. */ connections?: pulumi.Input[]>; } interface JobExecutionPropertyArgs { /** * The maximum number of concurrent runs allowed for the job. */ maxConcurrentRuns?: pulumi.Input; } interface JobNotificationPropertyArgs { /** * It is the number of minutes to wait before sending a job run delay notification after a job run starts */ notifyDelayAfter?: pulumi.Input; } /** * Identifier for the registry which the schema is part of. */ interface SchemaRegistryArgs { /** * Amazon Resource Name for the Registry. */ arn?: pulumi.Input; /** * Name of the registry in which the schema will be created. */ name?: pulumi.Input; } /** * Specify checkpoint version for update. This is only required to update the Compatibility. */ interface SchemaVersionArgs { /** * Indicates if the latest version needs to be updated. */ isLatest?: pulumi.Input; /** * Indicates the version number in the schema to update. */ versionNumber?: pulumi.Input; } /** * Identifier for the schema where the schema version will be created. */ interface SchemaVersionSchemaArgs { /** * Name of the registry to identify where the Schema is located. */ registryName?: pulumi.Input; /** * Amazon Resource Name for the Schema. This attribute can be used to uniquely represent the Schema. */ schemaArn?: pulumi.Input; /** * Name of the schema. This parameter requires RegistryName to be provided. */ schemaName?: pulumi.Input; } /** * The resource properties associated with the integration source. */ interface SourceProcessingPropertiesPropertiesArgs { /** * The IAM role to access the Glue connection. */ roleArn: pulumi.Input; } /** * The resource properties associated with the integration target. */ interface TargetProcessingPropertiesPropertiesArgs { /** * The Glue network connection to configure the Glue job running in the customer VPC. */ connectionName?: pulumi.Input; /** * The ARN of an Eventbridge event bus to receive the integration status notification. */ eventBusArn?: pulumi.Input; /** * The ARN of the KMS key used for encryption. */ kmsArn?: pulumi.Input; /** * The IAM role to access the Glue database. */ roleArn: pulumi.Input; } /** * The actions initiated by this trigger. */ interface TriggerActionArgs { /** * The job arguments used when this trigger fires. For this job run, they replace the default arguments set in the job definition itself. */ arguments?: any; /** * The name of the crawler to be used with this action. */ crawlerName?: pulumi.Input; /** * The name of a job to be executed. */ jobName?: pulumi.Input; /** * Specifies configuration properties of a job run notification. */ notificationProperty?: pulumi.Input; /** * The name of the SecurityConfiguration structure to be used with this action. */ securityConfiguration?: pulumi.Input; /** * The JobRun timeout in minutes. This is the maximum time that a job run can consume resources before it is terminated and enters TIMEOUT status. The default is 2,880 minutes (48 hours). This overrides the timeout value set in the parent job. */ timeout?: pulumi.Input; } /** * Defines a condition under which a trigger fires. */ interface TriggerConditionArgs { /** * The state of the crawler to which this condition applies. */ crawlState?: pulumi.Input; /** * The name of the crawler to which this condition applies. */ crawlerName?: pulumi.Input; /** * The name of the job whose JobRuns this condition applies to, and on which this trigger waits. */ jobName?: pulumi.Input; /** * A logical operator. */ logicalOperator?: pulumi.Input; /** * The condition state. Currently, the values supported are SUCCEEDED, STOPPED, TIMEOUT, and FAILED. */ state?: pulumi.Input; } /** * Batch condition that must be met (specified number of events received or batch time window expired) before EventBridge event trigger fires. */ interface TriggerEventBatchingConditionArgs { /** * Number of events that must be received from Amazon EventBridge before EventBridge event trigger fires. */ batchSize: pulumi.Input; /** * Window of time in seconds after which EventBridge event trigger fires. Window starts when first event is received. */ batchWindow?: pulumi.Input; } /** * Specifies configuration properties of a job run notification. */ interface TriggerNotificationPropertyArgs { /** * After a job run starts, the number of minutes to wait before sending a job run delay notification */ notifyDelayAfter?: pulumi.Input; } /** * The predicate of this trigger, which defines when it will fire. */ interface TriggerPredicateArgs { /** * A list of the conditions that determine when the trigger will fire. */ conditions?: pulumi.Input[]>; /** * An optional field if only one condition is listed. If multiple conditions are listed, then this field is required. */ logical?: pulumi.Input; } interface UsageProfileConfigurationObjectArgs { allowedValues?: pulumi.Input[]>; defaultValue?: pulumi.Input; maxValue?: pulumi.Input; minValue?: pulumi.Input; } interface UsageProfileProfileConfigurationArgs { jobConfiguration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; sessionConfiguration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } } export declare namespace grafana { /** * Maps Grafana friendly names to the IdPs SAML attributes. */ interface WorkspaceAssertionAttributesArgs { /** * Name of the attribute within the SAML assert to use as the users email in Grafana. */ email?: pulumi.Input; /** * Name of the attribute within the SAML assert to use as the users groups in Grafana. */ groups?: pulumi.Input; /** * Name of the attribute within the SAML assert to use as the users login handle in Grafana. */ login?: pulumi.Input; /** * Name of the attribute within the SAML assert to use as the users name in Grafana. */ name?: pulumi.Input; /** * Name of the attribute within the SAML assert to use as the users organizations in Grafana. */ org?: pulumi.Input; /** * Name of the attribute within the SAML assert to use as the users roles in Grafana. */ role?: pulumi.Input; } /** * IdP Metadata used to configure SAML authentication in Grafana. */ interface WorkspaceIdpMetadataArgs { /** * URL that vends the IdPs metadata. */ url?: pulumi.Input; /** * XML blob of the IdPs metadata. */ xml?: pulumi.Input; } /** * The configuration settings for Network Access Control. */ interface WorkspaceNetworkAccessControlArgs { /** * The list of prefix list IDs. A prefix list is a list of CIDR ranges of IP addresses. The IP addresses specified are allowed to access your workspace. If the list is not included in the configuration then no IP addresses will be allowed to access the workspace. */ prefixListIds?: pulumi.Input[]>; /** * The list of Amazon VPC endpoint IDs for the workspace. If a NetworkAccessConfiguration is specified then only VPC endpoints specified here will be allowed to access the workspace. */ vpceIds?: pulumi.Input[]>; } /** * Maps SAML roles to the Grafana Editor and Admin roles. */ interface WorkspaceRoleValuesArgs { /** * List of SAML roles which will be mapped into the Grafana Admin role. */ admin?: pulumi.Input[]>; /** * List of SAML roles which will be mapped into the Grafana Editor role. */ editor?: pulumi.Input[]>; } /** * SAML configuration data associated with an AMG workspace. */ interface WorkspaceSamlConfigurationArgs { /** * List of SAML organizations allowed to access Grafana. */ allowedOrganizations?: pulumi.Input[]>; /** * A structure that defines which attributes in the SAML assertion are to be used to define information about the users authenticated by that IdP to use the workspace. */ assertionAttributes?: pulumi.Input; /** * A structure containing the identity provider (IdP) metadata used to integrate the identity provider with this workspace. */ idpMetadata: pulumi.Input; /** * The maximum lifetime an authenticated user can be logged in (in minutes) before being required to re-authenticate. */ loginValidityDuration?: pulumi.Input; /** * A structure containing arrays that map group names in the SAML assertion to the Grafana `Admin` and `Editor` roles in the workspace. */ roleValues?: pulumi.Input; } /** * The configuration settings for an Amazon VPC that contains data sources for your Grafana workspace to connect to. */ interface WorkspaceVpcConfigurationArgs { /** * The list of Amazon EC2 security group IDs attached to the Amazon VPC for your Grafana workspace to connect. */ securityGroupIds: pulumi.Input[]>; /** * The list of Amazon EC2 subnet IDs created in the Amazon VPC for your Grafana workspace to connect. */ subnetIds: pulumi.Input[]>; } } export declare namespace greengrassv2 { interface ComponentVersionComponentDependencyRequirementArgs { dependencyType?: pulumi.Input; versionRequirement?: pulumi.Input; } interface ComponentVersionComponentPlatformArgs { /** * A dictionary of attributes for the platform. The AWS IoT Greengrass Core software defines the `os` and `platform` by default. You can specify additional platform attributes for a core device when you deploy the AWS IoT Greengrass nucleus component. For more information, see the [AWS IoT Greengrass nucleus component](https://docs.aws.amazon.com/greengrass/v2/developerguide/greengrass-nucleus-component.html) in the *AWS IoT Greengrass V2 Developer Guide* . */ attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The friendly name of the platform. This name helps you identify the platform. * * If you omit this parameter, AWS IoT Greengrass creates a friendly name from the `os` and `architecture` of the platform. */ name?: pulumi.Input; } interface ComponentVersionLambdaContainerParamsArgs { /** * The list of system devices that the container can access. */ devices?: pulumi.Input[]>; /** * The memory size of the container, expressed in kilobytes. * * Default: `16384` (16 MB) */ memorySizeInKb?: pulumi.Input; /** * Whether or not the container can read information from the device's `/sys` folder. * * Default: `false` */ mountRoSysfs?: pulumi.Input; /** * The list of volumes that the container can access. */ volumes?: pulumi.Input[]>; } interface ComponentVersionLambdaDeviceMountArgs { /** * Whether or not to add the component's system user as an owner of the device. * * Default: `false` */ addGroupOwner?: pulumi.Input; /** * The mount path for the device in the file system. */ path?: pulumi.Input; /** * The permission to access the device: read/only ( `ro` ) or read/write ( `rw` ). * * Default: `ro` */ permission?: pulumi.Input; } interface ComponentVersionLambdaEventSourceArgs { /** * The topic to which to subscribe to receive event messages. */ topic?: pulumi.Input; /** * The type of event source. Choose from the following options: * * - `PUB_SUB` – Subscribe to local publish/subscribe messages. This event source type doesn't support MQTT wildcards ( `+` and `#` ) in the event source topic. * - `IOT_CORE` – Subscribe to AWS IoT Core MQTT messages. This event source type supports MQTT wildcards ( `+` and `#` ) in the event source topic. */ type?: pulumi.Input; } interface ComponentVersionLambdaExecutionParametersArgs { /** * The map of environment variables that are available to the Lambda function when it runs. */ environmentVariables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The list of event sources to which to subscribe to receive work messages. The Lambda function runs when it receives a message from an event source. You can subscribe this function to local publish/subscribe messages and AWS IoT Core MQTT messages. */ eventSources?: pulumi.Input[]>; /** * The list of arguments to pass to the Lambda function when it runs. */ execArgs?: pulumi.Input[]>; /** * The encoding type that the Lambda function supports. * * Default: `json` */ inputPayloadEncodingType?: pulumi.Input; /** * The parameters for the Linux process that contains the Lambda function. */ linuxProcessParams?: pulumi.Input; /** * The maximum amount of time in seconds that a non-pinned Lambda function can idle before the AWS IoT Greengrass Core software stops its process. */ maxIdleTimeInSeconds?: pulumi.Input; /** * The maximum number of instances that a non-pinned Lambda function can run at the same time. */ maxInstancesCount?: pulumi.Input; /** * The maximum size of the message queue for the Lambda function component. The AWS IoT Greengrass core device stores messages in a FIFO (first-in-first-out) queue until it can run the Lambda function to consume each message. */ maxQueueSize?: pulumi.Input; /** * Whether or not the Lambda function is pinned, or long-lived. * * - A pinned Lambda function starts when the AWS IoT Greengrass Core starts and keeps running in its own container. * - A non-pinned Lambda function starts only when it receives a work item and exists after it idles for `maxIdleTimeInSeconds` . If the function has multiple work items, the AWS IoT Greengrass Core software creates multiple instances of the function. * * Default: `true` */ pinned?: pulumi.Input; /** * The interval in seconds at which a pinned (also known as long-lived) Lambda function component sends status updates to the Lambda manager component. */ statusTimeoutInSeconds?: pulumi.Input; /** * The maximum amount of time in seconds that the Lambda function can process a work item. */ timeoutInSeconds?: pulumi.Input; } interface ComponentVersionLambdaFunctionRecipeSourceArgs { /** * The component versions on which this Lambda function component depends. */ componentDependencies?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The system and runtime parameters for the Lambda function as it runs on the AWS IoT Greengrass core device. */ componentLambdaParameters?: pulumi.Input; /** * The name of the component. * * Defaults to the name of the Lambda function. */ componentName?: pulumi.Input; /** * The platforms that the component version supports. */ componentPlatforms?: pulumi.Input[]>; /** * The version of the component. * * Defaults to the version of the Lambda function as a semantic version. For example, if your function version is `3` , the component version becomes `3.0.0` . */ componentVersion?: pulumi.Input; /** * The ARN of the Lambda function. The ARN must include the version of the function to import. You can't use version aliases like `$LATEST` . */ lambdaArn?: pulumi.Input; } interface ComponentVersionLambdaLinuxProcessParamsArgs { /** * The parameters for the container in which the Lambda function runs. */ containerParams?: pulumi.Input; /** * The isolation mode for the process that contains the Lambda function. The process can run in an isolated runtime environment inside the AWS IoT Greengrass container, or as a regular process outside any container. * * Default: `GreengrassContainer` */ isolationMode?: pulumi.Input; } interface ComponentVersionLambdaVolumeMountArgs { /** * Whether or not to add the AWS IoT Greengrass user group as an owner of the volume. * * Default: `false` */ addGroupOwner?: pulumi.Input; /** * The path to the logical volume in the file system. */ destinationPath?: pulumi.Input; /** * The permission to access the volume: read/only ( `ro` ) or read/write ( `rw` ). * * Default: `ro` */ permission?: pulumi.Input; /** * The path to the physical volume in the file system. */ sourcePath?: pulumi.Input; } interface DeploymentComponentConfigurationUpdateArgs { merge?: pulumi.Input; reset?: pulumi.Input[]>; } interface DeploymentComponentDeploymentSpecificationArgs { componentVersion?: pulumi.Input; configurationUpdate?: pulumi.Input; runWith?: pulumi.Input; } interface DeploymentComponentRunWithArgs { posixUser?: pulumi.Input; systemResourceLimits?: pulumi.Input; windowsUser?: pulumi.Input; } interface DeploymentComponentUpdatePolicyArgs { /** * Whether or not to notify components and wait for components to become safe to update. Choose from the following options: * * - `NOTIFY_COMPONENTS` – The deployment notifies each component before it stops and updates that component. Components can use the [SubscribeToComponentUpdates](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-subscribetocomponentupdates) IPC operation to receive these notifications. Then, components can respond with the [DeferComponentUpdate](https://docs.aws.amazon.com/greengrass/v2/developerguide/interprocess-communication.html#ipc-operation-defercomponentupdate) IPC operation. For more information, see the [Create deployments](https://docs.aws.amazon.com/greengrass/v2/developerguide/create-deployments.html) in the *AWS IoT Greengrass V2 Developer Guide* . * - `SKIP_NOTIFY_COMPONENTS` – The deployment doesn't notify components or wait for them to be safe to update. * * Default: `NOTIFY_COMPONENTS` */ action?: pulumi.Input; /** * The amount of time in seconds that each component on a device has to report that it's safe to update. If the component waits for longer than this timeout, then the deployment proceeds on the device. * * Default: `60` */ timeoutInSeconds?: pulumi.Input; } interface DeploymentConfigurationValidationPolicyArgs { /** * The amount of time in seconds that a component can validate its configuration updates. If the validation time exceeds this timeout, then the deployment proceeds for the device. * * Default: `30` */ timeoutInSeconds?: pulumi.Input; } interface DeploymentIoTJobAbortConfigArgs { /** * The list of criteria that define when and how to cancel the configuration deployment. */ criteriaList: pulumi.Input[]>; } interface DeploymentIoTJobAbortCriteriaArgs { /** * The action to perform when the criteria are met. */ action: pulumi.Input; /** * The type of job deployment failure that can cancel a job. */ failureType: pulumi.Input; /** * The minimum number of things that receive the configuration before the job can cancel. */ minNumberOfExecutedThings: pulumi.Input; /** * The minimum percentage of `failureType` failures that occur before the job can cancel. * * This parameter supports up to two digits after the decimal (for example, you can specify `10.9` or `10.99` , but not `10.999` ). */ thresholdPercentage: pulumi.Input; } interface DeploymentIoTJobConfigurationArgs { /** * The stop configuration for the job. This configuration defines when and how to stop a job rollout. */ abortConfig?: pulumi.Input; /** * The rollout configuration for the job. This configuration defines the rate at which the job rolls out to the fleet of target devices. */ jobExecutionsRolloutConfig?: pulumi.Input; /** * The timeout configuration for the job. This configuration defines the amount of time each device has to complete the job. */ timeoutConfig?: pulumi.Input; } interface DeploymentIoTJobExecutionsRolloutConfigArgs { /** * The exponential rate to increase the job rollout rate. */ exponentialRate?: pulumi.Input; /** * The maximum number of devices that receive a pending job notification, per minute. */ maximumPerMinute?: pulumi.Input; } interface DeploymentIoTJobExponentialRolloutRateArgs { /** * The minimum number of devices that receive a pending job notification, per minute, when the job starts. This parameter defines the initial rollout rate of the job. */ baseRatePerMinute: pulumi.Input; /** * The exponential factor to increase the rollout rate for the job. * * This parameter supports up to one digit after the decimal (for example, you can specify `1.5` , but not `1.55` ). */ incrementFactor: pulumi.Input; /** * The criteria to increase the rollout rate for the job. */ rateIncreaseCriteria: pulumi.Input; } interface DeploymentIoTJobRateIncreaseCriteriaArgs { } interface DeploymentIoTJobTimeoutConfigArgs { /** * The amount of time, in minutes, that devices have to complete the job. The timer starts when the job status is set to `IN_PROGRESS` . If the job status doesn't change to a terminal state before the time expires, then the job status is set to `TIMED_OUT` . * * The timeout interval must be between 1 minute and 7 days (10080 minutes). */ inProgressTimeoutInMinutes?: pulumi.Input; } interface DeploymentPoliciesArgs { /** * The component update policy for the configuration deployment. This policy defines when it's safe to deploy the configuration to devices. */ componentUpdatePolicy?: pulumi.Input; /** * The configuration validation policy for the configuration deployment. This policy defines how long each component has to validate its configure updates. */ configurationValidationPolicy?: pulumi.Input; /** * The failure handling policy for the configuration deployment. This policy defines what to do if the deployment fails. * * Default: `ROLLBACK` */ failureHandlingPolicy?: pulumi.Input; } interface DeploymentSystemResourceLimitsArgs { cpus?: pulumi.Input; memory?: pulumi.Input; } } export declare namespace groundstation { interface ConfigAntennaDownlinkConfigArgs { /** * Defines the spectrum configuration. */ spectrumConfig?: pulumi.Input; } interface ConfigAntennaDownlinkDemodDecodeConfigArgs { /** * Defines how the RF signal will be decoded. */ decodeConfig?: pulumi.Input; /** * Defines how the RF signal will be demodulated. */ demodulationConfig?: pulumi.Input; /** * Defines the spectrum configuration. */ spectrumConfig?: pulumi.Input; } interface ConfigAntennaUplinkConfigArgs { /** * Defines the spectrum configuration. */ spectrumConfig?: pulumi.Input; /** * The equivalent isotropically radiated power (EIRP) to use for uplink transmissions. Valid values are between 20.0 to 50.0 dBW. */ targetEirp?: pulumi.Input; /** * Whether or not uplink transmit is disabled. */ transmitDisabled?: pulumi.Input; } interface ConfigDataArgs { /** * Provides information for an antenna downlink config object. Antenna downlink config objects are used to provide parameters for downlinks where no demodulation or decoding is performed by Ground Station (RF over IP downlinks). */ antennaDownlinkConfig?: pulumi.Input; /** * Provides information for a downlink demod decode config object. Downlink demod decode config objects are used to provide parameters for downlinks where the Ground Station service will demodulate and decode the downlinked data. */ antennaDownlinkDemodDecodeConfig?: pulumi.Input; /** * Provides information for an uplink config object. Uplink config objects are used to provide parameters for uplink contacts. */ antennaUplinkConfig?: pulumi.Input; /** * Provides information for a dataflow endpoint config object. Dataflow endpoint config objects are used to provide parameters about which IP endpoint(s) to use during a contact. Dataflow endpoints are where Ground Station sends data during a downlink contact and where Ground Station receives data to send to the satellite during an uplink contact. */ dataflowEndpointConfig?: pulumi.Input; /** * Provides information for an S3 recording config object. S3 recording config objects are used to provide parameters for S3 recording during downlink contacts. */ s3RecordingConfig?: pulumi.Input; telemetrySinkConfig?: pulumi.Input; /** * Provides information for a tracking config object. Tracking config objects are used to provide parameters about how to track the satellite through the sky during a contact. */ trackingConfig?: pulumi.Input; /** * Provides information for an uplink echo config object. Uplink echo config objects are used to provide parameters for uplink echo during uplink contacts. */ uplinkEchoConfig?: pulumi.Input; } interface ConfigDataflowEndpointConfigArgs { /** * The name of the dataflow endpoint to use during contacts. */ dataflowEndpointName?: pulumi.Input; /** * The region of the dataflow endpoint to use during contacts. When omitted, Ground Station will use the region of the contact. */ dataflowEndpointRegion?: pulumi.Input; } interface ConfigDecodeConfigArgs { /** * The decoding settings are in JSON format and define a set of steps to perform to decode the data. */ unvalidatedJson?: pulumi.Input; } interface ConfigDemodulationConfigArgs { /** * The demodulation settings are in JSON format and define parameters for demodulation, for example which modulation scheme (e.g. PSK, QPSK, etc.) and matched filter to use. */ unvalidatedJson?: pulumi.Input; } interface ConfigEirpArgs { /** * The units of the EIRP. */ units?: pulumi.Input; /** * The value of the EIRP. Valid values are between 20.0 to 50.0 dBW. */ value?: pulumi.Input; } interface ConfigFrequencyArgs { /** * The units of the frequency. */ units?: pulumi.Input; /** * The value of the frequency. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink. */ value?: pulumi.Input; } interface ConfigFrequencyBandwidthArgs { /** * The units of the bandwidth. */ units?: pulumi.Input; /** * The value of the bandwidth. AWS Ground Station currently has the following bandwidth limitations: * * - For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz. * - For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz. * - For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz. */ value?: pulumi.Input; } interface ConfigKinesisDataStreamDataArgs { kinesisDataStreamArn: pulumi.Input; kinesisRoleArn: pulumi.Input; } interface ConfigS3RecordingConfigArgs { /** * S3 Bucket where the data is written. The name of the S3 Bucket provided must begin with `aws-groundstation` . */ bucketArn?: pulumi.Input; /** * The prefix of the S3 data object. If you choose to use any optional keys for substitution, these values will be replaced with the corresponding information from your contact details. For example, a prefix of `{satellite_id}/{year}/{month}/{day}/` will replaced with `fake_satellite_id/2021/01/10/` * * *Optional keys for substitution* : `{satellite_id}` | `{config-name}` | `{config-id}` | `{year}` | `{month}` | `{day}` */ prefix?: pulumi.Input; /** * Defines the ARN of the role assumed for putting archives to S3. */ roleArn?: pulumi.Input; } interface ConfigSpectrumConfigArgs { /** * The bandwidth of the spectrum. AWS Ground Station currently has the following bandwidth limitations: * * - For `AntennaDownlinkDemodDecodeconfig` , valid values are between 125 kHz to 650 MHz. * - For `AntennaDownlinkconfig` , valid values are between 10 kHz to 54 MHz. * - For `AntennaUplinkConfig` , valid values are between 10 kHz to 54 MHz. */ bandwidth?: pulumi.Input; /** * The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink. */ centerFrequency?: pulumi.Input; /** * The polarization of the spectrum. Valid values are `"RIGHT_HAND"` and `"LEFT_HAND"` . Capturing both `"RIGHT_HAND"` and `"LEFT_HAND"` polarization requires two separate configs. */ polarization?: pulumi.Input; } interface ConfigTelemetrySinkConfigArgs { telemetrySinkData: pulumi.Input; telemetrySinkType: pulumi.Input; } interface ConfigTelemetrySinkDataArgs { kinesisDataStreamData?: pulumi.Input; } interface ConfigTrackingConfigArgs { /** * Specifies whether or not to use autotrack. `REMOVED` specifies that program track should only be used during the contact. `PREFERRED` specifies that autotracking is preferred during the contact but fallback to program track if the signal is lost. `REQUIRED` specifies that autotracking is required during the contact and not to use program track if the signal is lost. */ autotrack?: pulumi.Input; } interface ConfigUplinkEchoConfigArgs { /** * Defines the ARN of the uplink config to echo back to a dataflow endpoint. */ antennaUplinkConfigArn?: pulumi.Input; /** * Whether or not uplink echo is enabled. */ enabled?: pulumi.Input; } interface ConfigUplinkSpectrumConfigArgs { /** * The center frequency of the spectrum. Valid values are between 2200 to 2300 MHz and 7750 to 8400 MHz for downlink and 2025 to 2120 MHz for uplink. */ centerFrequency?: pulumi.Input; /** * The polarization of the spectrum. Valid values are `"RIGHT_HAND"` and `"LEFT_HAND"` . */ polarization?: pulumi.Input; } /** * Information about AwsGroundStationAgentEndpoint. */ interface DataflowEndpointGroupAwsGroundStationAgentEndpointArgs { /** * The status of AgentEndpoint. */ agentStatus?: pulumi.Input; /** * The results of the audit. */ auditResults?: pulumi.Input; /** * The egress address of AgentEndpoint. */ egressAddress?: pulumi.Input; /** * The ingress address of AgentEndpoint. */ ingressAddress?: pulumi.Input; /** * Name string associated with AgentEndpoint. Used as a human-readable identifier for AgentEndpoint. */ name?: pulumi.Input; } /** * Egress address of AgentEndpoint with an optional mtu. */ interface DataflowEndpointGroupConnectionDetailsArgs { /** * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. */ mtu?: pulumi.Input; /** * A socket address. */ socketAddress?: pulumi.Input; } interface DataflowEndpointGroupDataflowEndpointArgs { /** * The address and port of an endpoint. */ address?: pulumi.Input; /** * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. Valid values are between 1400 and 1500. A default value of 1500 is used if not set. */ mtu?: pulumi.Input; /** * The endpoint name. * * When listing available contacts for a satellite, Ground Station searches for a dataflow endpoint whose name matches the value specified by the dataflow endpoint config of the selected mission profile. If no matching dataflow endpoints are found then Ground Station will not display any available contacts for the satellite. */ name?: pulumi.Input; } interface DataflowEndpointGroupEndpointDetailsArgs { /** * An agent endpoint. */ awsGroundStationAgentEndpoint?: pulumi.Input; /** * Information about the endpoint such as name and the endpoint address. */ endpoint?: pulumi.Input; /** * The role ARN, and IDs for security groups and subnets. */ securityDetails?: pulumi.Input; } /** * An integer range that has a minimum and maximum value. */ interface DataflowEndpointGroupIntegerRangeArgs { /** * A maximum value. */ maximum?: pulumi.Input; /** * A minimum value. */ minimum?: pulumi.Input; } /** * Ingress address of AgentEndpoint with a port range and an optional mtu. */ interface DataflowEndpointGroupRangedConnectionDetailsArgs { /** * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. */ mtu?: pulumi.Input; /** * A ranged socket address. */ socketAddress?: pulumi.Input; } /** * A socket address with a port range. */ interface DataflowEndpointGroupRangedSocketAddressArgs { /** * IPv4 socket address. */ name?: pulumi.Input; /** * Port range of a socket address. */ portRange?: pulumi.Input; } interface DataflowEndpointGroupSecurityDetailsArgs { /** * The ARN of a role which Ground Station has permission to assume, such as `arn:aws:iam::1234567890:role/DataDeliveryServiceRole` . * * Ground Station will assume this role and create an ENI in your VPC on the specified subnet upon creation of a dataflow endpoint group. This ENI is used as the ingress/egress point for data streamed during a satellite contact. */ roleArn?: pulumi.Input; /** * The security group Ids of the security role, such as `sg-1234567890abcdef0` . */ securityGroupIds?: pulumi.Input[]>; /** * The subnet Ids of the security details, such as `subnet-12345678` . */ subnetIds?: pulumi.Input[]>; } interface DataflowEndpointGroupSocketAddressArgs { /** * The name of the endpoint, such as `Endpoint 1` . */ name?: pulumi.Input; /** * The port of the endpoint, such as `55888` . */ port?: pulumi.Input; } /** * Socket address of an uplink or downlink agent endpoint with an optional mtu. */ interface DataflowEndpointGroupV2ConnectionDetailsArgs { /** * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. */ mtu?: pulumi.Input; /** * A socket address. */ socketAddress: pulumi.Input; } interface DataflowEndpointGroupV2CreateEndpointDetailsArgs { /** * Definition for a downlink agent endpoint */ downlinkAwsGroundStationAgentEndpoint?: pulumi.Input; /** * Definition for an uplink agent endpoint */ uplinkAwsGroundStationAgentEndpoint?: pulumi.Input; } /** * Information about DownlinkAwsGroundStationAgentEndpoint used for create */ interface DataflowEndpointGroupV2DownlinkAwsGroundStationAgentEndpointArgs { /** * Dataflow details for the downlink endpoint */ dataflowDetails: pulumi.Input; /** * Downlink dataflow endpoint name */ name: pulumi.Input; } /** * Connection details for downlink, from ground station to agent, and customer to agent */ interface DataflowEndpointGroupV2DownlinkConnectionDetailsArgs { /** * Agent IP and port address for the downlink connection. */ agentIpAndPortAddress: pulumi.Input; /** * Egress address and port for the downlink connection. */ egressAddressAndPort: pulumi.Input; } /** * Dataflow details for downlink */ interface DataflowEndpointGroupV2DownlinkDataflowDetailsArgs { /** * Downlink connection details for customer to Agent and Agent to Ground Station */ agentConnectionDetails?: pulumi.Input; } /** * An integer range that has a minimum and maximum value. */ interface DataflowEndpointGroupV2IntegerRangeArgs { /** * A maximum value. */ maximum: pulumi.Input; /** * A minimum value. */ minimum: pulumi.Input; } /** * Socket address of an uplink or downlink agent endpoint with a port range and an optional mtu. */ interface DataflowEndpointGroupV2RangedConnectionDetailsArgs { /** * Maximum transmission unit (MTU) size in bytes of a dataflow endpoint. */ mtu?: pulumi.Input; /** * A ranged socket address. */ socketAddress: pulumi.Input; } /** * A socket address with a port range. */ interface DataflowEndpointGroupV2RangedSocketAddressArgs { /** * IPv4 socket address. */ name: pulumi.Input; /** * Port range of a socket address. */ portRange: pulumi.Input; } interface DataflowEndpointGroupV2SocketAddressArgs { /** * IPv4 socket address. */ name: pulumi.Input; /** * Port of a socket address. */ port: pulumi.Input; } /** * Information about UplinkAwsGroundStationAgentEndpoint used for create */ interface DataflowEndpointGroupV2UplinkAwsGroundStationAgentEndpointArgs { /** * Dataflow details for the uplink endpoint */ dataflowDetails: pulumi.Input; /** * Uplink dataflow endpoint name */ name: pulumi.Input; } /** * Connection details for uplink, from ground station to agent, and customer to agent */ interface DataflowEndpointGroupV2UplinkConnectionDetailsArgs { /** * Agent IP and port address for the uplink connection. */ agentIpAndPortAddress: pulumi.Input; /** * Ingress address and port for the uplink connection. */ ingressAddressAndPort: pulumi.Input; } /** * Dataflow details for uplink */ interface DataflowEndpointGroupV2UplinkDataflowDetailsArgs { /** * Uplink connection details for customer to Agent and Agent to Ground Station */ agentConnectionDetails?: pulumi.Input; } interface MissionProfileDataflowEdgeArgs { /** * The ARN of the destination for this dataflow edge. For example, specify the ARN of a dataflow endpoint config for a downlink edge or an antenna uplink config for an uplink edge. */ destination?: pulumi.Input; /** * The ARN of the source for this dataflow edge. For example, specify the ARN of an antenna downlink config for a downlink edge or a dataflow endpoint config for an uplink edge. */ source?: pulumi.Input; } interface MissionProfileStreamsKmsKeyArgs { /** * KMS Alias Arn. */ kmsAliasArn?: pulumi.Input; /** * KMS Alias Name. */ kmsAliasName?: pulumi.Input; /** * KMS Key Arn. */ kmsKeyArn?: pulumi.Input; } } export declare namespace guardduty { interface DetectorCfnDataSourceConfigurationsArgs { /** * Describes which Kubernetes data sources are enabled for a detector. */ kubernetes?: pulumi.Input; /** * Describes whether Malware Protection will be enabled as a data source. */ malwareProtection?: pulumi.Input; /** * Describes whether S3 data event logs are enabled as a data source. */ s3Logs?: pulumi.Input; } interface DetectorCfnFeatureAdditionalConfigurationArgs { /** * Name of the additional configuration. */ name?: pulumi.Input; /** * Status of the additional configuration. */ status?: pulumi.Input; } interface DetectorCfnFeatureConfigurationArgs { /** * Information about the additional configuration of a feature in your account. */ additionalConfiguration?: pulumi.Input[]>; /** * Name of the feature. For a list of allowed values, see [DetectorFeatureConfiguration](https://docs.aws.amazon.com/guardduty/latest/APIReference/API_DetectorFeatureConfiguration.html#guardduty-Type-DetectorFeatureConfiguration-name) in the *GuardDuty API Reference* . */ name: pulumi.Input; /** * Status of the feature configuration. */ status: pulumi.Input; } interface DetectorCfnKubernetesAuditLogsConfigurationArgs { /** * Describes whether Kubernetes audit logs are enabled as a data source for the detector. */ enable: pulumi.Input; } interface DetectorCfnKubernetesConfigurationArgs { /** * Describes whether Kubernetes audit logs are enabled as a data source for the detector. */ auditLogs: pulumi.Input; } interface DetectorCfnMalwareProtectionConfigurationArgs { /** * Describes the configuration of Malware Protection for EC2 instances with findings. */ scanEc2InstanceWithFindings?: pulumi.Input; } interface DetectorCfnScanEc2InstanceWithFindingsConfigurationArgs { /** * Describes the configuration for scanning EBS volumes as data source. */ ebsVolumes?: pulumi.Input; } interface DetectorCfns3LogsConfigurationArgs { /** * The status of S3 data event logs as a data source. */ enable: pulumi.Input; } interface FilterConditionArgs { eq?: pulumi.Input[]>; equals?: pulumi.Input[]>; greaterThan?: pulumi.Input; greaterThanOrEqual?: pulumi.Input; gt?: pulumi.Input; gte?: pulumi.Input; lessThan?: pulumi.Input; lessThanOrEqual?: pulumi.Input; lt?: pulumi.Input; lte?: pulumi.Input; neq?: pulumi.Input[]>; notEquals?: pulumi.Input[]>; } interface FilterFindingCriteriaArgs { /** * Represents a map of finding properties that match specified conditions and values when querying findings. * * For information about JSON criterion mapping to their console equivalent, see [Finding criteria](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_filter-findings.html#filter_criteria) . The following are the available criterion: * * - accountId * - id * - region * - severity * * To filter on the basis of severity, the API and AWS CLI use the following input list for the `FindingCriteria` condition: * * - *Low* : `["1", "2", "3"]` * - *Medium* : `["4", "5", "6"]` * - *High* : `["7", "8", "9"]` * * For more information, see [Severity levels for GuardDuty findings](https://docs.aws.amazon.com/guardduty/latest/ug/guardduty_findings.html#guardduty_findings-severity) in the *Amazon GuardDuty User Guide* . * - type * - updatedAt * * Type: ISO 8601 string format: `YYYY-MM-DDTHH:MM:SS.SSSZ` or `YYYY-MM-DDTHH:MM:SSZ` depending on whether the value contains milliseconds. * - resource.accessKeyDetails.accessKeyId * - resource.accessKeyDetails.principalId * - resource.accessKeyDetails.userName * - resource.accessKeyDetails.userType * - resource.instanceDetails.iamInstanceProfile.id * - resource.instanceDetails.imageId * - resource.instanceDetails.instanceId * - resource.instanceDetails.tags.key * - resource.instanceDetails.tags.value * - resource.instanceDetails.networkInterfaces.ipv6Addresses * - resource.instanceDetails.networkInterfaces.privateIpAddresses.privateIpAddress * - resource.instanceDetails.networkInterfaces.publicDnsName * - resource.instanceDetails.networkInterfaces.publicIp * - resource.instanceDetails.networkInterfaces.securityGroups.groupId * - resource.instanceDetails.networkInterfaces.securityGroups.groupName * - resource.instanceDetails.networkInterfaces.subnetId * - resource.instanceDetails.networkInterfaces.vpcId * - resource.instanceDetails.outpostArn * - resource.resourceType * - resource.s3BucketDetails.publicAccess.effectivePermissions * - resource.s3BucketDetails.name * - resource.s3BucketDetails.tags.key * - resource.s3BucketDetails.tags.value * - resource.s3BucketDetails.type * - service.action.actionType * - service.action.awsApiCallAction.api * - service.action.awsApiCallAction.callerType * - service.action.awsApiCallAction.errorCode * - service.action.awsApiCallAction.remoteIpDetails.city.cityName * - service.action.awsApiCallAction.remoteIpDetails.country.countryName * - service.action.awsApiCallAction.remoteIpDetails.ipAddressV4 * - service.action.awsApiCallAction.remoteIpDetails.ipAddressV6 * - service.action.awsApiCallAction.remoteIpDetails.organization.asn * - service.action.awsApiCallAction.remoteIpDetails.organization.asnOrg * - service.action.awsApiCallAction.serviceName * - service.action.dnsRequestAction.domain * - service.action.dnsRequestAction.domainWithSuffix * - service.action.networkConnectionAction.blocked * - service.action.networkConnectionAction.connectionDirection * - service.action.networkConnectionAction.localPortDetails.port * - service.action.networkConnectionAction.protocol * - service.action.networkConnectionAction.remoteIpDetails.city.cityName * - service.action.networkConnectionAction.remoteIpDetails.country.countryName * - service.action.networkConnectionAction.remoteIpDetails.ipAddressV4 * - service.action.networkConnectionAction.remoteIpDetails.ipAddressV6 * - service.action.networkConnectionAction.remoteIpDetails.organization.asn * - service.action.networkConnectionAction.remoteIpDetails.organization.asnOrg * - service.action.networkConnectionAction.remotePortDetails.port * - service.action.awsApiCallAction.remoteAccountDetails.affiliated * - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV4 * - service.action.kubernetesApiCallAction.remoteIpDetails.ipAddressV6 * - service.action.kubernetesApiCallAction.namespace * - service.action.kubernetesApiCallAction.remoteIpDetails.organization.asn * - service.action.kubernetesApiCallAction.requestUri * - service.action.kubernetesApiCallAction.statusCode * - service.action.networkConnectionAction.localIpDetails.ipAddressV4 * - service.action.networkConnectionAction.localIpDetails.ipAddressV6 * - service.action.networkConnectionAction.protocol * - service.action.awsApiCallAction.serviceName * - service.action.awsApiCallAction.remoteAccountDetails.accountId * - service.additionalInfo.threatListName * - service.resourceRole * - resource.eksClusterDetails.name * - resource.kubernetesDetails.kubernetesWorkloadDetails.name * - resource.kubernetesDetails.kubernetesWorkloadDetails.namespace * - resource.kubernetesDetails.kubernetesUserDetails.username * - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.image * - resource.kubernetesDetails.kubernetesWorkloadDetails.containers.imagePrefix * - service.ebsVolumeScanDetails.scanId * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.name * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.severity * - service.ebsVolumeScanDetails.scanDetections.threatDetectedByName.threatNames.filePaths.hash * - service.malwareScanDetails.threats.name * - resource.ecsClusterDetails.name * - resource.ecsClusterDetails.taskDetails.containers.image * - resource.ecsClusterDetails.taskDetails.definitionArn * - resource.containerDetails.image * - resource.rdsDbInstanceDetails.dbInstanceIdentifier * - resource.rdsDbInstanceDetails.dbClusterIdentifier * - resource.rdsDbInstanceDetails.engine * - resource.rdsDbUserDetails.user * - resource.rdsDbInstanceDetails.tags.key * - resource.rdsDbInstanceDetails.tags.value * - service.runtimeDetails.process.executableSha256 * - service.runtimeDetails.process.name * - service.runtimeDetails.process.name * - resource.lambdaDetails.functionName * - resource.lambdaDetails.functionArn * - resource.lambdaDetails.tags.key * - resource.lambdaDetails.tags.value */ criterion?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface MalwareProtectionPlanCfnActionsArgs { /** * Contains information about tagging status of the Malware Protection plan resource. */ tagging?: pulumi.Input; } interface MalwareProtectionPlanCfnProtectedResourceArgs { /** * Information about the protected S3 bucket resource. */ s3Bucket: pulumi.Input; } /** * Information about the protected S3 bucket resource. */ interface MalwareProtectionPlanCfnProtectedResourceS3BucketPropertiesArgs { /** * Name of the S3 bucket. */ bucketName?: pulumi.Input; /** * Information about the specified object prefixes. The S3 object will be scanned only if it belongs to any of the specified object prefixes. */ objectPrefixes?: pulumi.Input[]>; } interface MalwareProtectionPlanCfnTaggingArgs { /** * Indicates whether or not you chose GuardDuty to add a predefined tag to the scanned S3 object. */ status?: pulumi.Input; } interface PublishingDestinationCfnDestinationPropertiesArgs { /** * The ARN of the resource to publish to. */ destinationArn?: pulumi.Input; /** * The ARN of the KMS key to use for encryption. */ kmsKeyArn?: pulumi.Input; } } export declare namespace healthlake { /** * The identity provider configuration for the datastore */ interface FhirDatastoreIdentityProviderConfigurationArgs { /** * Type of Authorization Strategy. The two types of supported Authorization strategies are SMART_ON_FHIR_V1 and AWS_AUTH. */ authorizationStrategy: pulumi.Input; /** * Flag to indicate if fine-grained authorization will be enabled for the datastore */ fineGrainedAuthorizationEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lambda function that will be used to decode the access token created by the authorization server. */ idpLambdaArn?: pulumi.Input; /** * The JSON metadata elements for identity provider configuration. */ metadata?: pulumi.Input; } /** * The customer-managed-key (CMK) used when creating a Data Store. If a customer owned key is not specified, an AWS owned key will be used for encryption. */ interface FhirDatastoreKmsEncryptionConfigArgs { /** * The type of customer-managed-key (CMK) used for encryption. The two types of supported CMKs are customer owned CMKs and AWS owned CMKs. */ cmkType: pulumi.Input; /** * The KMS encryption key id/alias used to encrypt the Data Store contents at rest. */ kmsKeyId?: pulumi.Input; } /** * The preloaded data configuration for the Data Store. Only data preloaded from Synthea is supported. */ interface FhirDatastorePreloadDataConfigArgs { /** * The type of preloaded data. Only Synthea preloaded data is supported. */ preloadDataType: pulumi.Input; } /** * The server-side encryption key configuration for a customer provided encryption key. */ interface FhirDatastoreSseConfigurationArgs { /** * The server-side encryption key configuration for a customer provided encryption key. */ kmsEncryptionConfig: pulumi.Input; } } export declare namespace iam { /** * Contains information about an attached policy. * An attached policy is a managed policy that has been attached to a user, group, or role. * For more information about managed policies, see [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *User Guide*. */ interface GroupPolicyArgs { /** * The policy document. */ policyDocument: any; /** * The friendly name (not ARN) identifying the policy. */ policyName: pulumi.Input; } /** * Contains information about an attached policy. * An attached policy is a managed policy that has been attached to a user, group, or role. * For more information about managed policies, refer to [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *User Guide*. */ interface RolePolicyArgs { /** * The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json). */ policyDocument: any; /** * The friendly name (not ARN) identifying the policy. */ policyName: pulumi.Input; } /** * The private key metadata for the SAML provider */ interface SamlProviderSamlPrivateKeyArgs { /** * The unique identifier for the SAML private key. */ keyId: pulumi.Input; /** * The date and time, in ISO 8601 date-time format, when the private key was uploaded. */ timestamp: pulumi.Input; } /** * Creates a password for the specified user, giving the user the ability to access AWS services through the console. For more information about managing passwords, see [Managing Passwords](https://docs.aws.amazon.com/IAM/latest/UserGuide/Using_ManagingLogins.html) in the *User Guide*. */ interface UserLoginProfileArgs { /** * The user's password. */ password: pulumi.Input; /** * Specifies whether the user is required to set a new password on next sign-in. */ passwordResetRequired?: pulumi.Input; } /** * Contains information about an attached policy. * An attached policy is a managed policy that has been attached to a user, group, or role. * For more information about managed policies, refer to [Managed Policies and Inline Policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/policies-managed-vs-inline.html) in the *User Guide*. */ interface UserPolicyArgs { /** * The entire contents of the policy that defines permissions. For more information, see [Overview of JSON policies](https://docs.aws.amazon.com/IAM/latest/UserGuide/access_policies.html#access_policies-json). */ policyDocument: any; /** * The friendly name (not ARN) identifying the policy. */ policyName: pulumi.Input; } } export declare namespace identitystore { /** * An object containing the identifier of a group member. */ interface GroupMembershipMemberIdArgs { /** * The identifier for a user in the identity store. */ userId: pulumi.Input; } } export declare namespace imagebuilder { /** * Configuration details of the component. */ interface ContainerRecipeComponentConfigurationArgs { /** * The Amazon Resource Name (ARN) of the component. */ componentArn?: pulumi.Input; /** * A group of parameter settings that are used to configure the component for a specific recipe. */ parameters?: pulumi.Input[]>; } /** * Contains a key/value pair that sets the named component parameter. */ interface ContainerRecipeComponentParameterArgs { /** * The name of the component parameter to set. */ name: pulumi.Input; /** * Sets the value for the named component parameter. */ value: pulumi.Input[]>; } /** * Amazon EBS-specific block device mapping specifications. */ interface ContainerRecipeEbsInstanceBlockDeviceSpecificationArgs { /** * Use to configure delete on termination of the associated device. */ deleteOnTermination?: pulumi.Input; /** * Use to configure device encryption. */ encrypted?: pulumi.Input; /** * Use to configure device IOPS. */ iops?: pulumi.Input; /** * Use to configure the KMS key to use when encrypting the device. */ kmsKeyId?: pulumi.Input; /** * The snapshot that defines the device contents. */ snapshotId?: pulumi.Input; /** * For GP3 volumes only - The throughput in MiB/s that the volume supports. */ throughput?: pulumi.Input; /** * Use to override the device's volume size. */ volumeSize?: pulumi.Input; /** * Use to override the device's volume type. */ volumeType?: pulumi.Input; } /** * Defines block device mappings for the instance used to configure your image. */ interface ContainerRecipeInstanceBlockDeviceMappingArgs { /** * The device to which these mappings apply. */ deviceName?: pulumi.Input; /** * Use to manage Amazon EBS-specific configuration for this mapping. */ ebs?: pulumi.Input; /** * Use to remove a mapping from the parent image. */ noDevice?: pulumi.Input; /** * Use to manage instance ephemeral devices. */ virtualName?: pulumi.Input; } /** * A group of options that can be used to configure an instance for building and testing container images. */ interface ContainerRecipeInstanceConfigurationArgs { /** * Defines the block devices to attach for building an instance from this Image Builder AMI. */ blockDeviceMappings?: pulumi.Input[]>; /** * The AMI ID to use as the base image for a container build and test instance. If not specified, Image Builder will use the appropriate ECS-optimized AMI as a base image. */ image?: pulumi.Input; } /** * The container repository where the output container image is stored. */ interface ContainerRecipeTargetContainerRepositoryArgs { /** * The name of the container repository where the output container image is stored. This name is prefixed by the repository location. */ repositoryName?: pulumi.Input; /** * Specifies the service in which this image was registered. */ service?: pulumi.Input; } /** * The specific AMI settings (for example, launch permissions, AMI tags). */ interface DistributionConfigurationAmiDistributionConfigurationArgs { /** * The tags to apply to AMIs distributed to this Region. */ amiTags?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The description of the AMI distribution configuration. */ description?: pulumi.Input; /** * The KMS key identifier used to encrypt the distributed image. */ kmsKeyId?: pulumi.Input; /** * Launch permissions can be used to configure which AWS account s can use the AMI to launch instances. */ launchPermissionConfiguration?: pulumi.Input; /** * The name of the AMI distribution configuration. */ name?: pulumi.Input; /** * The ID of accounts to which you want to distribute an image. */ targetAccountIds?: pulumi.Input[]>; } /** * Container distribution settings for encryption, licensing, and sharing in a specific Region. */ interface DistributionConfigurationContainerDistributionConfigurationArgs { /** * Tags that are attached to the container distribution configuration. */ containerTags?: pulumi.Input[]>; /** * The description of the container distribution configuration. */ description?: pulumi.Input; /** * The destination repository for the container distribution configuration. */ targetRepository?: pulumi.Input; } /** * The distributions of the distribution configuration. */ interface DistributionConfigurationDistributionArgs { /** * The specific AMI settings, such as launch permissions and AMI tags. For details, see example schema below. */ amiDistributionConfiguration?: pulumi.Input; /** * Container distribution settings for encryption, licensing, and sharing in a specific Region. For details, see example schema below. */ containerDistributionConfiguration?: pulumi.Input; /** * The Windows faster-launching configurations to use for AMI distribution. */ fastLaunchConfigurations?: pulumi.Input[]>; /** * A group of launchTemplateConfiguration settings that apply to image distribution. */ launchTemplateConfigurations?: pulumi.Input[]>; /** * The License Manager Configuration to associate with the AMI in the specified Region. */ licenseConfigurationArns?: pulumi.Input[]>; /** * region */ region: pulumi.Input; /** * The SSM parameter configurations to use for AMI distribution. */ ssmParameterConfigurations?: pulumi.Input[]>; } /** * The Windows faster-launching configuration to use for AMI distribution. */ interface DistributionConfigurationFastLaunchConfigurationArgs { /** * The owner account ID for the fast-launch enabled Windows AMI. */ accountId?: pulumi.Input; /** * A Boolean that represents the current state of faster launching for the Windows AMI. Set to true to start using Windows faster launching, or false to stop using it. */ enabled?: pulumi.Input; /** * The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots. */ launchTemplate?: pulumi.Input; /** * The maximum number of parallel instances that are launched for creating resources. */ maxParallelLaunches?: pulumi.Input; /** * Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled. */ snapshotConfiguration?: pulumi.Input; } /** * The launch template that the fast-launch enabled Windows AMI uses when it launches Windows instances to create pre-provisioned snapshots. */ interface DistributionConfigurationFastLaunchLaunchTemplateSpecificationArgs { /** * The ID of the launch template to use for faster launching for a Windows AMI. */ launchTemplateId?: pulumi.Input; /** * The name of the launch template to use for faster launching for a Windows AMI. */ launchTemplateName?: pulumi.Input; /** * The version of the launch template to use for faster launching for a Windows AMI. */ launchTemplateVersion?: pulumi.Input; } /** * Configuration settings for managing the number of snapshots that are created from pre-provisioned instances for the Windows AMI when faster launching is enabled. */ interface DistributionConfigurationFastLaunchSnapshotConfigurationArgs { /** * The number of pre-provisioned snapshots to keep on hand for a fast-launch enabled Windows AMI. */ targetResourceCount?: pulumi.Input; } /** * Launch permissions can be used to configure which AWS accounts can use the AMI to launch instances. */ interface DistributionConfigurationLaunchPermissionConfigurationArgs { /** * The ARN for an Amazon Web Services Organization that you want to share your AMI with. */ organizationArns?: pulumi.Input[]>; /** * The ARN for an Organizations organizational unit (OU) that you want to share your AMI with. */ organizationalUnitArns?: pulumi.Input[]>; /** * The name of the group. */ userGroups?: pulumi.Input[]>; /** * The AWS account ID. */ userIds?: pulumi.Input[]>; } /** * launchTemplateConfiguration settings that apply to image distribution. */ interface DistributionConfigurationLaunchTemplateConfigurationArgs { /** * The account ID that this configuration applies to. */ accountId?: pulumi.Input; /** * Identifies the EC2 launch template to use. */ launchTemplateId?: pulumi.Input; /** * Set the specified EC2 launch template as the default launch template for the specified account. */ setDefaultVersion?: pulumi.Input; } /** * The SSM parameter configuration for AMI distribution. */ interface DistributionConfigurationSsmParameterConfigurationArgs { /** * The account ID for the AMI to update the parameter with. */ amiAccountId?: pulumi.Input; /** * The data type of the SSM parameter. */ dataType?: pulumi.Input; /** * The name of the SSM parameter. */ parameterName: pulumi.Input; } /** * The destination repository for the container image. */ interface DistributionConfigurationTargetContainerRepositoryArgs { /** * The repository name of target container repository. */ repositoryName?: pulumi.Input; /** * The service of target container repository. */ service?: pulumi.Input; } /** * The deletion settings of the image, indicating whether to delete the underlying resources in addition to the image. */ interface ImageDeletionSettingsArgs { /** * The execution role to use for deleting the image, as well as underlying resources. */ executionRole: pulumi.Input; } /** * Settings for Image Builder to configure the ECR repository and output container images that are scanned. */ interface ImageEcrConfigurationArgs { /** * Tags for Image Builder to apply the output container image that is scanned. Tags can help you identify and manage your scanned images. */ containerTags?: pulumi.Input[]>; /** * The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don’t provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository to use for vulnerability scans for your output container images. */ repositoryName?: pulumi.Input; } /** * The logging configuration settings for the image. */ interface ImageLoggingConfigurationArgs { /** * The name of the log group for image build logs. */ logGroupName?: pulumi.Input; } /** * The auto-disable policy configuration for the image pipeline. */ interface ImagePipelineAutoDisablePolicyArgs { /** * The number of consecutive failures after which the pipeline should be automatically disabled. */ failureCount: pulumi.Input; } /** * Settings for Image Builder to configure the ECR repository and output container images that are scanned. */ interface ImagePipelineEcrConfigurationArgs { /** * Tags for Image Builder to apply the output container image that is scanned. Tags can help you identify and manage your scanned images. */ containerTags?: pulumi.Input[]>; /** * The name of the container repository that Amazon Inspector scans to identify findings for your container images. The name includes the path for the repository location. If you don't provide this information, Image Builder creates a repository in your account named image-builder-image-scanning-repository to use for vulnerability scans for your output container images. */ repositoryName?: pulumi.Input; } /** * The settings for starting an image pipeline execution. */ interface ImagePipelineExecutionSettingsArgs { /** * The deployment ID of the pipeline, used to trigger new image pipeline executions. */ deploymentId?: pulumi.Input; /** * Whether to trigger the image pipeline when the pipeline is updated. False by default. */ onUpdate?: pulumi.Input; } /** * Determines if tests should run after building the image. Image Builder defaults to enable tests to run following the image build, before image distribution. */ interface ImagePipelineImageScanningConfigurationArgs { /** * Contains ECR settings for vulnerability scans. */ ecrConfiguration?: pulumi.Input; /** * This sets whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image. */ imageScanningEnabled?: pulumi.Input; } /** * Image tests configuration. */ interface ImagePipelineImageTestsConfigurationArgs { /** * Defines if tests should be executed when building this image. */ imageTestsEnabled?: pulumi.Input; /** * The maximum time in minutes that tests are permitted to run. */ timeoutMinutes?: pulumi.Input; } /** * The logging configuration settings for the image pipeline. */ interface ImagePipelinePipelineLoggingConfigurationArgs { /** * The name of the log group for image build logs. */ imageLogGroupName?: pulumi.Input; /** * The name of the log group for pipeline execution logs. */ pipelineLogGroupName?: pulumi.Input; } /** * The schedule of the image pipeline. */ interface ImagePipelineScheduleArgs { /** * The auto-disable policy for the image pipeline. */ autoDisablePolicy?: pulumi.Input; /** * The condition configures when the pipeline should trigger a new image build. */ pipelineExecutionStartCondition?: pulumi.Input; /** * The expression determines how often EC2 Image Builder evaluates your pipelineExecutionStartCondition. */ scheduleExpression?: pulumi.Input; } /** * The workflow configuration of the image */ interface ImagePipelineWorkflowConfigurationArgs { /** * Define execution decision in case of workflow failure */ onFailure?: pulumi.Input; /** * The parallel group name */ parallelGroup?: pulumi.Input; /** * The parameters associated with the workflow */ parameters?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the workflow */ workflowArn?: pulumi.Input; } /** * A parameter associated with the workflow */ interface ImagePipelineWorkflowParameterArgs { /** * The name of the workflow parameter to set. */ name?: pulumi.Input; /** * Sets the value for the named workflow parameter. */ value?: pulumi.Input[]>; } /** * Specify additional settings and launch scripts for your build instances. */ interface ImageRecipeAdditionalInstanceConfigurationArgs { /** * Contains settings for the SSM agent on your build instance. */ systemsManagerAgent?: pulumi.Input; /** * Use this property to provide commands or a command script to run when you launch your build instance. */ userDataOverride?: pulumi.Input; } /** * Configuration details of the component. */ interface ImageRecipeComponentConfigurationArgs { /** * The Amazon Resource Name (ARN) of the component. */ componentArn?: pulumi.Input; /** * A group of parameter settings that are used to configure the component for a specific recipe. */ parameters?: pulumi.Input[]>; } /** * Contains a key/value pair that sets the named component parameter. */ interface ImageRecipeComponentParameterArgs { /** * The name of the component parameter to set. */ name: pulumi.Input; /** * Sets the value for the named component parameter. */ value: pulumi.Input[]>; } /** * Amazon EBS-specific block device mapping specifications. */ interface ImageRecipeEbsInstanceBlockDeviceSpecificationArgs { /** * Use to configure delete on termination of the associated device. */ deleteOnTermination?: pulumi.Input; /** * Use to configure device encryption. */ encrypted?: pulumi.Input; /** * Use to configure device IOPS. */ iops?: pulumi.Input; /** * Use to configure the KMS key to use when encrypting the device. */ kmsKeyId?: pulumi.Input; /** * The snapshot that defines the device contents. */ snapshotId?: pulumi.Input; /** * For GP3 volumes only - The throughput in MiB/s that the volume supports. */ throughput?: pulumi.Input; /** * Use to override the device's volume size. */ volumeSize?: pulumi.Input; /** * Use to override the device's volume type. */ volumeType?: pulumi.Input; } /** * Defines block device mappings for the instance used to configure your image. */ interface ImageRecipeInstanceBlockDeviceMappingArgs { /** * The device to which these mappings apply. */ deviceName?: pulumi.Input; /** * Use to manage Amazon EBS-specific configuration for this mapping. */ ebs?: pulumi.Input; /** * Use to remove a mapping from the parent image. */ noDevice?: pulumi.Input; /** * Use to manage instance ephemeral devices. */ virtualName?: pulumi.Input; } /** * Contains settings for the SSM agent on your build instance. */ interface ImageRecipeSystemsManagerAgentArgs { /** * Controls whether the SSM agent is removed from your final build image, prior to creating the new AMI. If this is set to true, then the agent is removed from the final image. If it's set to false, then the agent is left in, so that it is included in the new AMI. The default value is false. */ uninstallAfterBuild?: pulumi.Input; } /** * Contains settings for Image Builder image resource and container image scans. */ interface ImageScanningConfigurationArgs { /** * Contains ECR settings for vulnerability scans. */ ecrConfiguration?: pulumi.Input; /** * This sets whether Image Builder keeps a snapshot of the vulnerability scans that Amazon Inspector runs against the build instance when you create a new image. */ imageScanningEnabled?: pulumi.Input; } /** * The image tests configuration used when creating this image. */ interface ImageTestsConfigurationArgs { /** * ImageTestsEnabled */ imageTestsEnabled?: pulumi.Input; /** * TimeoutMinutes */ timeoutMinutes?: pulumi.Input; } /** * The workflow configuration of the image */ interface ImageWorkflowConfigurationArgs { /** * Define execution decision in case of workflow failure */ onFailure?: pulumi.Input; /** * The parallel group name */ parallelGroup?: pulumi.Input; /** * The parameters associated with the workflow */ parameters?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the workflow */ workflowArn?: pulumi.Input; } /** * A parameter associated with the workflow */ interface ImageWorkflowParameterArgs { /** * The name of the workflow parameter to set. */ name?: pulumi.Input; /** * Sets the value for the named workflow parameter. */ value?: pulumi.Input[]>; } /** * The instance metadata option settings for the infrastructure configuration. */ interface InfrastructureConfigurationInstanceMetadataOptionsArgs { /** * Limit the number of hops that an instance metadata request can traverse to reach its destination. */ httpPutResponseHopLimit?: pulumi.Input; /** * Indicates whether a signed token header is required for instance metadata retrieval requests. The values affect the response as follows: */ httpTokens?: pulumi.Input; } /** * The logging configuration of the infrastructure configuration. */ interface InfrastructureConfigurationLoggingArgs { /** * The Amazon S3 logging configuration. */ s3Logs?: pulumi.Input; } /** * The placement options */ interface InfrastructureConfigurationPlacementArgs { /** * AvailabilityZone */ availabilityZone?: pulumi.Input; /** * HostId */ hostId?: pulumi.Input; /** * HostResourceGroupArn */ hostResourceGroupArn?: pulumi.Input; /** * Tenancy */ tenancy?: pulumi.Input; } /** * The S3 path in which to store the logs. */ interface InfrastructureConfigurationS3LogsArgs { /** * S3BucketName */ s3BucketName?: pulumi.Input; /** * S3KeyPrefix */ s3KeyPrefix?: pulumi.Input; } /** * The action of the policy detail. */ interface LifecyclePolicyActionArgs { /** * Specifies the resources that the lifecycle policy applies to. */ includeResources?: pulumi.Input; /** * The action type of the policy detail. */ type: pulumi.Input; } /** * The AMI exclusion rules for the policy detail. */ interface LifecyclePolicyAmiExclusionRulesArgs { /** * Use to apply lifecycle policy actions on whether the AMI is public. */ isPublic?: pulumi.Input; /** * Use to apply lifecycle policy actions on AMIs launched before a certain time. */ lastLaunched?: pulumi.Input; /** * Use to apply lifecycle policy actions on AMIs distributed to a set of regions. */ regions?: pulumi.Input[]>; /** * Use to apply lifecycle policy actions on AMIs shared with a set of regions. */ sharedAccounts?: pulumi.Input[]>; /** * The AMIs to select by tag. */ tagMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The exclusion rules to apply of the policy detail. */ interface LifecyclePolicyExclusionRulesArgs { /** * Lists configuration values that apply to AMIs that Image Builder should exclude from the lifecycle action. */ amis?: pulumi.Input; /** * The Image Builder tags to filter on. */ tagMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The filters to apply of the policy detail. */ interface LifecyclePolicyFilterArgs { /** * The minimum number of Image Builder resources to retain. */ retainAtLeast?: pulumi.Input; /** * The filter type. */ type: pulumi.Input; /** * The value's time unit. */ unit?: pulumi.Input; /** * The filter value. */ value: pulumi.Input; } /** * The included resources of the policy detail. */ interface LifecyclePolicyIncludeResourcesArgs { /** * Use to configure lifecycle actions on AMIs. */ amis?: pulumi.Input; /** * Use to configure lifecycle actions on containers. */ containers?: pulumi.Input; /** * Use to configure lifecycle actions on snapshots. */ snapshots?: pulumi.Input; } /** * The last launched time of a resource. */ interface LifecyclePolicyLastLaunchedArgs { /** * The value's time unit. */ unit: pulumi.Input; /** * The last launched value. */ value: pulumi.Input; } /** * The policy detail of the lifecycle policy. */ interface LifecyclePolicyPolicyDetailArgs { /** * Configuration details for the policy action. */ action: pulumi.Input; /** * Additional rules to specify resources that should be exempt from policy actions. */ exclusionRules?: pulumi.Input; /** * Specifies the resources that the lifecycle policy applies to. */ filter: pulumi.Input; } /** * The recipe to apply the lifecycle policy for. */ interface LifecyclePolicyRecipeSelectionArgs { /** * The recipe name. */ name: pulumi.Input; /** * The recipe version. */ semanticVersion: pulumi.Input; } /** * The resource selection for the lifecycle policy. */ interface LifecyclePolicyResourceSelectionArgs { /** * The recipes to select. */ recipes?: pulumi.Input[]>; /** * The Image Builder resources to select by tag. */ tagMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } } export declare namespace inspector { interface AssessmentTemplateTagArgs { /** * A tag key. */ key: pulumi.Input; /** * A value assigned to a tag key. */ value: pulumi.Input; } interface ResourceGroupTagArgs { /** * A tag key. */ key: pulumi.Input; /** * A value assigned to a tag key. */ value: pulumi.Input; } } export declare namespace inspectorv2 { interface CisScanConfigurationCisTargetsArgs { accountIds: pulumi.Input[]>; targetResourceTags: pulumi.Input<{ [key: string]: any; }>; } interface CisScanConfigurationDailyScheduleArgs { startTime: pulumi.Input; } interface CisScanConfigurationMonthlyScheduleArgs { day: pulumi.Input; startTime: pulumi.Input; } interface CisScanConfigurationOneTimeScheduleArgs { } /** * Choose a Schedule cadence */ interface CisScanConfigurationScheduleArgs { daily?: pulumi.Input; monthly?: pulumi.Input; oneTime?: pulumi.Input; weekly?: pulumi.Input; } interface CisScanConfigurationTimeArgs { timeOfDay: pulumi.Input; timeZone: pulumi.Input; } interface CisScanConfigurationWeeklyScheduleArgs { days: pulumi.Input[]>; startTime: pulumi.Input; } interface CodeSecurityIntegrationCreateDetailsArgs { /** * Details specific to creating an integration with a self-managed GitLab instance. */ gitlabSelfManaged: pulumi.Input; } interface CodeSecurityIntegrationCreateGitLabSelfManagedIntegrationDetailArgs { /** * The personal access token used to authenticate with the self-managed GitLab instance. */ accessToken: pulumi.Input; /** * The URL of the self-managed GitLab instance. */ instanceUrl: pulumi.Input; } interface CodeSecurityIntegrationUpdateDetailsArgs { /** * Details specific to updating an integration with GitHub. */ github?: pulumi.Input; /** * Details specific to updating an integration with a self-managed GitLab instance. */ gitlabSelfManaged?: pulumi.Input; } interface CodeSecurityIntegrationUpdateGitHubIntegrationDetailArgs { /** * The authorization code received from GitHub to update the integration. */ code: pulumi.Input; /** * The installation ID of the GitHub App associated with the integration. */ installationId: pulumi.Input; } interface CodeSecurityIntegrationUpdateGitLabSelfManagedIntegrationDetailArgs { /** * The authorization code received from the self-managed GitLab instance to update the integration. */ authCode: pulumi.Input; } interface CodeSecurityScanConfigurationArgs { /** * Configuration settings for continuous integration scans that run automatically when code changes are made. */ continuousIntegrationScanConfiguration?: pulumi.Input; /** * Configuration settings for periodic scans that run on a scheduled basis. */ periodicScanConfiguration?: pulumi.Input; /** * The categories of security rules to be applied during the scan. */ ruleSetCategories: pulumi.Input[]>; } interface CodeSecurityScanConfigurationContinuousIntegrationScanConfigurationArgs { /** * The repository events that trigger continuous integration scans, such as pull requests or commits. */ supportedEvents: pulumi.Input[]>; } interface CodeSecurityScanConfigurationPeriodicScanConfigurationArgs { /** * The frequency at which periodic scans are performed (such as weekly or monthly). * * If you don't provide the `frequencyExpression` Amazon Inspector chooses day for the scan to run. If you provide the `frequencyExpression` , the schedule must match the specified `frequency` . */ frequency?: pulumi.Input; /** * The schedule expression for periodic scans, in cron format. */ frequencyExpression?: pulumi.Input; } interface CodeSecurityScanConfigurationScopeSettingsArgs { /** * The scope of projects to be selected for scanning within the integrated repositories. */ projectSelectionScope?: pulumi.Input; } interface FilterCriteriaArgs { /** * Details of the AWS account IDs used to filter findings. */ awsAccountId?: pulumi.Input[]>; codeVulnerabilityDetectorName?: pulumi.Input[]>; codeVulnerabilityDetectorTags?: pulumi.Input[]>; codeVulnerabilityFilePath?: pulumi.Input[]>; /** * Details of the component IDs used to filter findings. */ componentId?: pulumi.Input[]>; /** * Details of the component types used to filter findings. */ componentType?: pulumi.Input[]>; /** * Details of the Amazon EC2 instance image IDs used to filter findings. */ ec2InstanceImageId?: pulumi.Input[]>; /** * Details of the Amazon EC2 instance subnet IDs used to filter findings. */ ec2InstanceSubnetId?: pulumi.Input[]>; /** * Details of the Amazon EC2 instance VPC IDs used to filter findings. */ ec2InstanceVpcId?: pulumi.Input[]>; /** * Details of the Amazon ECR image architecture types used to filter findings. */ ecrImageArchitecture?: pulumi.Input[]>; /** * Details of the Amazon ECR image hashes used to filter findings. */ ecrImageHash?: pulumi.Input[]>; /** * Details on the Amazon ECR image push date and time used to filter findings. */ ecrImagePushedAt?: pulumi.Input[]>; /** * Details on the Amazon ECR registry used to filter findings. */ ecrImageRegistry?: pulumi.Input[]>; /** * Details on the name of the Amazon ECR repository used to filter findings. */ ecrImageRepositoryName?: pulumi.Input[]>; /** * The tags attached to the Amazon ECR container image. */ ecrImageTags?: pulumi.Input[]>; epssScore?: pulumi.Input[]>; exploitAvailable?: pulumi.Input[]>; /** * Details on the finding ARNs used to filter findings. */ findingArn?: pulumi.Input[]>; /** * Details on the finding status types used to filter findings. */ findingStatus?: pulumi.Input[]>; /** * Details on the finding types used to filter findings. */ findingType?: pulumi.Input[]>; /** * Details on the date and time a finding was first seen used to filter findings. */ firstObservedAt?: pulumi.Input[]>; fixAvailable?: pulumi.Input[]>; /** * The Amazon Inspector score to filter on. */ inspectorScore?: pulumi.Input[]>; lambdaFunctionExecutionRoleArn?: pulumi.Input[]>; lambdaFunctionLastModifiedAt?: pulumi.Input[]>; lambdaFunctionLayers?: pulumi.Input[]>; lambdaFunctionName?: pulumi.Input[]>; lambdaFunctionRuntime?: pulumi.Input[]>; /** * Details on the date and time a finding was last seen used to filter findings. */ lastObservedAt?: pulumi.Input[]>; /** * Details on network protocol used to filter findings. */ networkProtocol?: pulumi.Input[]>; /** * Details on the port ranges used to filter findings. */ portRange?: pulumi.Input[]>; /** * Details on the related vulnerabilities used to filter findings. */ relatedVulnerabilities?: pulumi.Input[]>; /** * Details on the resource IDs used to filter findings. */ resourceId?: pulumi.Input[]>; /** * Details on the resource tags used to filter findings. */ resourceTags?: pulumi.Input[]>; /** * Details on the resource types used to filter findings. */ resourceType?: pulumi.Input[]>; /** * Details on the severity used to filter findings. */ severity?: pulumi.Input[]>; /** * Details on the finding title used to filter findings. */ title?: pulumi.Input[]>; /** * Details on the date and time a finding was last updated at used to filter findings. */ updatedAt?: pulumi.Input[]>; /** * Details on the vendor severity used to filter findings. */ vendorSeverity?: pulumi.Input[]>; /** * Details on the vulnerability ID used to filter findings. */ vulnerabilityId?: pulumi.Input[]>; /** * Details on the vulnerability score to filter findings by. */ vulnerabilitySource?: pulumi.Input[]>; /** * Details on the vulnerable packages used to filter findings. */ vulnerablePackages?: pulumi.Input[]>; } interface FilterDateFilterArgs { endInclusive?: pulumi.Input; startInclusive?: pulumi.Input; } interface FilterMapFilterArgs { comparison: pulumi.Input; key?: pulumi.Input; value?: pulumi.Input; } interface FilterNumberFilterArgs { lowerInclusive?: pulumi.Input; upperInclusive?: pulumi.Input; } interface FilterPackageFilterArgs { architecture?: pulumi.Input; epoch?: pulumi.Input; filePath?: pulumi.Input; name?: pulumi.Input; release?: pulumi.Input; sourceLambdaLayerArn?: pulumi.Input; sourceLayerHash?: pulumi.Input; version?: pulumi.Input; } interface FilterPortRangeFilterArgs { beginInclusive?: pulumi.Input; endInclusive?: pulumi.Input; } interface FilterStringFilterArgs { comparison: pulumi.Input; value: pulumi.Input; } } export declare namespace interconnect { /** * The logical attachment point in your AWS network where the managed connection will be connected. */ interface ConnectionAttachPointArgs { /** * The ARN of the resource to attach to. */ arn?: pulumi.Input; /** * The ID of the Direct Connect Gateway to attach to. */ directConnectGateway?: pulumi.Input; } } export declare namespace internetmonitor { interface MonitorHealthEventsConfigArgs { /** * The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local availability issue. */ availabilityLocalHealthEventsConfig?: pulumi.Input; /** * The health event threshold percentage set for availability scores. When the overall availability score is at or below this percentage, Internet Monitor creates a health event. */ availabilityScoreThreshold?: pulumi.Input; /** * The configuration that determines the threshold and other conditions for when Internet Monitor creates a health event for a local performance issue. */ performanceLocalHealthEventsConfig?: pulumi.Input; /** * The health event threshold percentage set for performance scores. When the overall performance score is at or below this percentage, Internet Monitor creates a health event. */ performanceScoreThreshold?: pulumi.Input; } interface MonitorInternetMeasurementsLogDeliveryArgs { /** * The configuration for publishing Amazon CloudWatch Internet Monitor internet measurements to Amazon S3. */ s3Config?: pulumi.Input; } interface MonitorLocalHealthEventsConfigArgs { /** * The health event threshold percentage set for a local health score. */ healthScoreThreshold?: pulumi.Input; /** * The minimum percentage of overall traffic for an application that must be impacted by an issue before Internet Monitor creates an event when a threshold is crossed for a local health score. * * If you don't set a minimum traffic impact threshold, the default value is 0.01%. */ minTrafficImpact?: pulumi.Input; /** * The status of whether Internet Monitor creates a health event based on a threshold percentage set for a local health score. The status can be `ENABLED` or `DISABLED` . */ status?: pulumi.Input; } interface MonitorS3ConfigArgs { /** * The Amazon S3 bucket name for internet measurements publishing. */ bucketName?: pulumi.Input; /** * An optional Amazon S3 bucket prefix for internet measurements publishing. */ bucketPrefix?: pulumi.Input; /** * The status of publishing Internet Monitor internet measurements to an Amazon S3 bucket. The delivery status is `ENABLED` if you choose to deliver internet measurements to an S3 bucket, and `DISABLED` otherwise. */ logDeliveryStatus?: pulumi.Input; } } export declare namespace invoicing { interface InvoiceUnitRuleArgs { /** * The list of `LINKED_ACCOUNT` IDs where charges are included within the invoice unit. */ linkedAccounts: pulumi.Input[]>; } } export declare namespace iot { /** * The criteria that determine when and how a job abort takes place. */ interface AbortConfigPropertiesArgs { /** * The list of criteria that determine when and how to abort the job. */ criteriaList: pulumi.Input[]>; } /** * The configuration for a specific audit check. */ interface AccountAuditConfigurationAuditCheckConfigurationArgs { /** * True if the check is enabled. */ enabled?: pulumi.Input; } /** * Specifies which audit checks are enabled and disabled for this account. */ interface AccountAuditConfigurationAuditCheckConfigurationsArgs { /** * Checks the permissiveness of an authenticated Amazon Cognito identity pool role. For this check, AWS IoT Device Defender audits all Amazon Cognito identity pools that have been used to connect to the AWS IoT message broker during the 31 days before the audit is performed. */ authenticatedCognitoRoleOverlyPermissiveCheck?: pulumi.Input; /** * Checks if a CA certificate is expiring. This check applies to CA certificates expiring within 30 days or that have expired. */ caCertificateExpiringCheck?: pulumi.Input; /** * Checks the quality of the CA certificate key. The quality checks if the key is in a valid format, not expired, and if the key meets a minimum required size. This check applies to CA certificates that are `ACTIVE` or `PENDING_TRANSFER` . */ caCertificateKeyQualityCheck?: pulumi.Input; /** * Checks if multiple devices connect using the same client ID. */ conflictingClientIdsCheck?: pulumi.Input; /** * Checks when a device certificate has been active for a number of days greater than or equal to the number you specify. */ deviceCertificateAgeCheck?: pulumi.Input; /** * Checks if a device certificate is expiring. By default, this check applies to device certificates expiring within 30 days or that have expired. You can modify this threshold by configuring the DeviceCertExpirationAuditCheckConfiguration. */ deviceCertificateExpiringCheck?: pulumi.Input; /** * Checks the quality of the device certificate key. The quality checks if the key is in a valid format, not expired, signed by a registered certificate authority, and if the key meets a minimum required size. */ deviceCertificateKeyQualityCheck?: pulumi.Input; /** * Checks if multiple concurrent connections use the same X.509 certificate to authenticate with AWS IoT . */ deviceCertificateSharedCheck?: pulumi.Input; /** * Checks if device certificates are still active despite being revoked by an intermediate CA. */ intermediateCaRevokedForActiveDeviceCertificatesCheck?: pulumi.Input; /** * Checks if an AWS IoT policy is potentially misconfigured. Misconfigured policies, including overly permissive policies, can cause security incidents like allowing devices access to unintended resources. This check is a warning for you to make sure that only intended actions are allowed before updating the policy. */ ioTPolicyPotentialMisConfigurationCheck?: pulumi.Input; /** * Checks the permissiveness of a policy attached to an authenticated Amazon Cognito identity pool role. */ iotPolicyOverlyPermissiveCheck?: pulumi.Input; /** * Checks if a role alias has access to services that haven't been used for the AWS IoT device in the last year. */ iotRoleAliasAllowsAccessToUnusedServicesCheck?: pulumi.Input; /** * Checks if the temporary credentials provided by AWS IoT role aliases are overly permissive. */ iotRoleAliasOverlyPermissiveCheck?: pulumi.Input; /** * Checks if AWS IoT logs are disabled. */ loggingDisabledCheck?: pulumi.Input; /** * Checks if a revoked CA certificate is still active. */ revokedCaCertificateStillActiveCheck?: pulumi.Input; /** * Checks if a revoked device certificate is still active. */ revokedDeviceCertificateStillActiveCheck?: pulumi.Input; /** * Checks if policy attached to an unauthenticated Amazon Cognito identity pool role is too permissive. */ unauthenticatedCognitoRoleOverlyPermissiveCheck?: pulumi.Input; } interface AccountAuditConfigurationAuditNotificationTargetArgs { /** * True if notifications to the target are enabled. */ enabled?: pulumi.Input; /** * The ARN of the role that grants permission to send notifications to the target. */ roleArn?: pulumi.Input; /** * The ARN of the target (SNS topic) to which audit notifications are sent. */ targetArn?: pulumi.Input; } /** * Information about the targets to which audit notifications are sent. */ interface AccountAuditConfigurationAuditNotificationTargetConfigurationsArgs { /** * The `Sns` notification target. */ sns?: pulumi.Input; } /** * A structure containing the configName and corresponding configValue for configuring audit checks. */ interface AccountAuditConfigurationCertAgeCheckCustomConfigurationArgs { /** * The number of days that defines when a device certificate is considered to have aged. The check will report a finding if a certificate has been active for a number of days greater than or equal to this threshold value. */ certAgeThresholdInDays?: pulumi.Input; } /** * A structure containing the configName and corresponding configValue for configuring audit checks. */ interface AccountAuditConfigurationCertExpirationCheckCustomConfigurationArgs { /** * The number of days before expiration that defines when a device certificate is considered to be approaching expiration. The check will report a finding if a certificate will expire within this number of days. */ certExpirationThresholdInDays?: pulumi.Input; } /** * A structure containing the configName and corresponding configValue for configuring DeviceCertAgeCheck. */ interface AccountAuditConfigurationDeviceCertAgeAuditCheckConfigurationArgs { /** * Configuration settings for the device certificate age check, including the threshold in days for certificate age. This configuration is of type `CertAgeCheckCustomConfiguration` . */ configuration?: pulumi.Input; /** * True if the check is enabled. */ enabled?: pulumi.Input; } /** * A structure containing the configName and corresponding configValue for configuring DeviceCertExpirationCheck. */ interface AccountAuditConfigurationDeviceCertExpirationAuditCheckConfigurationArgs { /** * Configuration settings for the device certificate expiration check, including the threshold in days before expiration. This configuration is of type `CertExpirationCheckCustomConfiguration` */ configuration?: pulumi.Input; /** * True if the check is enabled. */ enabled?: pulumi.Input; } /** * The properties of the billing group. */ interface BillingGroupPropertiesPropertiesArgs { /** * The description of the billing group. */ billingGroupDescription?: pulumi.Input; } interface CaCertificateRegistrationConfigArgs { /** * The ARN of the role. */ roleArn?: pulumi.Input; /** * The template body. */ templateBody?: pulumi.Input; /** * The name of the provisioning template. */ templateName?: pulumi.Input; } interface CommandAwsJsonSubstitutionCommandPreprocessorConfigArgs { outputFormat: pulumi.Input; } interface CommandParameterArgs { defaultValue?: pulumi.Input; description?: pulumi.Input; name: pulumi.Input; type?: pulumi.Input; value?: pulumi.Input; valueConditions?: pulumi.Input[]>; } interface CommandParameterValueArgs { b?: pulumi.Input; bin?: pulumi.Input; d?: pulumi.Input; i?: pulumi.Input; l?: pulumi.Input; s?: pulumi.Input; ul?: pulumi.Input; } interface CommandParameterValueComparisonOperandArgs { number?: pulumi.Input; numberRange?: pulumi.Input; numbers?: pulumi.Input[]>; string?: pulumi.Input; strings?: pulumi.Input[]>; } interface CommandParameterValueConditionArgs { comparisonOperator: pulumi.Input; operand: pulumi.Input; } interface CommandParameterValueNumberRangeArgs { max: pulumi.Input; min: pulumi.Input; } interface CommandPayloadArgs { content?: pulumi.Input; contentType?: pulumi.Input; } interface CommandPreprocessorArgs { awsJsonSubstitution?: pulumi.Input; } interface DomainConfigurationAuthorizerConfigArgs { /** * A Boolean that specifies whether the domain configuration's authorization service can be overridden. */ allowAuthorizerOverride?: pulumi.Input; /** * The name of the authorization service for a domain configuration. */ defaultAuthorizerName?: pulumi.Input; } interface DomainConfigurationClientCertificateConfigArgs { /** * The ARN of the Lambda function that IoT invokes after mutual TLS authentication during the connection. */ clientCertificateCallbackArn?: pulumi.Input; } interface DomainConfigurationServerCertificateConfigArgs { /** * A Boolean value that indicates whether Online Certificate Status Protocol (OCSP) server certificate check is enabled or not. For more information, see [Configurable endpoints](https://docs.aws.amazon.com//iot/latest/developerguide/iot-custom-endpoints-configurable.html) from the AWS IoT Core Developer Guide. */ enableOcspCheck?: pulumi.Input; /** * The Amazon Resource Name (ARN) for an X.509 certificate stored in ACM. If provided, AWS IoT Core will use this certificate to validate the signature of the received OCSP response. The OCSP responder must sign responses using either this authorized responder certificate or the issuing certificate, depending on whether the ARN is provided or not. The certificate must be in the same account and region as the domain configuration. */ ocspAuthorizedResponderArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) for a Lambda function that acts as a Request for Comments (RFC) 6960-compliant Online Certificate Status Protocol (OCSP) responder, supporting basic OCSP responses. The Lambda function accepts a base64-encoding of the OCSP request in the Distinguished Encoding Rules (DER) format. The Lambda function's response is also a base64-encoded OCSP response in the DER format. The response size must not exceed 4 kilobytes (KiB). The Lambda function must be in the same account and region as the domain configuration. */ ocspLambdaArn?: pulumi.Input; } interface DomainConfigurationTlsConfigArgs { /** * The security policy for a domain configuration. For more information, see [Security policies](https://docs.aws.amazon.com/iot/latest/developerguide/transport-security.html#tls-policy-table) in the *AWS IoT Core developer guide* . */ securityPolicy?: pulumi.Input; } /** * Aggregation types supported by Fleet Indexing */ interface FleetMetricAggregationTypeArgs { /** * Fleet Indexing aggregation type names such as Statistics, Percentiles and Cardinality */ name: pulumi.Input; /** * Fleet Indexing aggregation type values */ values: pulumi.Input[]>; } /** * Allows you to create the criteria to retry a job. */ interface JobExecutionsRetryConfigPropertiesArgs { /** * The list of criteria that determines how many retries are allowed for each failure type for a job. */ retryCriteriaList?: pulumi.Input[]>; } /** * Allows you to create a staged rollout of a job. */ interface JobExecutionsRolloutConfigPropertiesArgs { /** * The rate of increase for a job rollout. This parameter allows you to define an exponential rate for a job rollout. */ exponentialRolloutRate?: pulumi.Input; /** * The maximum number of things that will be notified of a pending job, per minute. This parameter allows you to create a staged rollout. */ maximumPerMinute?: pulumi.Input; } /** * The criteria that determine when and how a job abort takes place. */ interface JobTemplateAbortCriteriaArgs { /** * The type of job action to take to initiate the job abort. */ action: pulumi.Input; /** * The type of job execution failures that can initiate a job abort. */ failureType: pulumi.Input; /** * The minimum number of things which must receive job execution notifications before the job can be aborted. */ minNumberOfExecutedThings: pulumi.Input; /** * The minimum percentage of job execution failures that must occur to initiate the job abort. */ thresholdPercentage: pulumi.Input; } /** * Allows you to create an exponential rate of rollout for a job. */ interface JobTemplateExponentialRolloutRateArgs { /** * The minimum number of things that will be notified of a pending job, per minute at the start of job rollout. This parameter allows you to define the initial rate of rollout. */ baseRatePerMinute: pulumi.Input; /** * The exponential factor to increase the rate of rollout for a job. */ incrementFactor: pulumi.Input; /** * The criteria to initiate the increase in rate of rollout for a job. */ rateIncreaseCriteria: pulumi.Input; } /** * Specifies a start time and duration for a scheduled Job. */ interface JobTemplateMaintenanceWindowArgs { /** * Displays the duration of the next maintenance window. */ durationInMinutes?: pulumi.Input; /** * Displays the start time of the next maintenance window. */ startTime?: pulumi.Input; } interface JobTemplateRateIncreaseCriteriaArgs { /** * The threshold for number of notified things that will initiate the increase in rate of rollout. */ numberOfNotifiedThings?: pulumi.Input; /** * The threshold for number of succeeded things that will initiate the increase in rate of rollout. */ numberOfSucceededThings?: pulumi.Input; } /** * Specifies how many times a failure type should be retried. */ interface JobTemplateRetryCriteriaArgs { /** * The type of job execution failures that can initiate a job retry. */ failureType?: pulumi.Input; /** * The number of retries allowed for a failure type for the job. */ numberOfRetries?: pulumi.Input; } /** * Configuration for event-based logging that specifies which event types to log and their logging settings. Used for account-level logging overrides. */ interface LoggingEventConfigurationArgs { /** * The type of event to log. These include event types like Connect, Publish, and Disconnect. */ eventType: pulumi.Input; /** * CloudWatch Log Group for event-based logging. Specifies where log events should be sent. The log destination for event-based logging overrides default Log Group for the specified event type and applies to all resources associated with that event. */ logDestination?: pulumi.Input; /** * The logging level for the specified event type. Determines the verbosity of log messages generated for this event type. */ logLevel?: pulumi.Input; } /** * A structure containing the mqtt topic for metrics export. */ interface MetricsExportConfigPropertiesArgs { /** * The topic for metrics export. */ mqttTopic: pulumi.Input; /** * The ARN of the role that grants permission to publish to mqtt topic. */ roleArn: pulumi.Input; } /** * The set of parameters for this mitigation action. You can specify only one type of parameter (in other words, you can apply only one action for each defined mitigation action). */ interface MitigationActionActionParamsArgs { /** * Specifies the group to which you want to add the devices. */ addThingsToThingGroupParams?: pulumi.Input; /** * Specifies the logging level and the role with permissions for logging. You cannot specify a logging level of `DISABLED` . */ enableIoTLoggingParams?: pulumi.Input; /** * Specifies the topic to which the finding should be published. */ publishFindingToSnsParams?: pulumi.Input; /** * Replaces the policy version with a default or blank policy. You specify the template name. Only a value of `BLANK_POLICY` is currently supported. */ replaceDefaultPolicyVersionParams?: pulumi.Input; /** * Specifies the new state for the CA certificate. Only a value of `DEACTIVATE` is currently supported. */ updateCaCertificateParams?: pulumi.Input; /** * Specifies the new state for a device certificate. Only a value of `DEACTIVATE` is currently supported. */ updateDeviceCertificateParams?: pulumi.Input; } /** * Parameters to define a mitigation action that moves devices associated with a certificate to one or more specified thing groups, typically for quarantine. */ interface MitigationActionAddThingsToThingGroupParamsArgs { /** * Specifies if this mitigation action can move the things that triggered the mitigation action out of one or more dynamic thing groups. */ overrideDynamicGroups?: pulumi.Input; /** * The list of groups to which you want to add the things that triggered the mitigation action. */ thingGroupNames: pulumi.Input[]>; } /** * Parameters to define a mitigation action that enables AWS IoT logging at a specified level of detail. */ interface MitigationActionEnableIoTLoggingParamsArgs { /** * Specifies which types of information are logged. */ logLevel: pulumi.Input; /** * The ARN of the IAM role used for logging. */ roleArnForLogging: pulumi.Input; } /** * Parameters, to define a mitigation action that publishes findings to Amazon SNS. You can implement your own custom actions in response to the Amazon SNS messages. */ interface MitigationActionPublishFindingToSnsParamsArgs { /** * The ARN of the topic to which you want to publish the findings. */ topicArn: pulumi.Input; } /** * Parameters to define a mitigation action that adds a blank policy to restrict permissions. */ interface MitigationActionReplaceDefaultPolicyVersionParamsArgs { /** * The name of the template to be applied. The only supported value is `BLANK_POLICY` . */ templateName: pulumi.Input; } /** * Parameters to define a mitigation action that changes the state of the CA certificate to inactive. */ interface MitigationActionUpdateCaCertificateParamsArgs { /** * The action that you want to apply to the CA certificate. The only supported value is `DEACTIVATE` . */ action: pulumi.Input; } /** * Parameters to define a mitigation action that changes the state of the device certificate to inactive. */ interface MitigationActionUpdateDeviceCertificateParamsArgs { /** * The action that you want to apply to the device certificate. The only supported value is `DEACTIVATE` . */ action: pulumi.Input; } /** * Configuration for pre-signed S3 URLs. */ interface PresignedUrlConfigPropertiesArgs { /** * How long (in seconds) pre-signed URLs are valid. Valid values are 60 - 3600, the default value is 3600 seconds. Pre-signed URLs are generated when Jobs receives an MQTT request for the job document. */ expiresInSec?: pulumi.Input; /** * The ARN of an IAM role that grants grants permission to download files from the S3 bucket where the job data/updates are stored. The role must also grant permission for IoT to download the files. * * > For information about addressing the confused deputy problem, see [cross-service confused deputy prevention](https://docs.aws.amazon.com/iot/latest/developerguide/cross-service-confused-deputy-prevention.html) in the *AWS IoT Core developer guide* . */ roleArn: pulumi.Input; } interface ProvisioningTemplateProvisioningHookArgs { /** * The payload that was sent to the target function. The valid payload is `"2020-04-01"` . */ payloadVersion?: pulumi.Input; /** * The ARN of the target function. */ targetArn?: pulumi.Input; } /** * A structure containing the alert target ARN and the role ARN. */ interface SecurityProfileAlertTargetArgs { /** * The ARN of the notification target to which alerts are sent. */ alertTargetArn: pulumi.Input; /** * The ARN of the role that grants permission to send alerts to the notification target. */ roleArn: pulumi.Input; } /** * A security profile behavior. */ interface SecurityProfileBehaviorArgs { /** * The criteria that determine if a device is behaving normally in regard to the `metric` . * * > In the AWS IoT console, you can choose to be sent an alert through Amazon SNS when AWS IoT Device Defender detects that a device is behaving anomalously. */ criteria?: pulumi.Input; /** * Value indicates exporting metrics related to the behavior when it is true. */ exportMetric?: pulumi.Input; /** * What is measured by the behavior. */ metric?: pulumi.Input; /** * The dimension of the metric. */ metricDimension?: pulumi.Input; /** * The name for the behavior. */ name: pulumi.Input; /** * Manage Detect alarm SNS notifications by setting behavior notification to on or suppressed. Detect will continue to performing device behavior evaluations. However, suppressed alarms wouldn't be forwarded for SNS notification. */ suppressAlerts?: pulumi.Input; } /** * The criteria by which the behavior is determined to be normal. */ interface SecurityProfileBehaviorCriteriaArgs { /** * The operator that relates the thing measured (metric) to the criteria (containing a value or statisticalThreshold). */ comparisonOperator?: pulumi.Input; /** * If a device is in violation of the behavior for the specified number of consecutive datapoints, an alarm occurs. If not specified, the default is 1. */ consecutiveDatapointsToAlarm?: pulumi.Input; /** * If an alarm has occurred and the offending device is no longer in violation of the behavior for the specified number of consecutive datapoints, the alarm is cleared. If not specified, the default is 1. */ consecutiveDatapointsToClear?: pulumi.Input; /** * Use this to specify the time duration over which the behavior is evaluated. */ durationSeconds?: pulumi.Input; /** * The confidence level of the detection model. */ mlDetectionConfig?: pulumi.Input; /** * A statistical ranking (percentile)that indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. */ statisticalThreshold?: pulumi.Input; /** * The value to be compared with the `metric` . */ value?: pulumi.Input; } /** * The configuration of an ML Detect Security Profile. */ interface SecurityProfileMachineLearningDetectionConfigArgs { /** * The sensitivity of anomalous behavior evaluation. Can be Low, Medium, or High. */ confidenceLevel?: pulumi.Input; } /** * The dimension of a metric. */ interface SecurityProfileMetricDimensionArgs { /** * A unique identifier for the dimension. */ dimensionName: pulumi.Input; /** * Defines how the dimensionValues of a dimension are interpreted. */ operator?: pulumi.Input; } /** * The metric you want to retain. Dimensions are optional. */ interface SecurityProfileMetricToRetainArgs { /** * The value indicates exporting metrics related to the `MetricToRetain` when it's true. */ exportMetric?: pulumi.Input; /** * What is measured by the behavior. */ metric: pulumi.Input; /** * The dimension of the metric. */ metricDimension?: pulumi.Input; } /** * The value to be compared with the metric. */ interface SecurityProfileMetricValueArgs { /** * If the ComparisonOperator calls for a set of CIDRs, use this to specify that set to be compared with the metric. */ cidrs?: pulumi.Input[]>; /** * If the ComparisonOperator calls for a numeric value, use this to specify that (integer) numeric value to be compared with the metric. */ count?: pulumi.Input; /** * The numeral value of a metric. */ number?: pulumi.Input; /** * The numeral values of a metric. */ numbers?: pulumi.Input[]>; /** * If the ComparisonOperator calls for a set of ports, use this to specify that set to be compared with the metric. */ ports?: pulumi.Input[]>; /** * The string values of a metric. */ strings?: pulumi.Input[]>; } /** * A statistical ranking (percentile) which indicates a threshold value by which a behavior is determined to be in compliance or in violation of the behavior. */ interface SecurityProfileStatisticalThresholdArgs { /** * The percentile which resolves to a threshold value by which compliance with a behavior is determined */ statistic?: pulumi.Input; } /** * The artifact location of the package version */ interface SoftwarePackageVersionPackageVersionArtifactArgs { s3Location: pulumi.Input; } /** * The Amazon S3 location */ interface SoftwarePackageVersionS3LocationArgs { /** * The S3 bucket */ bucket: pulumi.Input; /** * The S3 key */ key: pulumi.Input; /** * The S3 version */ version: pulumi.Input; } /** * The sbom zip archive location of the package version */ interface SoftwarePackageVersionSbomArgs { s3Location: pulumi.Input; } interface ThingAttributePayloadArgs { /** * A JSON string containing up to three key-value pair in JSON format. For example: * * `{\"attributes\":{\"string1\":\"string2\"}}` */ attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface ThingGroupAttributePayloadArgs { /** * A JSON string containing up to three key-value pair in JSON format. For example: * * `{\"attributes\":{\"string1\":\"string2\"}}` */ attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Thing group properties. */ interface ThingGroupPropertiesPropertiesArgs { /** * The thing group attributes in JSON format. */ attributePayload?: pulumi.Input; /** * The thing group description. */ thingGroupDescription?: pulumi.Input; } interface ThingTypePropagatingAttributeArgs { /** * The attribute associated with the connection details. */ connectionAttribute?: pulumi.Input; /** * The thing attribute that is propagating for MQTT 5 message enrichment. */ thingAttribute?: pulumi.Input; /** * The key of the MQTT 5 user property, which is a key-value pair. */ userPropertyKey: pulumi.Input; } /** * The thing type properties for the thing type to create. It contains information about the new thing type including a description, a list of searchable thing attribute names, and a list of propagating attributes. After a thing type is created, you can only update `Mqtt5Configuration` . */ interface ThingTypePropertiesPropertiesArgs { /** * The configuration to add user-defined properties to enrich MQTT 5 messages. */ mqtt5Configuration?: pulumi.Input; /** * A list of searchable thing attribute names. */ searchableAttributes?: pulumi.Input[]>; /** * The description of the thing type. */ thingTypeDescription?: pulumi.Input; } /** * The configuration to add user-defined properties to enrich MQTT 5 messages. */ interface ThingTypePropertiesPropertiesMqtt5ConfigurationPropertiesArgs { propagatingAttributes?: pulumi.Input[]>; } /** * Specifies the amount of time each device has to finish its execution of the job. */ interface TimeoutConfigPropertiesArgs { /** * Specifies the amount of time, in minutes, this device has to finish execution of this job. The timeout interval can be anywhere between 1 minute and 7 days (1 to 10080 minutes). The in progress timer can't be updated and will apply to all job executions for the job. Whenever a job execution remains in the IN_PROGRESS status for longer than this interval, the job execution will fail and switch to the terminal `TIMED_OUT` status. */ inProgressTimeoutInMinutes: pulumi.Input; } interface TopicRuleActionArgs { /** * Change the state of a CloudWatch alarm. */ cloudwatchAlarm?: pulumi.Input; /** * Sends data to CloudWatch. */ cloudwatchLogs?: pulumi.Input; /** * Capture a CloudWatch metric. */ cloudwatchMetric?: pulumi.Input; /** * Write to a DynamoDB table. This is a new version of the DynamoDB action. It allows you to write each attribute in an MQTT message payload into a separate DynamoDB column. */ dynamoDBv2?: pulumi.Input; /** * Write to a DynamoDB table. */ dynamoDb?: pulumi.Input; /** * Write data to an Amazon OpenSearch Service domain. * * > The `Elasticsearch` action can only be used by existing rule actions. To create a new rule action or to update an existing rule action, use the `OpenSearch` rule action instead. For more information, see [OpenSearchAction](https://docs.aws.amazon.com//iot/latest/apireference/API_OpenSearchAction.html) . */ elasticsearch?: pulumi.Input; /** * Write to an Amazon Kinesis Firehose stream. */ firehose?: pulumi.Input; /** * Send data to an HTTPS endpoint. */ http?: pulumi.Input; /** * Sends message data to an AWS IoT Analytics channel. */ iotAnalytics?: pulumi.Input; /** * Sends an input to an AWS IoT Events detector. */ iotEvents?: pulumi.Input; /** * Sends data from the MQTT message that triggered the rule to AWS IoT SiteWise asset properties. */ iotSiteWise?: pulumi.Input; /** * Send messages to an Amazon Managed Streaming for Apache Kafka (Amazon MSK) or self-managed Apache Kafka cluster. */ kafka?: pulumi.Input; /** * Write data to an Amazon Kinesis stream. */ kinesis?: pulumi.Input; /** * Invoke a Lambda function. */ lambda?: pulumi.Input; /** * Sends device location data to [Amazon Location Service](https://docs.aws.amazon.com//location/latest/developerguide/welcome.html) . */ location?: pulumi.Input; /** * Write data to an Amazon OpenSearch Service domain. */ openSearch?: pulumi.Input; /** * Publish to another MQTT topic. */ republish?: pulumi.Input; /** * Write to an Amazon S3 bucket. */ s3?: pulumi.Input; /** * Publish to an Amazon SNS topic. */ sns?: pulumi.Input; /** * Publish to an Amazon SQS queue. */ sqs?: pulumi.Input; /** * Starts execution of a Step Functions state machine. */ stepFunctions?: pulumi.Input; /** * Writes attributes from an MQTT message. */ timestream?: pulumi.Input; } interface TopicRuleAssetPropertyTimestampArgs { /** * Optional. A string that contains the nanosecond time offset. Accepts substitution templates. */ offsetInNanos?: pulumi.Input; /** * A string that contains the time in seconds since epoch. Accepts substitution templates. */ timeInSeconds: pulumi.Input; } interface TopicRuleAssetPropertyValueArgs { /** * Optional. A string that describes the quality of the value. Accepts substitution templates. Must be `GOOD` , `BAD` , or `UNCERTAIN` . */ quality?: pulumi.Input; /** * The asset property value timestamp. */ timestamp: pulumi.Input; /** * The value of the asset property. */ value: pulumi.Input; } interface TopicRuleAssetPropertyVariantArgs { /** * Optional. A string that contains the boolean value ( `true` or `false` ) of the value entry. Accepts substitution templates. */ booleanValue?: pulumi.Input; /** * Optional. A string that contains the double value of the value entry. Accepts substitution templates. */ doubleValue?: pulumi.Input; /** * Optional. A string that contains the integer value of the value entry. Accepts substitution templates. */ integerValue?: pulumi.Input; /** * Optional. The string value of the value entry. Accepts substitution templates. */ stringValue?: pulumi.Input; } interface TopicRuleBatchConfigArgs { maxBatchOpenMs?: pulumi.Input; maxBatchSize?: pulumi.Input; maxBatchSizeBytes?: pulumi.Input; } interface TopicRuleCloudwatchAlarmActionArgs { /** * The CloudWatch alarm name. */ alarmName: pulumi.Input; /** * The IAM role that allows access to the CloudWatch alarm. */ roleArn: pulumi.Input; /** * The reason for the alarm change. */ stateReason: pulumi.Input; /** * The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. */ stateValue: pulumi.Input; } interface TopicRuleCloudwatchLogsActionArgs { /** * Indicates whether batches of log records will be extracted and uploaded into CloudWatch. */ batchMode?: pulumi.Input; /** * The CloudWatch log name. */ logGroupName: pulumi.Input; /** * The IAM role that allows access to the CloudWatch log. */ roleArn: pulumi.Input; } interface TopicRuleCloudwatchMetricActionArgs { /** * The CloudWatch metric name. */ metricName: pulumi.Input; /** * The CloudWatch metric namespace name. */ metricNamespace: pulumi.Input; /** * An optional [Unix timestamp](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp) . */ metricTimestamp?: pulumi.Input; /** * The [metric unit](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) supported by CloudWatch. */ metricUnit: pulumi.Input; /** * The CloudWatch metric value. */ metricValue: pulumi.Input; /** * The IAM role that allows access to the CloudWatch metric. */ roleArn: pulumi.Input; } interface TopicRuleDestinationHttpUrlDestinationSummaryArgs { /** * The URL used to confirm the HTTP topic rule destination URL. */ confirmationUrl?: pulumi.Input; } interface TopicRuleDestinationVpcDestinationPropertiesArgs { /** * The ARN of a role that has permission to create and attach to elastic network interfaces (ENIs). */ roleArn?: pulumi.Input; /** * The security groups of the VPC destination. */ securityGroups?: pulumi.Input[]>; /** * The subnet IDs of the VPC destination. */ subnetIds?: pulumi.Input[]>; /** * The ID of the VPC. */ vpcId?: pulumi.Input; } interface TopicRuleDynamoDBv2ActionArgs { /** * Specifies the DynamoDB table to which the message data will be written. For example: * * `{ "dynamoDBv2": { "roleArn": "aws:iam:12341251:my-role" "putItem": { "tableName": "my-table" } } }` * * Each attribute in the message payload will be written to a separate column in the DynamoDB database. */ putItem?: pulumi.Input; /** * The ARN of the IAM role that grants access to the DynamoDB table. */ roleArn?: pulumi.Input; } interface TopicRuleDynamoDbActionArgs { /** * The hash key name. */ hashKeyField: pulumi.Input; /** * The hash key type. Valid values are "STRING" or "NUMBER" */ hashKeyType?: pulumi.Input; /** * The hash key value. */ hashKeyValue: pulumi.Input; /** * The action payload. This name can be customized. */ payloadField?: pulumi.Input; /** * The range key name. */ rangeKeyField?: pulumi.Input; /** * The range key type. Valid values are "STRING" or "NUMBER" */ rangeKeyType?: pulumi.Input; /** * The range key value. */ rangeKeyValue?: pulumi.Input; /** * The ARN of the IAM role that grants access to the DynamoDB table. */ roleArn: pulumi.Input; /** * The name of the DynamoDB table. */ tableName: pulumi.Input; } interface TopicRuleElasticsearchActionArgs { /** * The endpoint of your OpenSearch domain. */ endpoint: pulumi.Input; /** * The unique identifier for the document you are storing. */ id: pulumi.Input; /** * The index where you want to store your data. */ index: pulumi.Input; /** * The IAM role ARN that has access to OpenSearch. */ roleArn: pulumi.Input; /** * The type of document you are storing. */ type: pulumi.Input; } interface TopicRuleFirehoseActionArgs { /** * Whether to deliver the Kinesis Data Firehose stream as a batch by using [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) . The default value is `false` . * * When `batchMode` is `true` and the rule's SQL statement evaluates to an Array, each Array element forms one record in the [`PutRecordBatch`](https://docs.aws.amazon.com/firehose/latest/APIReference/API_PutRecordBatch.html) request. The resulting array can't have more than 500 records. */ batchMode?: pulumi.Input; /** * The delivery stream name. */ deliveryStreamName: pulumi.Input; /** * The IAM role that grants access to the Amazon Kinesis Firehose stream. */ roleArn: pulumi.Input; /** * A character separator that will be used to separate records written to the Firehose stream. Valid values are: '\n' (newline), '\t' (tab), '\r\n' (Windows newline), ',' (comma). */ separator?: pulumi.Input; } interface TopicRuleHttpActionArgs { /** * The authentication method to use when sending data to an HTTPS endpoint. */ auth?: pulumi.Input; batchConfig?: pulumi.Input; /** * The URL to which AWS IoT sends a confirmation message. The value of the confirmation URL must be a prefix of the endpoint URL. If you do not specify a confirmation URL AWS IoT uses the endpoint URL as the confirmation URL. If you use substitution templates in the confirmationUrl, you must create and enable topic rule destinations that match each possible value of the substitution template before traffic is allowed to your endpoint URL. */ confirmationUrl?: pulumi.Input; enableBatching?: pulumi.Input; /** * The HTTP headers to send with the message data. */ headers?: pulumi.Input[]>; /** * The endpoint URL. If substitution templates are used in the URL, you must also specify a `confirmationUrl` . If this is a new destination, a new `TopicRuleDestination` is created if possible. */ url: pulumi.Input; } interface TopicRuleHttpActionHeaderArgs { /** * The HTTP header key. */ key: pulumi.Input; /** * The HTTP header value. Substitution templates are supported. */ value: pulumi.Input; } interface TopicRuleHttpAuthorizationArgs { /** * Use Sig V4 authorization. For more information, see [Signature Version 4 Signing Process](https://docs.aws.amazon.com/general/latest/gr/signature-version-4.html) . */ sigv4?: pulumi.Input; } interface TopicRuleIotAnalyticsActionArgs { /** * Whether to process the action as a batch. The default value is `false` . * * When `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is delivered as a separate message when passed by [`BatchPutMessage`](https://docs.aws.amazon.com/iotanalytics/latest/APIReference/API_BatchPutMessage.html) The resulting array can't have more than 100 messages. */ batchMode?: pulumi.Input; /** * The name of the IoT Analytics channel to which message data will be sent. */ channelName: pulumi.Input; /** * The ARN of the role which has a policy that grants IoT Analytics permission to send message data via IoT Analytics (iotanalytics:BatchPutMessage). */ roleArn: pulumi.Input; } interface TopicRuleIotEventsActionArgs { /** * Whether to process the event actions as a batch. The default value is `false` . * * When `batchMode` is `true` , you can't specify a `messageId` . * * When `batchMode` is `true` and the rule SQL statement evaluates to an Array, each Array element is treated as a separate message when Events by calling [`BatchPutMessage`](https://docs.aws.amazon.com/iotevents/latest/apireference/API_iotevents-data_BatchPutMessage.html) . The resulting array can't have more than 10 messages. */ batchMode?: pulumi.Input; /** * The name of the AWS IoT Events input. */ inputName: pulumi.Input; /** * The ID of the message. The default `messageId` is a new UUID value. * * When `batchMode` is `true` , you can't specify a `messageId` --a new UUID value will be assigned. * * Assign a value to this property to ensure that only one input (message) with a given `messageId` will be processed by an AWS IoT Events detector. */ messageId?: pulumi.Input; /** * The ARN of the role that grants AWS IoT permission to send an input to an AWS IoT Events detector. ("Action":"iotevents:BatchPutMessage"). */ roleArn: pulumi.Input; } interface TopicRuleIotSiteWiseActionArgs { /** * A list of asset property value entries. */ putAssetPropertyValueEntries: pulumi.Input[]>; /** * The ARN of the role that grants AWS IoT permission to send an asset property value to AWS IoT SiteWise. ( `"Action": "iotsitewise:BatchPutAssetPropertyValue"` ). The trust policy can restrict access to specific asset hierarchy paths. */ roleArn: pulumi.Input; } interface TopicRuleKafkaActionArgs { /** * Properties of the Apache Kafka producer client. */ clientProperties: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The ARN of Kafka action's VPC `TopicRuleDestination` . */ destinationArn: pulumi.Input; /** * The list of Kafka headers that you specify. */ headers?: pulumi.Input[]>; /** * The Kafka message key. */ key?: pulumi.Input; /** * The Kafka message partition. */ partition?: pulumi.Input; /** * The Kafka topic for messages to be sent to the Kafka broker. */ topic: pulumi.Input; } interface TopicRuleKafkaActionHeaderArgs { /** * The key of the Kafka header. */ key: pulumi.Input; /** * The value of the Kafka header. */ value: pulumi.Input; } interface TopicRuleKinesisActionArgs { /** * The partition key. */ partitionKey?: pulumi.Input; /** * The ARN of the IAM role that grants access to the Amazon Kinesis stream. */ roleArn: pulumi.Input; /** * The name of the Amazon Kinesis stream. */ streamName: pulumi.Input; } interface TopicRuleLambdaActionArgs { /** * The ARN of the Lambda function. */ functionArn?: pulumi.Input; } interface TopicRuleLocationActionArgs { /** * The unique ID of the device providing the location data. */ deviceId: pulumi.Input; /** * A string that evaluates to a double value that represents the latitude of the device's location. */ latitude: pulumi.Input; /** * A string that evaluates to a double value that represents the longitude of the device's location. */ longitude: pulumi.Input; /** * The IAM role that grants permission to write to the Amazon Location resource. */ roleArn: pulumi.Input; /** * The time that the location data was sampled. The default value is the time the MQTT message was processed. */ timestamp?: pulumi.Input; /** * The name of the tracker resource in Amazon Location in which the location is updated. */ trackerName: pulumi.Input; } interface TopicRuleOpenSearchActionArgs { /** * The endpoint of your OpenSearch domain. */ endpoint: pulumi.Input; /** * The unique identifier for the document you are storing. */ id: pulumi.Input; /** * The OpenSearch index where you want to store your data. */ index: pulumi.Input; /** * The IAM role ARN that has access to OpenSearch. */ roleArn: pulumi.Input; /** * The type of document you are storing. */ type: pulumi.Input; } interface TopicRulePayloadArgs { /** * The actions associated with the rule. */ actions: pulumi.Input[]>; /** * The version of the SQL rules engine to use when evaluating the rule. * * The default value is 2015-10-08. */ awsIotSqlVersion?: pulumi.Input; /** * The description of the rule. */ description?: pulumi.Input; /** * The action to take when an error occurs. */ errorAction?: pulumi.Input; /** * Specifies whether the rule is disabled. */ ruleDisabled?: pulumi.Input; /** * The SQL statement used to query the topic. For more information, see [AWS IoT SQL Reference](https://docs.aws.amazon.com/iot/latest/developerguide/iot-sql-reference.html) in the *AWS IoT Developer Guide* . */ sql: pulumi.Input; } interface TopicRulePutAssetPropertyValueEntryArgs { /** * The ID of the AWS IoT SiteWise asset. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates. */ assetId?: pulumi.Input; /** * Optional. A unique identifier for this entry that you can define to better track which message caused an error in case of failure. Accepts substitution templates. Defaults to a new UUID. */ entryId?: pulumi.Input; /** * The name of the property alias associated with your asset property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates. */ propertyAlias?: pulumi.Input; /** * The ID of the asset's property. You must specify either a `propertyAlias` or both an `aliasId` and a `propertyId` . Accepts substitution templates. */ propertyId?: pulumi.Input; /** * A list of property values to insert that each contain timestamp, quality, and value (TQV) information. */ propertyValues: pulumi.Input[]>; } interface TopicRulePutItemInputArgs { /** * The table where the message data will be written. */ tableName: pulumi.Input; } interface TopicRuleRepublishActionArgs { /** * MQTT Version 5.0 headers information. For more information, see [MQTT](https://docs.aws.amazon.com//iot/latest/developerguide/mqtt.html) in the IoT Core Developer Guide. */ headers?: pulumi.Input; /** * The Quality of Service (QoS) level to use when republishing messages. The default value is 0. */ qos?: pulumi.Input; /** * The ARN of the IAM role that grants access. */ roleArn: pulumi.Input; /** * The name of the MQTT topic. */ topic: pulumi.Input; } interface TopicRuleRepublishActionHeadersArgs { /** * A UTF-8 encoded string that describes the content of the publishing message. * * For more information, see [Content Type](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901118) in the MQTT Version 5.0 specification. * * Supports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) . */ contentType?: pulumi.Input; /** * The base64-encoded binary data used by the sender of the request message to identify which request the response message is for. * * For more information, see [Correlation Data](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901115) in the MQTT Version 5.0 specification. * * Supports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) . * * > This binary data must be base64-encoded. */ correlationData?: pulumi.Input; /** * A user-defined integer value that represents the message expiry interval at the broker. If the messages haven't been sent to the subscribers within that interval, the message expires and is removed. The value of `messageExpiry` represents the number of seconds before it expires. For more information about the limits of `messageExpiry` , see [Message broker and protocol limits and quotas](https://docs.aws.amazon.com//general/latest/gr/iot-core.html#limits_iot) in the IoT Core Reference Guide. * * Supports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) . */ messageExpiry?: pulumi.Input; /** * An `Enum` string value that indicates whether the payload is formatted as UTF-8. * * Valid values are `UNSPECIFIED_BYTES` and `UTF8_DATA` . * * For more information, see [Payload Format Indicator](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901111) from the MQTT Version 5.0 specification. * * Supports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) . */ payloadFormatIndicator?: pulumi.Input; /** * A UTF-8 encoded string that's used as the topic name for a response message. The response topic is used to describe the topic to which the receiver should publish as part of the request-response flow. The topic must not contain wildcard characters. * * For more information, see [Response Topic](https://docs.aws.amazon.com/https://docs.oasis-open.org/mqtt/mqtt/v5.0/os/mqtt-v5.0-os.html#_Toc3901114) in the MQTT Version 5.0 specification. * * Supports [substitution templates](https://docs.aws.amazon.com//iot/latest/developerguide/iot-substitution-templates.html) . */ responseTopic?: pulumi.Input; /** * An array of key-value pairs that you define in the MQTT5 header. */ userProperties?: pulumi.Input[]>; } interface TopicRuleS3ActionArgs { /** * The Amazon S3 bucket. */ bucketName: pulumi.Input; /** * The Amazon S3 canned ACL that controls access to the object identified by the object key. For more information, see [S3 canned ACLs](https://docs.aws.amazon.com/AmazonS3/latest/dev/acl-overview.html#canned-acl) . */ cannedAcl?: pulumi.Input; /** * The object key. For more information, see [Actions, resources, and condition keys for Amazon S3](https://docs.aws.amazon.com/AmazonS3/latest/dev/list_amazons3.html) . */ key: pulumi.Input; /** * The ARN of the IAM role that grants access. */ roleArn: pulumi.Input; } interface TopicRuleSigV4AuthorizationArgs { /** * The ARN of the signing role. */ roleArn: pulumi.Input; /** * The service name to use while signing with Sig V4. */ serviceName: pulumi.Input; /** * The signing region. */ signingRegion: pulumi.Input; } interface TopicRuleSnsActionArgs { /** * (Optional) The message format of the message to publish. Accepted values are "JSON" and "RAW". The default value of the attribute is "RAW". SNS uses this setting to determine if the payload should be parsed and relevant platform-specific bits of the payload should be extracted. For more information, see [Amazon SNS Message and JSON Formats](https://docs.aws.amazon.com/sns/latest/dg/json-formats.html) in the *Amazon Simple Notification Service Developer Guide* . */ messageFormat?: pulumi.Input; /** * The ARN of the IAM role that grants access. */ roleArn: pulumi.Input; /** * The ARN of the SNS topic. */ targetArn: pulumi.Input; } interface TopicRuleSqsActionArgs { /** * The URL of the Amazon SQS queue. */ queueUrl: pulumi.Input; /** * The ARN of the IAM role that grants access. */ roleArn: pulumi.Input; /** * Specifies whether to use Base64 encoding. */ useBase64?: pulumi.Input; } interface TopicRuleStepFunctionsActionArgs { /** * (Optional) A name will be given to the state machine execution consisting of this prefix followed by a UUID. Step Functions automatically creates a unique name for each state machine execution if one is not provided. */ executionNamePrefix?: pulumi.Input; /** * The ARN of the role that grants IoT permission to start execution of a state machine ("Action":"states:StartExecution"). */ roleArn: pulumi.Input; /** * The name of the Step Functions state machine whose execution will be started. */ stateMachineName: pulumi.Input; } interface TopicRuleTimestampArgs { /** * The precision of the timestamp value that results from the expression described in `value` . */ unit?: pulumi.Input; /** * An expression that returns a long epoch time value. */ value: pulumi.Input; } interface TopicRuleTimestreamActionArgs { /** * The name of an Amazon Timestream database that has the table to write records into. */ databaseName: pulumi.Input; /** * Metadata attributes of the time series that are written in each measure record. */ dimensions: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the role that grants AWS IoT permission to write to the Timestream database table. */ roleArn: pulumi.Input; /** * The table where the message data will be written. */ tableName: pulumi.Input; /** * The value to use for the entry's timestamp. If blank, the time that the entry was processed is used. */ timestamp?: pulumi.Input; } interface TopicRuleTimestreamDimensionArgs { name: pulumi.Input; value: pulumi.Input; } interface TopicRuleTimestreamTimestampArgs { /** * The precision of the timestamp value that results from the expression described in `value` . */ unit: pulumi.Input; /** * An expression that returns a long epoch time value. */ value: pulumi.Input; } interface TopicRuleUserPropertyArgs { key: pulumi.Input; value: pulumi.Input; } } export declare namespace iotanalytics { interface ChannelCustomerManagedS3Args { /** * The name of the S3 bucket in which channel data is stored. */ bucket: pulumi.Input; /** * (Optional) The prefix used to create the keys of the channel data objects. Each object in an S3 bucket has a key that is its unique identifier within the bucket (each object in a bucket has exactly one key). The prefix must end with a forward slash (/). */ keyPrefix?: pulumi.Input; /** * The ARN of the role that grants ITA permission to interact with your Amazon S3 resources. */ roleArn: pulumi.Input; } interface ChannelRetentionPeriodArgs { /** * The number of days that message data is kept. The `unlimited` parameter must be false. */ numberOfDays?: pulumi.Input; /** * If true, message data is kept indefinitely. */ unlimited?: pulumi.Input; } interface ChannelServiceManagedS3Args { } interface ChannelStorageArgs { /** * Used to store channel data in an S3 bucket that you manage. If customer managed storage is selected, the `retentionPeriod` parameter is ignored. You can't change the choice of S3 storage after the data store is created. */ customerManagedS3?: pulumi.Input; /** * Used to store channel data in an S3 bucket managed by ITA . You can't change the choice of S3 storage after the data store is created. */ serviceManagedS3?: pulumi.Input; } interface DatasetActionArgs { /** * The name of the data set action by which data set contents are automatically created. */ actionName: pulumi.Input; /** * Information which allows the system to run a containerized application in order to create the data set contents. The application must be in a Docker container along with any needed support libraries. */ containerAction?: pulumi.Input; /** * An "SqlQueryDatasetAction" object that uses an SQL query to automatically create data set contents. */ queryAction?: pulumi.Input; } interface DatasetContainerActionArgs { /** * The ARN of the role which gives permission to the system to access needed resources in order to run the "containerAction". This includes, at minimum, permission to retrieve the data set contents which are the input to the containerized application. */ executionRoleArn: pulumi.Input; /** * The ARN of the Docker container stored in your account. The Docker container contains an application and needed support libraries and is used to generate data set contents. */ image: pulumi.Input; /** * Configuration of the resource which executes the "containerAction". */ resourceConfiguration: pulumi.Input; /** * The values of variables used within the context of the execution of the containerized application (basically, parameters passed to the application). Each variable must have a name and a value given by one of "stringValue", "datasetContentVersionValue", or "outputFileUriValue". */ variables?: pulumi.Input[]>; } interface DatasetContentDeliveryRuleArgs { /** * The destination to which dataset contents are delivered. */ destination: pulumi.Input; /** * The name of the dataset content delivery rules entry. */ entryName?: pulumi.Input; } interface DatasetContentDeliveryRuleDestinationArgs { /** * Configuration information for delivery of dataset contents to AWS IoT Events . */ iotEventsDestinationConfiguration?: pulumi.Input; /** * Configuration information for delivery of dataset contents to Amazon S3. */ s3DestinationConfiguration?: pulumi.Input; } interface DatasetContentVersionValueArgs { /** * The name of the dataset whose latest contents are used as input to the notebook or application. */ datasetName: pulumi.Input; } interface DatasetDeltaTimeArgs { /** * The number of seconds of estimated in-flight lag time of message data. When you create dataset contents using message data from a specified timeframe, some message data might still be in flight when processing begins, and so do not arrive in time to be processed. Use this field to make allowances for the in flight time of your message data, so that data not processed from a previous timeframe is included with the next timeframe. Otherwise, missed message data would be excluded from processing during the next timeframe too, because its timestamp places it within the previous timeframe. */ offsetSeconds: pulumi.Input; /** * An expression by which the time of the message data might be determined. This can be the name of a timestamp field or a SQL expression that is used to derive the time the message data was generated. */ timeExpression: pulumi.Input; } interface DatasetDeltaTimeSessionWindowConfigurationArgs { /** * A time interval. You can use `timeoutInMinutes` so that ITA can batch up late data notifications that have been generated since the last execution. ITA sends one batch of notifications to Amazon CloudWatch Events at one time. * * For more information about how to write a timestamp expression, see [Date and Time Functions and Operators](https://docs.aws.amazon.com/https://prestodb.io/docs/current/functions/datetime.html) , in the *Presto 0.172 Documentation* . */ timeoutInMinutes: pulumi.Input; } interface DatasetFilterArgs { /** * Used to limit data to that which has arrived since the last execution of the action. */ deltaTime?: pulumi.Input; } interface DatasetGlueConfigurationArgs { /** * The name of the database in your AWS Glue Data Catalog in which the table is located. An AWS Glue Data Catalog database contains metadata tables. */ databaseName: pulumi.Input; /** * The name of the table in your AWS Glue Data Catalog that is used to perform the ETL operations. An AWS Glue Data Catalog table contains partitioned data and descriptions of data sources and targets. */ tableName: pulumi.Input; } interface DatasetIotEventsDestinationConfigurationArgs { /** * The name of the AWS IoT Events input to which dataset contents are delivered. */ inputName: pulumi.Input; /** * The ARN of the role that grants ITA permission to deliver dataset contents to an AWS IoT Events input. */ roleArn: pulumi.Input; } interface DatasetLateDataRuleArgs { /** * The information needed to configure the late data rule. */ ruleConfiguration: pulumi.Input; /** * The name of the late data rule. */ ruleName?: pulumi.Input; } interface DatasetLateDataRuleConfigurationArgs { /** * The information needed to configure a delta time session window. */ deltaTimeSessionWindowConfiguration?: pulumi.Input; } interface DatasetOutputFileUriValueArgs { /** * The URI of the location where dataset contents are stored, usually the URI of a file in an S3 bucket. */ fileName: pulumi.Input; } interface DatasetQueryActionArgs { /** * Pre-filters applied to message data. */ filters?: pulumi.Input[]>; /** * An "SqlQueryDatasetAction" object that uses an SQL query to automatically create data set contents. */ sqlQuery: pulumi.Input; } interface DatasetResourceConfigurationArgs { /** * The type of the compute resource used to execute the `containerAction` . Possible values are: `ACU_1` (vCPU=4, memory=16 GiB) or `ACU_2` (vCPU=8, memory=32 GiB). */ computeType: pulumi.Input; /** * The size, in GB, of the persistent storage available to the resource instance used to execute the `containerAction` (min: 1, max: 50). */ volumeSizeInGb: pulumi.Input; } interface DatasetRetentionPeriodArgs { /** * The number of days that message data is kept. The `unlimited` parameter must be false. */ numberOfDays?: pulumi.Input; /** * If true, message data is kept indefinitely. */ unlimited?: pulumi.Input; } interface DatasetS3DestinationConfigurationArgs { /** * The name of the S3 bucket to which dataset contents are delivered. */ bucket: pulumi.Input; /** * Configuration information for coordination with AWS Glue , a fully managed extract, transform and load (ETL) service. */ glueConfiguration?: pulumi.Input; /** * The key of the dataset contents object in an S3 bucket. Each object has a key that is a unique identifier. Each object has exactly one key. * * You can create a unique key with the following options: * * - Use `!{iotanalytics:scheduleTime}` to insert the time of a scheduled SQL query run. * - Use `!{iotanalytics:versionId}` to insert a unique hash that identifies a dataset content. * - Use `!{iotanalytics:creationTime}` to insert the creation time of a dataset content. * * The following example creates a unique key for a CSV file: `dataset/mydataset/!{iotanalytics:scheduleTime}/!{iotanalytics:versionId}.csv` * * > If you don't use `!{iotanalytics:versionId}` to specify the key, you might get duplicate keys. For example, you might have two dataset contents with the same `scheduleTime` but different `versionId` s. This means that one dataset content overwrites the other. */ key: pulumi.Input; /** * The ARN of the role that grants ITA permission to interact with your Amazon S3 and AWS Glue resources. */ roleArn: pulumi.Input; } interface DatasetScheduleArgs { /** * The expression that defines when to trigger an update. For more information, see [Schedule Expressions for Rules](https://docs.aws.amazon.com/AmazonCloudWatch/latest/events/ScheduledEvents.html) in the Amazon CloudWatch documentation. */ scheduleExpression: pulumi.Input; } interface DatasetTriggerArgs { /** * The "Schedule" when the trigger is initiated. */ schedule?: pulumi.Input; /** * Information about the data set whose content generation triggers the new data set content generation. */ triggeringDataset?: pulumi.Input; } interface DatasetTriggeringDatasetArgs { /** * The name of the data set whose content generation triggers the new data set content generation. */ datasetName: pulumi.Input; } interface DatasetVariableArgs { /** * The value of the variable as a structure that specifies a dataset content version. */ datasetContentVersionValue?: pulumi.Input; /** * The value of the variable as a double (numeric). */ doubleValue?: pulumi.Input; /** * The value of the variable as a structure that specifies an output file URI. */ outputFileUriValue?: pulumi.Input; /** * The value of the variable as a string. */ stringValue?: pulumi.Input; /** * The name of the variable. */ variableName: pulumi.Input; } interface DatasetVersioningConfigurationArgs { /** * How many versions of dataset contents are kept. The `unlimited` parameter must be `false` . */ maxVersions?: pulumi.Input; /** * If true, unlimited versions of dataset contents are kept. */ unlimited?: pulumi.Input; } interface DatastoreColumnArgs { /** * The name of the column. */ name: pulumi.Input; /** * The type of data. For more information about the supported data types, see [Common data types](https://docs.aws.amazon.com/glue/latest/dg/aws-glue-api-common.html) in the *AWS Glue Developer Guide* . */ type: pulumi.Input; } interface DatastoreCustomerManagedS3Args { /** * The name of the Amazon S3 bucket where your data is stored. */ bucket: pulumi.Input; /** * (Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/). */ keyPrefix?: pulumi.Input; /** * The ARN of the role that grants ITA permission to interact with your Amazon S3 resources. */ roleArn: pulumi.Input; } interface DatastoreCustomerManagedS3StorageArgs { /** * The name of the Amazon S3 bucket where your data is stored. */ bucket: pulumi.Input; /** * (Optional) The prefix used to create the keys of the data store data objects. Each object in an Amazon S3 bucket has a key that is its unique identifier in the bucket. Each object in a bucket has exactly one key. The prefix must end with a forward slash (/). */ keyPrefix?: pulumi.Input; } interface DatastoreFileFormatConfigurationArgs { /** * Contains the configuration information of the JSON format. */ jsonConfiguration?: pulumi.Input; /** * Contains the configuration information of the Parquet format. */ parquetConfiguration?: pulumi.Input; } interface DatastoreIotSiteWiseMultiLayerStorageArgs { /** * Stores data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. */ customerManagedS3Storage?: pulumi.Input; } interface DatastoreJsonConfigurationArgs { } interface DatastoreParquetConfigurationArgs { /** * Information needed to define a schema. */ schemaDefinition?: pulumi.Input; } interface DatastorePartitionArgs { /** * A partition dimension defined by an attribute. */ partition?: pulumi.Input; /** * A partition dimension defined by a timestamp attribute. */ timestampPartition?: pulumi.Input; } interface DatastorePartitionsArgs { /** * A list of partition dimensions in a data store. */ partitions?: pulumi.Input[]>; } interface DatastoreRetentionPeriodArgs { /** * The number of days that message data is kept. The `unlimited` parameter must be false. */ numberOfDays?: pulumi.Input; /** * If true, message data is kept indefinitely. */ unlimited?: pulumi.Input; } interface DatastoreSchemaDefinitionArgs { /** * Specifies one or more columns that store your data. * * Each schema can have up to 100 columns. Each column can have up to 100 nested types. */ columns?: pulumi.Input[]>; } interface DatastoreServiceManagedS3Args { } interface DatastoreStorageArgs { /** * Use this to store data store data in an S3 bucket that you manage. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store. */ customerManagedS3?: pulumi.Input; /** * Use this to store data used by AWS IoT SiteWise in an Amazon S3 bucket that you manage. You can't change the choice of Amazon S3 storage after your data store is created. */ iotSiteWiseMultiLayerStorage?: pulumi.Input; /** * Use this to store data store data in an S3 bucket managed by the service. The choice of service-managed or customer-managed S3 storage cannot be changed after creation of the data store. */ serviceManagedS3?: pulumi.Input; } interface DatastoreTimestampPartitionArgs { /** * The attribute name of the partition defined by a timestamp. */ attributeName: pulumi.Input; /** * The timestamp format of a partition defined by a timestamp. The default format is seconds since epoch (January 1, 1970 at midnight UTC time). */ timestampFormat?: pulumi.Input; } interface PartitionArgs { /** * The name of the attribute that defines a partition dimension. */ attributeName: pulumi.Input; } interface PipelineActivityArgs { /** * Adds other attributes based on existing attributes in the message. */ addAttributes?: pulumi.Input; /** * Determines the source of the messages to be processed. */ channel?: pulumi.Input; /** * Specifies where to store the processed message data. */ datastore?: pulumi.Input; /** * Adds data from the AWS IoT device registry to your message. */ deviceRegistryEnrich?: pulumi.Input; /** * Adds information from the AWS IoT Device Shadows service to a message. */ deviceShadowEnrich?: pulumi.Input; /** * Filters a message based on its attributes. */ filter?: pulumi.Input; /** * Runs a Lambda function to modify the message. */ lambda?: pulumi.Input; /** * Computes an arithmetic expression using the message's attributes and adds it to the message. */ math?: pulumi.Input; /** * Removes attributes from a message. */ removeAttributes?: pulumi.Input; /** * Creates a new message using only the specified attributes from the original message. */ selectAttributes?: pulumi.Input; } interface PipelineAddAttributesArgs { /** * A list of 1-50 "AttributeNameMapping" objects that map an existing attribute to a new attribute. * * > The existing attributes remain in the message, so if you want to remove the originals, use "RemoveAttributeActivity". */ attributes: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The name of the 'addAttributes' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineChannelArgs { /** * The name of the channel from which the messages are processed. */ channelName: pulumi.Input; /** * The name of the 'channel' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineDatastoreArgs { /** * The name of the data store where processed messages are stored. */ datastoreName: pulumi.Input; /** * The name of the datastore activity. */ name: pulumi.Input; } interface PipelineDeviceRegistryEnrichArgs { /** * The name of the attribute that is added to the message. */ attribute: pulumi.Input; /** * The name of the 'deviceRegistryEnrich' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; /** * The ARN of the role that allows access to the device's registry information. */ roleArn: pulumi.Input; /** * The name of the IoT device whose registry information is added to the message. */ thingName: pulumi.Input; } interface PipelineDeviceShadowEnrichArgs { /** * The name of the attribute that is added to the message. */ attribute: pulumi.Input; /** * The name of the 'deviceShadowEnrich' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; /** * The ARN of the role that allows access to the device's shadow. */ roleArn: pulumi.Input; /** * The name of the IoT device whose shadow information is added to the message. */ thingName: pulumi.Input; } interface PipelineFilterArgs { /** * An expression that looks like an SQL WHERE clause that must return a Boolean value. */ filter: pulumi.Input; /** * The name of the 'filter' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineLambdaArgs { /** * The number of messages passed to the Lambda function for processing. * * The AWS Lambda function must be able to process all of these messages within five minutes, which is the maximum timeout duration for Lambda functions. */ batchSize: pulumi.Input; /** * The name of the Lambda function that is run on the message. */ lambdaName: pulumi.Input; /** * The name of the 'lambda' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineMathArgs { /** * The name of the attribute that contains the result of the math operation. */ attribute: pulumi.Input; /** * An expression that uses one or more existing attributes and must return an integer value. */ math: pulumi.Input; /** * The name of the 'math' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineRemoveAttributesArgs { /** * A list of 1-50 attributes to remove from the message. */ attributes: pulumi.Input[]>; /** * The name of the 'removeAttributes' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } interface PipelineSelectAttributesArgs { /** * A list of the attributes to select from the message. */ attributes: pulumi.Input[]>; /** * The name of the 'selectAttributes' activity. */ name: pulumi.Input; /** * The next activity in the pipeline. */ next?: pulumi.Input; } } export declare namespace iotcoredeviceadvisor { /** * Gets the suite definition configuration. */ interface SuiteDefinitionConfigurationPropertiesArgs { /** * Gets the device permission ARN. This is a required parameter. */ devicePermissionRoleArn: pulumi.Input; /** * Gets the devices configured. */ devices?: pulumi.Input[]>; /** * Gets the tests intended for qualification in a suite. */ intendedForQualification?: pulumi.Input; /** * Gets the test suite root group. This is a required parameter. For updating or creating the latest qualification suite, if `intendedForQualification` is set to true, `rootGroup` can be an empty string. If `intendedForQualification` is false, `rootGroup` cannot be an empty string. If `rootGroup` is empty, and `intendedForQualification` is set to true, all the qualification tests are included, and the configuration is default. * * For a qualification suite, the minimum length is 0, and the maximum is 2048. For a non-qualification suite, the minimum length is 1, and the maximum is 2048. */ rootGroup: pulumi.Input; /** * Gets the suite definition name. This is a required parameter. */ suiteDefinitionName?: pulumi.Input; } interface SuiteDefinitionDeviceUnderTestArgs { certificateArn?: pulumi.Input; thingArn?: pulumi.Input; } } export declare namespace iotevents { /** * Specifies whether to get notified for alarm state changes. */ interface AlarmModelAcknowledgeFlowArgs { /** * The value must be ``TRUE`` or ``FALSE``. If ``TRUE``, you receive a notification when the alarm state changes. You must choose to acknowledge the notification before the alarm state can return to ``NORMAL``. If ``FALSE``, you won't receive notifications. The alarm automatically changes to the ``NORMAL`` state when the input property value returns to the specified range. */ enabled?: pulumi.Input; } /** * Specifies one of the following actions to receive notifications when the alarm state changes. */ interface AlarmModelAlarmActionArgs { /** * Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBv2Action``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``tableName`` parameter can be ``'GreenhouseTemperatureTable'``. * + For references, you must specify either variables or input values. For example, the value for the ``tableName`` parameter can be ``$variable.ddbtableName``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``contentExpression`` parameter in ``Payload`` uses a substitution template. * ``'{\"sensorID\": \"${$input.GreenhouseInput.sensor_id}\", \"temperature\": \"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\"}'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * The value for the ``type`` parameter in ``Payload`` must be ``JSON``. */ dynamoDBv2?: pulumi.Input; /** * Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBAction``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``hashKeyType`` parameter can be ``'STRING'``. * + For references, you must specify either variables or input values. For example, the value for the ``hashKeyField`` parameter can be ``$input.GreenhouseInput.name``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``hashKeyValue`` parameter uses a substitution template. * ``'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * If the defined payload type is a string, ``DynamoDBAction`` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the ``payloadField`` parameter is ``_raw``. */ dynamoDb?: pulumi.Input; /** * Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream. */ firehose?: pulumi.Input; /** * Sends an ITE input, passing in information about the detector model instance and the event that triggered the action. */ iotEvents?: pulumi.Input; /** * Sends information about the detector model instance and the event that triggered the action to a specified asset property in ITSW. * You must use expressions for all parameters in ``IotSiteWiseAction``. The expressions accept literals, operators, functions, references, and substitutions templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``propertyAlias`` parameter can be ``'/company/windfarm/3/turbine/7/temperature'``. * + For references, you must specify either variables or input values. For example, the value for the ``assetId`` parameter can be ``$input.TurbineInput.assetId1``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``propertyAlias`` parameter uses a substitution template. * ``'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`` * * You must specify either ``propertyAlias`` or both ``assetId`` and ``propertyId`` to identify the target asset property in ITSW. * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ iotSiteWise?: pulumi.Input; /** * Information required to publish the MQTT message through the IoT message broker. */ iotTopicPublish?: pulumi.Input; /** * Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action. */ lambda?: pulumi.Input; /** * Information required to publish the Amazon SNS message. */ sns?: pulumi.Input; /** * Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue. */ sqs?: pulumi.Input; } /** * Contains the configuration information of alarm state changes. */ interface AlarmModelAlarmCapabilitiesArgs { /** * Specifies whether to get notified for alarm state changes. */ acknowledgeFlow?: pulumi.Input; /** * Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model. */ initializationConfiguration?: pulumi.Input; } /** * Contains information about one or more alarm actions. */ interface AlarmModelAlarmEventActionsArgs { /** * Specifies one or more supported actions to receive notifications when the alarm state changes. */ alarmActions?: pulumi.Input[]>; } /** * Defines when your alarm is invoked. */ interface AlarmModelAlarmRuleArgs { /** * A rule that compares an input property value to a threshold value with a comparison operator. */ simpleRule?: pulumi.Input; } /** * A structure that contains timestamp information. For more information, see [TimeInNanos](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_TimeInNanos.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyTimestamp``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``timeInSeconds`` parameter can be ``'1586400675'``. * + For references, you must specify either variables or input values. For example, the value for the ``offsetInNanos`` parameter can be ``$variable.time``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``timeInSeconds`` parameter uses a substitution template. * ``'${$input.TemperatureInput.sensorData.timestamp / 1000}'`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface AlarmModelAssetPropertyTimestampArgs { /** * The nanosecond offset converted from ``timeInSeconds``. The valid range is between 0-999999999. */ offsetInNanos?: pulumi.Input; /** * The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199. */ timeInSeconds: pulumi.Input; } /** * A structure that contains value information. For more information, see [AssetPropertyValue](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssetPropertyValue.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyValue``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``quality`` parameter can be ``'GOOD'``. * + For references, you must specify either variables or input values. For example, the value for the ``quality`` parameter can be ``$input.TemperatureInput.sensorData.quality``. * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface AlarmModelAssetPropertyValueArgs { /** * The quality of the asset property value. The value must be ``'GOOD'``, ``'BAD'``, or ``'UNCERTAIN'``. */ quality?: pulumi.Input; /** * The timestamp associated with the asset property value. The default is the current event time. */ timestamp?: pulumi.Input; /** * The value to send to an asset property. */ value: pulumi.Input; } /** * A structure that contains an asset property value. For more information, see [Variant](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_Variant.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyVariant``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``integerValue`` parameter can be ``'100'``. * + For references, you must specify either variables or parameters. For example, the value for the ``booleanValue`` parameter can be ``$variable.offline``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``doubleValue`` parameter uses a substitution template. * ``'${$input.TemperatureInput.sensorData.temperature * 6 / 5 + 32}'`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * You must specify one of the following value types, depending on the ``dataType`` of the specified asset property. For more information, see [AssetProperty](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssetProperty.html) in the *API Reference*. */ interface AlarmModelAssetPropertyVariantArgs { /** * The asset property value is a Boolean value that must be ``'TRUE'`` or ``'FALSE'``. You must use an expression, and the evaluated result should be a Boolean value. */ booleanValue?: pulumi.Input; /** * The asset property value is a double. You must use an expression, and the evaluated result should be a double. */ doubleValue?: pulumi.Input; /** * The asset property value is an integer. You must use an expression, and the evaluated result should be an integer. */ integerValue?: pulumi.Input; /** * The asset property value is a string. You must use an expression, and the evaluated result should be a string. */ stringValue?: pulumi.Input; } /** * Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBv2Action``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``tableName`` parameter can be ``'GreenhouseTemperatureTable'``. * + For references, you must specify either variables or input values. For example, the value for the ``tableName`` parameter can be ``$variable.ddbtableName``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``contentExpression`` parameter in ``Payload`` uses a substitution template. * ``'{\"sensorID\": \"${$input.GreenhouseInput.sensor_id}\", \"temperature\": \"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\"}'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * The value for the ``type`` parameter in ``Payload`` must be ``JSON``. */ interface AlarmModelDynamoDBv2Args { /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ payload?: pulumi.Input; /** * The name of the DynamoDB table. */ tableName: pulumi.Input; } /** * Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBAction``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``hashKeyType`` parameter can be ``'STRING'``. * + For references, you must specify either variables or input values. For example, the value for the ``hashKeyField`` parameter can be ``$input.GreenhouseInput.name``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``hashKeyValue`` parameter uses a substitution template. * ``'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * If the defined payload type is a string, ``DynamoDBAction`` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the ``payloadField`` parameter is ``_raw``. */ interface AlarmModelDynamoDbArgs { /** * The name of the hash key (also called the partition key). The ``hashKeyField`` value must match the partition key of the target DynamoDB table. */ hashKeyField: pulumi.Input; /** * The data type for the hash key (also called the partition key). You can specify the following values: * + ``'STRING'`` - The hash key is a string. * + ``'NUMBER'`` - The hash key is a number. * * If you don't specify ``hashKeyType``, the default value is ``'STRING'``. */ hashKeyType?: pulumi.Input; /** * The value of the hash key (also called the partition key). */ hashKeyValue: pulumi.Input; /** * The type of operation to perform. You can specify the following values: * + ``'INSERT'`` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key. * + ``'UPDATE'`` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. * + ``'DELETE'`` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. * * If you don't specify this parameter, ITE triggers the ``'INSERT'`` operation. */ operation?: pulumi.Input; /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ payload?: pulumi.Input; /** * The name of the DynamoDB column that receives the action payload. * If you don't specify this parameter, the name of the DynamoDB column is ``payload``. */ payloadField?: pulumi.Input; /** * The name of the range key (also called the sort key). The ``rangeKeyField`` value must match the sort key of the target DynamoDB table. */ rangeKeyField?: pulumi.Input; /** * The data type for the range key (also called the sort key), You can specify the following values: * + ``'STRING'`` - The range key is a string. * + ``'NUMBER'`` - The range key is number. * * If you don't specify ``rangeKeyField``, the default value is ``'STRING'``. */ rangeKeyType?: pulumi.Input; /** * The value of the range key (also called the sort key). */ rangeKeyValue?: pulumi.Input; /** * The name of the DynamoDB table. The ``tableName`` value must match the table name of the target DynamoDB table. */ tableName: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream. */ interface AlarmModelFirehoseArgs { /** * The name of the Kinesis Data Firehose delivery stream where the data is written. */ deliveryStreamName: pulumi.Input; /** * You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream. */ payload?: pulumi.Input; /** * A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\n' (newline), '\t' (tab), '\r\n' (Windows newline), ',' (comma). */ separator?: pulumi.Input; } /** * Specifies the default alarm state. The configuration applies to all alarms that were created based on this alarm model. */ interface AlarmModelInitializationConfigurationArgs { /** * The value must be ``TRUE`` or ``FALSE``. If ``FALSE``, all alarm instances created based on the alarm model are activated. The default value is ``TRUE``. */ disabledOnInitialization: pulumi.Input; } /** * Sends an ITE input, passing in information about the detector model instance and the event that triggered the action. */ interface AlarmModelIotEventsArgs { /** * The name of the ITE input where the data is sent. */ inputName: pulumi.Input; /** * You can configure the action payload when you send a message to an ITE input. */ payload?: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to a specified asset property in ITSW. * You must use expressions for all parameters in ``IotSiteWiseAction``. The expressions accept literals, operators, functions, references, and substitutions templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``propertyAlias`` parameter can be ``'/company/windfarm/3/turbine/7/temperature'``. * + For references, you must specify either variables or input values. For example, the value for the ``assetId`` parameter can be ``$input.TurbineInput.assetId1``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``propertyAlias`` parameter uses a substitution template. * ``'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`` * * You must specify either ``propertyAlias`` or both ``assetId`` and ``propertyId`` to identify the target asset property in ITSW. * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface AlarmModelIotSiteWiseArgs { /** * The ID of the asset that has the specified property. */ assetId?: pulumi.Input; /** * A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier. */ entryId?: pulumi.Input; /** * The alias of the asset property. */ propertyAlias?: pulumi.Input; /** * The ID of the asset property. */ propertyId?: pulumi.Input; /** * The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information. */ propertyValue?: pulumi.Input; } /** * Information required to publish the MQTT message through the IoT message broker. */ interface AlarmModelIotTopicPublishArgs { /** * The MQTT topic of the message. You can use a string expression that includes variables (``$variable.``) and input values (``$input..``) as the topic string. */ mqttTopic: pulumi.Input; /** * You can configure the action payload when you publish a message to an IoTCore topic. */ payload?: pulumi.Input; } /** * Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action. */ interface AlarmModelLambdaArgs { /** * The ARN of the Lambda function that is executed. */ functionArn: pulumi.Input; /** * You can configure the action payload when you send a message to a Lambda function. */ payload?: pulumi.Input; } /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ interface AlarmModelPayloadArgs { /** * The content of the payload. You can use a string expression that includes quoted strings (``''``), variables (``$variable.``), input values (``$input..``), string concatenations, and quoted strings that contain ``${}`` as the content. The recommended maximum size of a content expression is 1 KB. */ contentExpression: pulumi.Input; /** * The value of the payload type can be either ``STRING`` or ``JSON``. */ type: pulumi.Input; } /** * A rule that compares an input property value to a threshold value with a comparison operator. */ interface AlarmModelSimpleRuleArgs { /** * The comparison operator. */ comparisonOperator: pulumi.Input; /** * The value on the left side of the comparison operator. You can specify an ITE input attribute as an input property. */ inputProperty: pulumi.Input; /** * The value on the right side of the comparison operator. You can enter a number or specify an ITE input attribute. */ threshold: pulumi.Input; } /** * Information required to publish the Amazon SNS message. */ interface AlarmModelSnsArgs { /** * You can configure the action payload when you send a message as an Amazon SNS push notification. */ payload?: pulumi.Input; /** * The ARN of the Amazon SNS target where the message is sent. */ targetArn: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue. */ interface AlarmModelSqsArgs { /** * You can configure the action payload when you send a message to an Amazon SQS queue. */ payload?: pulumi.Input; /** * The URL of the SQS queue where the data is written. */ queueUrl: pulumi.Input; /** * Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE. */ useBase64?: pulumi.Input; } /** * An action to be performed when the ``condition`` is TRUE. */ interface DetectorModelActionArgs { /** * Information needed to clear the timer. */ clearTimer?: pulumi.Input; /** * Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *Developer Guide*. */ dynamoDBv2?: pulumi.Input; /** * Writes to the DynamoDB table that you created. The default action payload contains all attribute-value pairs that have the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. For more information, see [Actions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-event-actions.html) in *Developer Guide*. */ dynamoDb?: pulumi.Input; /** * Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream. */ firehose?: pulumi.Input; /** * Sends ITE input, which passes information about the detector model instance and the event that triggered the action. */ iotEvents?: pulumi.Input; /** * Sends information about the detector model instance and the event that triggered the action to an asset property in ITSW . */ iotSiteWise?: pulumi.Input; /** * Publishes an MQTT message with the given topic to the IoT message broker. */ iotTopicPublish?: pulumi.Input; /** * Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action. */ lambda?: pulumi.Input; /** * Information needed to reset the timer. */ resetTimer?: pulumi.Input; /** * Information needed to set the timer. */ setTimer?: pulumi.Input; /** * Sets a variable to a specified value. */ setVariable?: pulumi.Input; /** * Sends an Amazon SNS message. */ sns?: pulumi.Input; /** * Sends an Amazon SNS message. */ sqs?: pulumi.Input; } /** * A structure that contains timestamp information. For more information, see [TimeInNanos](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_TimeInNanos.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyTimestamp``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``timeInSeconds`` parameter can be ``'1586400675'``. * + For references, you must specify either variables or input values. For example, the value for the ``offsetInNanos`` parameter can be ``$variable.time``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``timeInSeconds`` parameter uses a substitution template. * ``'${$input.TemperatureInput.sensorData.timestamp / 1000}'`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface DetectorModelAssetPropertyTimestampArgs { /** * The nanosecond offset converted from ``timeInSeconds``. The valid range is between 0-999999999. */ offsetInNanos?: pulumi.Input; /** * The timestamp, in seconds, in the Unix epoch format. The valid range is between 1-31556889864403199. */ timeInSeconds: pulumi.Input; } /** * A structure that contains value information. For more information, see [AssetPropertyValue](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssetPropertyValue.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyValue``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``quality`` parameter can be ``'GOOD'``. * + For references, you must specify either variables or input values. For example, the value for the ``quality`` parameter can be ``$input.TemperatureInput.sensorData.quality``. * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface DetectorModelAssetPropertyValueArgs { /** * The quality of the asset property value. The value must be ``'GOOD'``, ``'BAD'``, or ``'UNCERTAIN'``. */ quality?: pulumi.Input; /** * The timestamp associated with the asset property value. The default is the current event time. */ timestamp?: pulumi.Input; /** * The value to send to an asset property. */ value: pulumi.Input; } /** * A structure that contains an asset property value. For more information, see [Variant](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_Variant.html) in the *API Reference*. * You must use expressions for all parameters in ``AssetPropertyVariant``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``integerValue`` parameter can be ``'100'``. * + For references, you must specify either variables or parameters. For example, the value for the ``booleanValue`` parameter can be ``$variable.offline``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``doubleValue`` parameter uses a substitution template. * ``'${$input.TemperatureInput.sensorData.temperature * 6 / 5 + 32}'`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * You must specify one of the following value types, depending on the ``dataType`` of the specified asset property. For more information, see [AssetProperty](https://docs.aws.amazon.com/iot-sitewise/latest/APIReference/API_AssetProperty.html) in the *API Reference*. */ interface DetectorModelAssetPropertyVariantArgs { /** * The asset property value is a Boolean value that must be ``'TRUE'`` or ``'FALSE'``. You must use an expression, and the evaluated result should be a Boolean value. */ booleanValue?: pulumi.Input; /** * The asset property value is a double. You must use an expression, and the evaluated result should be a double. */ doubleValue?: pulumi.Input; /** * The asset property value is an integer. You must use an expression, and the evaluated result should be an integer. */ integerValue?: pulumi.Input; /** * The asset property value is a string. You must use an expression, and the evaluated result should be a string. */ stringValue?: pulumi.Input; } /** * Information needed to clear the timer. */ interface DetectorModelClearTimerArgs { /** * The name of the timer to clear. */ timerName: pulumi.Input; } /** * Information that defines how a detector operates. */ interface DetectorModelDefinitionArgs { /** * The state that is entered at the creation of each detector (instance). */ initialStateName: pulumi.Input; /** * Information about the states of the detector. */ states: pulumi.Input[]>; } /** * Defines an action to write to the Amazon DynamoDB table that you created. The default action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). A separate column of the DynamoDB table receives one attribute-value pair in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBv2Action``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``tableName`` parameter can be ``'GreenhouseTemperatureTable'``. * + For references, you must specify either variables or input values. For example, the value for the ``tableName`` parameter can be ``$variable.ddbtableName``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``contentExpression`` parameter in ``Payload`` uses a substitution template. * ``'{\"sensorID\": \"${$input.GreenhouseInput.sensor_id}\", \"temperature\": \"${$input.GreenhouseInput.temperature * 9 / 5 + 32}\"}'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * The value for the ``type`` parameter in ``Payload`` must be ``JSON``. */ interface DetectorModelDynamoDBv2Args { /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ payload?: pulumi.Input; /** * The name of the DynamoDB table. */ tableName: pulumi.Input; } /** * Defines an action to write to the Amazon DynamoDB table that you created. The standard action payload contains all the information about the detector model instance and the event that triggered the action. You can customize the [payload](https://docs.aws.amazon.com/iotevents/latest/apireference/API_Payload.html). One column of the DynamoDB table receives all attribute-value pairs in the payload that you specify. * You must use expressions for all parameters in ``DynamoDBAction``. The expressions accept literals, operators, functions, references, and substitution templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``hashKeyType`` parameter can be ``'STRING'``. * + For references, you must specify either variables or input values. For example, the value for the ``hashKeyField`` parameter can be ``$input.GreenhouseInput.name``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``hashKeyValue`` parameter uses a substitution template. * ``'${$input.GreenhouseInput.temperature * 6 / 5 + 32} in Fahrenheit'`` * + For a string concatenation, you must use ``+``. A string concatenation can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``tableName`` parameter uses a string concatenation. * ``'GreenhouseTemperatureTable ' + $input.GreenhouseInput.date`` * * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. * If the defined payload type is a string, ``DynamoDBAction`` writes non-JSON data to the DynamoDB table as binary data. The DynamoDB console displays the data as Base64-encoded text. The value for the ``payloadField`` parameter is ``_raw``. */ interface DetectorModelDynamoDbArgs { /** * The name of the hash key (also called the partition key). The ``hashKeyField`` value must match the partition key of the target DynamoDB table. */ hashKeyField: pulumi.Input; /** * The data type for the hash key (also called the partition key). You can specify the following values: * + ``'STRING'`` - The hash key is a string. * + ``'NUMBER'`` - The hash key is a number. * * If you don't specify ``hashKeyType``, the default value is ``'STRING'``. */ hashKeyType?: pulumi.Input; /** * The value of the hash key (also called the partition key). */ hashKeyValue: pulumi.Input; /** * The type of operation to perform. You can specify the following values: * + ``'INSERT'`` - Insert data as a new item into the DynamoDB table. This item uses the specified hash key as a partition key. If you specified a range key, the item uses the range key as a sort key. * + ``'UPDATE'`` - Update an existing item of the DynamoDB table with new data. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. * + ``'DELETE'`` - Delete an existing item of the DynamoDB table. This item's partition key must match the specified hash key. If you specified a range key, the range key must match the item's sort key. * * If you don't specify this parameter, ITE triggers the ``'INSERT'`` operation. */ operation?: pulumi.Input; /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ payload?: pulumi.Input; /** * The name of the DynamoDB column that receives the action payload. * If you don't specify this parameter, the name of the DynamoDB column is ``payload``. */ payloadField?: pulumi.Input; /** * The name of the range key (also called the sort key). The ``rangeKeyField`` value must match the sort key of the target DynamoDB table. */ rangeKeyField?: pulumi.Input; /** * The data type for the range key (also called the sort key), You can specify the following values: * + ``'STRING'`` - The range key is a string. * + ``'NUMBER'`` - The range key is number. * * If you don't specify ``rangeKeyField``, the default value is ``'STRING'``. */ rangeKeyType?: pulumi.Input; /** * The value of the range key (also called the sort key). */ rangeKeyValue?: pulumi.Input; /** * The name of the DynamoDB table. The ``tableName`` value must match the table name of the target DynamoDB table. */ tableName: pulumi.Input; } /** * Specifies the ``actions`` to be performed when the ``condition`` evaluates to TRUE. */ interface DetectorModelEventArgs { /** * The actions to be performed. */ actions?: pulumi.Input[]>; /** * Optional. The Boolean expression that, when TRUE, causes the ``actions`` to be performed. If not present, the actions are performed (=TRUE). If the expression result is not a Boolean value, the actions are not performed (=FALSE). */ condition?: pulumi.Input; /** * The name of the event. */ eventName: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to an Amazon Kinesis Data Firehose delivery stream. */ interface DetectorModelFirehoseArgs { /** * The name of the Kinesis Data Firehose delivery stream where the data is written. */ deliveryStreamName: pulumi.Input; /** * You can configure the action payload when you send a message to an Amazon Data Firehose delivery stream. */ payload?: pulumi.Input; /** * A character separator that is used to separate records written to the Kinesis Data Firehose delivery stream. Valid values are: '\n' (newline), '\t' (tab), '\r\n' (Windows newline), ',' (comma). */ separator?: pulumi.Input; } /** * Sends an ITE input, passing in information about the detector model instance and the event that triggered the action. */ interface DetectorModelIotEventsArgs { /** * The name of the ITE input where the data is sent. */ inputName: pulumi.Input; /** * You can configure the action payload when you send a message to an ITE input. */ payload?: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to a specified asset property in ITSW. * You must use expressions for all parameters in ``IotSiteWiseAction``. The expressions accept literals, operators, functions, references, and substitutions templates. * **Examples** * + For literal values, the expressions must contain single quotes. For example, the value for the ``propertyAlias`` parameter can be ``'/company/windfarm/3/turbine/7/temperature'``. * + For references, you must specify either variables or input values. For example, the value for the ``assetId`` parameter can be ``$input.TurbineInput.assetId1``. * + For a substitution template, you must use ``${}``, and the template must be in single quotes. A substitution template can also contain a combination of literals, operators, functions, references, and substitution templates. * In the following example, the value for the ``propertyAlias`` parameter uses a substitution template. * ``'company/windfarm/${$input.TemperatureInput.sensorData.windfarmID}/turbine/ ${$input.TemperatureInput.sensorData.turbineID}/temperature'`` * * You must specify either ``propertyAlias`` or both ``assetId`` and ``propertyId`` to identify the target asset property in ITSW. * For more information, see [Expressions](https://docs.aws.amazon.com/iotevents/latest/developerguide/iotevents-expressions.html) in the *Developer Guide*. */ interface DetectorModelIotSiteWiseArgs { /** * The ID of the asset that has the specified property. */ assetId?: pulumi.Input; /** * A unique identifier for this entry. You can use the entry ID to track which data entry causes an error in case of failure. The default is a new unique identifier. */ entryId?: pulumi.Input; /** * The alias of the asset property. */ propertyAlias?: pulumi.Input; /** * The ID of the asset property. */ propertyId?: pulumi.Input; /** * The value to send to the asset property. This value contains timestamp, quality, and value (TQV) information. */ propertyValue: pulumi.Input; } /** * Information required to publish the MQTT message through the IoT message broker. */ interface DetectorModelIotTopicPublishArgs { /** * The MQTT topic of the message. You can use a string expression that includes variables (``$variable.``) and input values (``$input..``) as the topic string. */ mqttTopic: pulumi.Input; /** * You can configure the action payload when you publish a message to an IoTCore topic. */ payload?: pulumi.Input; } /** * Calls a Lambda function, passing in information about the detector model instance and the event that triggered the action. */ interface DetectorModelLambdaArgs { /** * The ARN of the Lambda function that is executed. */ functionArn: pulumi.Input; /** * You can configure the action payload when you send a message to a Lambda function. */ payload?: pulumi.Input; } /** * When entering this state, perform these ``actions`` if the ``condition`` is TRUE. */ interface DetectorModelOnEnterArgs { /** * Specifies the actions that are performed when the state is entered and the ``condition`` is ``TRUE``. */ events?: pulumi.Input[]>; } /** * When exiting this state, perform these ``actions`` if the specified ``condition`` is ``TRUE``. */ interface DetectorModelOnExitArgs { /** * Specifies the ``actions`` that are performed when the state is exited and the ``condition`` is ``TRUE``. */ events?: pulumi.Input[]>; } /** * Specifies the actions performed when the ``condition`` evaluates to TRUE. */ interface DetectorModelOnInputArgs { /** * Specifies the actions performed when the ``condition`` evaluates to TRUE. */ events?: pulumi.Input[]>; /** * Specifies the actions performed, and the next state entered, when a ``condition`` evaluates to TRUE. */ transitionEvents?: pulumi.Input[]>; } /** * Information needed to configure the payload. * By default, ITE generates a standard payload in JSON for any action. This action payload contains all attribute-value pairs that have the information about the detector model instance and the event triggered the action. To configure the action payload, you can use ``contentExpression``. */ interface DetectorModelPayloadArgs { /** * The content of the payload. You can use a string expression that includes quoted strings (``''``), variables (``$variable.``), input values (``$input..``), string concatenations, and quoted strings that contain ``${}`` as the content. The recommended maximum size of a content expression is 1 KB. */ contentExpression: pulumi.Input; /** * The value of the payload type can be either ``STRING`` or ``JSON``. */ type: pulumi.Input; } /** * Information required to reset the timer. The timer is reset to the previously evaluated result of the duration. The duration expression isn't reevaluated when you reset the timer. */ interface DetectorModelResetTimerArgs { /** * The name of the timer to reset. */ timerName: pulumi.Input; } /** * Information needed to set the timer. */ interface DetectorModelSetTimerArgs { /** * The duration of the timer, in seconds. You can use a string expression that includes numbers, variables (``$variable.``), and input values (``$input..``) as the duration. The range of the duration is 1-31622400 seconds. To ensure accuracy, the minimum duration is 60 seconds. The evaluated result of the duration is rounded down to the nearest whole number. */ durationExpression?: pulumi.Input; /** * The number of seconds until the timer expires. The minimum value is 60 seconds to ensure accuracy. The maximum value is 31622400 seconds. */ seconds?: pulumi.Input; /** * The name of the timer. */ timerName: pulumi.Input; } /** * Information about the variable and its new value. */ interface DetectorModelSetVariableArgs { /** * The new value of the variable. */ value: pulumi.Input; /** * The name of the variable. */ variableName: pulumi.Input; } /** * Information required to publish the Amazon SNS message. */ interface DetectorModelSnsArgs { /** * You can configure the action payload when you send a message as an Amazon SNS push notification. */ payload?: pulumi.Input; /** * The ARN of the Amazon SNS target where the message is sent. */ targetArn: pulumi.Input; } /** * Sends information about the detector model instance and the event that triggered the action to an Amazon SQS queue. */ interface DetectorModelSqsArgs { /** * You can configure the action payload when you send a message to an Amazon SQS queue. */ payload?: pulumi.Input; /** * The URL of the SQS queue where the data is written. */ queueUrl: pulumi.Input; /** * Set this to TRUE if you want the data to be base-64 encoded before it is written to the queue. Otherwise, set this to FALSE. */ useBase64?: pulumi.Input; } /** * Information that defines a state of a detector. */ interface DetectorModelStateArgs { /** * When entering this state, perform these ``actions`` if the ``condition`` is TRUE. */ onEnter?: pulumi.Input; /** * When exiting this state, perform these ``actions`` if the specified ``condition`` is ``TRUE``. */ onExit?: pulumi.Input; /** * When an input is received and the ``condition`` is TRUE, perform the specified ``actions``. */ onInput?: pulumi.Input; /** * The name of the state. */ stateName: pulumi.Input; } /** * Specifies the actions performed and the next state entered when a ``condition`` evaluates to TRUE. */ interface DetectorModelTransitionEventArgs { /** * The actions to be performed. */ actions?: pulumi.Input[]>; /** * Required. A Boolean expression that when TRUE causes the actions to be performed and the ``nextState`` to be entered. */ condition: pulumi.Input; /** * The name of the transition event. */ eventName: pulumi.Input; /** * The next state to enter. */ nextState: pulumi.Input; } /** * The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the ITE system using ``BatchPutMessage``. Each such message contains a JSON payload. Those attributes (and their paired values) specified here are available for use in the ``condition`` expressions used by detectors. */ interface InputAttributeArgs { /** * An expression that specifies an attribute-value pair in a JSON structure. Use this to specify an attribute from the JSON payload that is made available by the input. Inputs are derived from messages sent to ITE (``BatchPutMessage``). Each such message contains a JSON payload. The attribute (and its paired value) specified here are available for use in the ``condition`` expressions used by detectors. * Syntax: ``....`` */ jsonPath: pulumi.Input; } /** * The definition of the input. */ interface InputDefinitionArgs { /** * The attributes from the JSON payload that are made available by the input. Inputs are derived from messages sent to the ITE system using ``BatchPutMessage``. Each such message contains a JSON payload, and those attributes (and their paired values) specified here are available for use in the ``condition`` expressions used by detectors that monitor this input. */ attributes: pulumi.Input[]>; } } export declare namespace iotfleethub { } export declare namespace iotsitewise { /** * Contains information for an IAM role identity in an access policy. */ interface AccessPolicyIamRoleArgs { /** * The ARN of the IAM role. */ arn?: pulumi.Input; } /** * Contains information for an IAM user identity in an access policy. */ interface AccessPolicyIamUserArgs { /** * The ARN of the IAM user. */ arn?: pulumi.Input; } /** * The identity for this access policy. Choose either an SSO user or group or an IAM user or role. */ interface AccessPolicyIdentityArgs { /** * An IAM role identity. */ iamRole?: pulumi.Input; /** * An IAM user identity. */ iamUser?: pulumi.Input; /** * An IAM Identity Center user identity. */ user?: pulumi.Input; } /** * A portal resource. */ interface AccessPolicyPortalArgs { /** * The ID of the portal. */ id?: pulumi.Input; } /** * A project resource. */ interface AccessPolicyProjectArgs { /** * The ID of the project. */ id?: pulumi.Input; } /** * The AWS IoT SiteWise Monitor resource for this access policy. Choose either portal or project but not both. */ interface AccessPolicyResourceArgs { /** * Identifies an AWS IoT SiteWise Monitor portal. */ portal?: pulumi.Input; /** * Identifies a specific AWS IoT SiteWise Monitor project. */ project?: pulumi.Input; } /** * Contains information for a user identity in an access policy. */ interface AccessPolicyUserArgs { /** * The AWS SSO ID of the user. */ id?: pulumi.Input; } /** * Contains the configuration information of an alarm created in an AWS IoT SiteWise Monitor portal. You can use the alarm to monitor an asset property and get notified when the asset property value is outside a specified range. */ interface AlarmsPropertiesArgs { /** * The ARN of the IAM role that allows the alarm to perform actions and access AWS resources and services, such as AWS IoT Events. */ alarmRoleArn?: pulumi.Input; /** * The ARN of the AWS Lambda function that manages alarm notifications. For more information, see Managing alarm notifications in the AWS IoT Events Developer Guide. */ notificationLambdaArn?: pulumi.Input; } /** * A hierarchy specifies allowed parent/child asset relationships. */ interface AssetHierarchyArgs { /** * The ID of the child asset to be associated. */ childAssetId: pulumi.Input; /** * String-friendly customer provided external ID */ externalId?: pulumi.Input; /** * Customer provided actual UUID for property */ id?: pulumi.Input; /** * The LogicalID of a hierarchy in the parent asset's model. */ logicalId?: pulumi.Input; } interface AssetModelAttributeArgs { /** * The default value of the asset model property attribute. All assets that you create from the asset model contain this attribute value. You can update an attribute's value after you create an asset. For more information, see [Updating attribute values](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/update-attribute-values.html) in the *AWS IoT SiteWise User Guide* . */ defaultValue?: pulumi.Input; } /** * Contains a composite model definition in an asset model. This composite model definition is applied to all assets created from the asset model. */ interface AssetModelCompositeModelArgs { /** * The component model ID for which the composite model is composed of */ composedAssetModelId?: pulumi.Input; /** * The property definitions of the asset model. You can specify up to 200 properties per asset model. */ compositeModelProperties?: pulumi.Input[]>; /** * A description for the asset composite model. */ description?: pulumi.Input; /** * The External ID of the composite model */ externalId?: pulumi.Input; /** * The Actual ID of the composite model */ id?: pulumi.Input; /** * A unique, friendly name for the asset composite model. */ name: pulumi.Input; /** * The parent composite model External ID */ parentAssetModelCompositeModelExternalId?: pulumi.Input; /** * The path of the composite model. This is only for derived composite models */ path?: pulumi.Input[]>; /** * The type of the composite model. For alarm composite models, this type is AWS/ALARM */ type: pulumi.Input; } /** * Contains information about enforced interface property and asset model property */ interface AssetModelEnforcedAssetModelInterfacePropertyMappingArgs { /** * The external ID of the enforced asset model property */ assetModelPropertyExternalId?: pulumi.Input; /** * The logical ID of the enforced asset model property */ assetModelPropertyLogicalId?: pulumi.Input; /** * The external ID of the enforced interface property */ interfaceAssetModelPropertyExternalId: pulumi.Input; } /** * Contains information about enforced interface hierarchy and asset model hierarchy */ interface AssetModelEnforcedAssetModelInterfaceRelationshipArgs { /** * The ID of the interface that is enforced to the asset model */ interfaceAssetModelId?: pulumi.Input; /** * Contains information about enforced interface property and asset model property */ propertyMappings?: pulumi.Input[]>; } interface AssetModelExpressionVariableArgs { /** * The friendly name of the variable to be used in the expression. */ name: pulumi.Input; /** * The variable that identifies an asset property from which to use values. */ value: pulumi.Input; } /** * Contains information about an asset model hierarchy. */ interface AssetModelHierarchyArgs { /** * The ID of the asset model. All assets in this hierarchy must be instances of the child AssetModelId asset model. */ childAssetModelId: pulumi.Input; /** * Customer provided external ID for hierarchy */ externalId?: pulumi.Input; /** * Customer provided actual ID for hierarchy */ id?: pulumi.Input; /** * Customer provided logical ID for hierarchy. */ logicalId?: pulumi.Input; /** * The name of the asset model hierarchy. */ name: pulumi.Input; } interface AssetModelMetricArgs { /** * The mathematical expression that defines the metric aggregation function. You can specify up to 10 functions per expression. */ expression: pulumi.Input; /** * The list of variables used in the expression. */ variables: pulumi.Input[]>; /** * The window (time interval) over which AWS IoT SiteWise computes the metric's aggregation expression */ window: pulumi.Input; } /** * Contains a time interval window used for data aggregate computations (for example, average, sum, count, and so on). */ interface AssetModelMetricWindowArgs { /** * The tumbling time interval window. */ tumbling?: pulumi.Input; } /** * Contains information about an asset model property. */ interface AssetModelPropertyArgs { /** * The data type of the asset model property. */ dataType: pulumi.Input; /** * The data type of the structure for this property. */ dataTypeSpec?: pulumi.Input; /** * The External ID of the Asset Model Property */ externalId?: pulumi.Input; /** * The ID of the Asset Model Property */ id?: pulumi.Input; /** * Customer provided Logical ID for property. */ logicalId?: pulumi.Input; /** * The name of the asset model property. */ name: pulumi.Input; /** * The property type */ type: pulumi.Input; /** * The unit of the asset model property, such as Newtons or RPM. */ unit?: pulumi.Input; } /** * The definition for property path which is used to reference properties in transforms/metrics */ interface AssetModelPropertyPathDefinitionArgs { /** * The name of the property */ name: pulumi.Input; } /** * Contains a property type, which can be one of attribute, measurement, metric, or transform. */ interface AssetModelPropertyTypeArgs { /** * Specifies an asset attribute property. An attribute generally contains static information, such as the serial number of an [IIoT](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Internet_of_things#Industrial_applications) wind turbine. */ attribute?: pulumi.Input; /** * Specifies an asset metric property. A metric contains a mathematical expression that uses aggregate functions to process all input data points over a time interval and output a single data point, such as to calculate the average hourly temperature. */ metric?: pulumi.Input; /** * Specifies an asset transform property. A transform contains a mathematical expression that maps a property's data points from one form to another, such as a unit conversion from Celsius to Fahrenheit. */ transform?: pulumi.Input; /** * The type of property type, which can be one of `Attribute` , `Measurement` , `Metric` , or `Transform` . */ typeName: pulumi.Input; } interface AssetModelTransformArgs { /** * The mathematical expression that defines the transformation function. You can specify up to 10 functions per expression. */ expression: pulumi.Input; /** * The list of variables used in the expression. */ variables: pulumi.Input[]>; } /** * Contains a tumbling window, which is a repeating fixed-sized, non-overlapping, and contiguous time interval. This window is used in metric and aggregation computations. */ interface AssetModelTumblingWindowArgs { /** * The time interval for the tumbling window. The interval time must be between 1 minute and 1 week. * * AWS IoT SiteWise computes the `1w` interval the end of Sunday at midnight each week (UTC), the `1d` interval at the end of each day at midnight (UTC), the `1h` interval at the end of each hour, and so on. * * When AWS IoT SiteWise aggregates data points for metric computations, the start of each interval is exclusive and the end of each interval is inclusive. AWS IoT SiteWise places the computed data point at the end of the interval. */ interval: pulumi.Input; /** * The offset for the tumbling window. The `offset` parameter accepts the following: * * - The offset time. * * For example, if you specify `18h` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways: * * - If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric. * - If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day. * - The ISO 8601 format. * * For example, if you specify `PT18H` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways: * * - If you create the metric before or at 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) on the day when you create the metric. * - If you create the metric after 6 PM (UTC), you get the first aggregation result at 6 PM (UTC) the next day. * - The 24-hour clock. * * For example, if you specify `00:03:00` for `offset` , `5m` for `interval` , and you create the metric at 2 PM (UTC), you get the first aggregation result at 2:03 PM (UTC). You get the second aggregation result at 2:08 PM (UTC). * - The offset time zone. * * For example, if you specify `2021-07-23T18:00-08` for `offset` and `1d` for `interval` , AWS IoT SiteWise aggregates data in one of the following ways: * * - If you create the metric before or at 6 PM (PST), you get the first aggregation result at 6 PM (PST) on the day when you create the metric. * - If you create the metric after 6 PM (PST), you get the first aggregation result at 6 PM (PST) the next day. */ offset?: pulumi.Input; } interface AssetModelVariableValueArgs { /** * The External ID of the hierarchy that is trying to be referenced */ hierarchyExternalId?: pulumi.Input; /** * The ID of the hierarchy that is trying to be referenced */ hierarchyId?: pulumi.Input; /** * The `LogicalID` of the hierarchy to query for the `PropertyLogicalID` . * * You use a `hierarchyLogicalID` instead of a model ID because you can have several hierarchies using the same model and therefore the same property. For example, you might have separately grouped assets that come from the same asset model. For more information, see [Defining relationships between asset models (hierarchies)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/asset-hierarchies.html) in the *AWS IoT SiteWise User Guide* . */ hierarchyLogicalId?: pulumi.Input; /** * The External ID of the property that is trying to be referenced */ propertyExternalId?: pulumi.Input; /** * The ID of the property that is trying to be referenced */ propertyId?: pulumi.Input; /** * The `LogicalID` of the property that is being referenced. */ propertyLogicalId?: pulumi.Input; /** * The path of the property that is trying to be referenced */ propertyPath?: pulumi.Input[]>; } /** * The asset property's definition, alias, unit, and notification state. */ interface AssetPropertyArgs { /** * The property alias that identifies the property. */ alias?: pulumi.Input; /** * String-friendly customer provided external ID */ externalId?: pulumi.Input; /** * Customer provided actual UUID for property */ id?: pulumi.Input; /** * Customer provided ID for property. */ logicalId?: pulumi.Input; /** * The MQTT notification state (ENABLED or DISABLED) for this asset property. */ notificationState?: pulumi.Input; /** * The unit of measure (such as Newtons or RPM) of the asset property. If you don't specify a value for this parameter, the service uses the value of the assetModelProperty in the asset model. */ unit?: pulumi.Input; } interface DatasetKendraSourceDetailArgs { /** * The knowledgeBaseArn details for the Kendra dataset source. */ knowledgeBaseArn: pulumi.Input; /** * The roleARN details for the Kendra dataset source. */ roleArn: pulumi.Input; } interface DatasetSourceArgs { /** * The details of the dataset source associated with the dataset. */ sourceDetail?: pulumi.Input; /** * The format of the dataset source associated with the dataset. */ sourceFormat: pulumi.Input; /** * The type of data source for the dataset. */ sourceType: pulumi.Input; } interface DatasetSourceDetailArgs { /** * Contains details about the Kendra dataset source. */ kendra?: pulumi.Input; } /** * Contains a summary of a gateway capability configuration. */ interface GatewayCapabilitySummaryArgs { /** * The JSON document that defines the configuration for the gateway capability. For more information, see [Configuring data sources (CLI)](https://docs.aws.amazon.com/iot-sitewise/latest/userguide/configure-sources.html#configure-source-cli) in the *AWS IoT SiteWise User Guide* . */ capabilityConfiguration?: pulumi.Input; /** * The namespace of the capability configuration. For example, if you configure OPC UA sources for an MQTT-enabled gateway, your OPC-UA capability configuration has the namespace `iotsitewise:opcuacollector:3` . */ capabilityNamespace: pulumi.Input; } /** * Contains the CoreDeviceThingName of AWS IoT Greengrass Group V2 that the gateway runs on. */ interface GatewayGreengrassV2Args { /** * The operating system of the core device in AWS IoT Greengrass V2. */ coreDeviceOperatingSystem?: pulumi.Input; /** * The name of the CoreDevice in GreenGrass V2. */ coreDeviceThingName: pulumi.Input; } /** * Contains a gateway's platform information. */ interface GatewayPlatformArgs { /** * A gateway that runs on AWS IoT Greengrass V2. */ greengrassV2?: pulumi.Input; /** * A gateway that runs on Siemens Industrial Edge. */ siemensIe?: pulumi.Input; } /** * Contains the IotCoreThingName of AWS IoT Thing that the gateway runs on. */ interface GatewaySiemensIeArgs { /** * The name of the IoT Core Thing. */ iotCoreThingName: pulumi.Input; } /** * Container associated a certain PortalType. */ interface PortalTypeEntryArgs { /** * The array of tools associated with the specified portal type. The possible values are `ASSISTANT` and `DASHBOARD` . */ portalTools: pulumi.Input[]>; } } export declare namespace iottwinmaker { /** * An object that sets information about a composite component type. */ interface ComponentTypeCompositeComponentTypeArgs { /** * The id of the composite component type. */ componentTypeId?: pulumi.Input; } /** * The data connector. */ interface ComponentTypeDataConnectorArgs { /** * A Boolean value that specifies whether the data connector is native to IoT TwinMaker. */ isNative?: pulumi.Input; /** * The Lambda function associated with this data connector. */ lambda?: pulumi.Input; } /** * An object that specifies the data type of a property. */ interface ComponentTypeDataTypeArgs { /** * The allowed values for this data type. */ allowedValues?: pulumi.Input[]>; /** * The nested type in the data type. */ nestedType?: pulumi.Input; /** * A relationship that associates a component with another component. */ relationship?: pulumi.Input; /** * The underlying type of the data type. */ type: pulumi.Input; /** * The unit of measure used in this data type. */ unitOfMeasure?: pulumi.Input; } /** * An object that specifies a value for a property. */ interface ComponentTypeDataValueArgs { /** * A Boolean value. */ booleanValue?: pulumi.Input; /** * A double value. */ doubleValue?: pulumi.Input; /** * An expression that produces the value. */ expression?: pulumi.Input; /** * An integer value. */ integerValue?: pulumi.Input; /** * A list of multiple values. */ listValue?: pulumi.Input[]>; /** * A long value. */ longValue?: pulumi.Input; /** * An object that maps strings to multiple DataValue objects. */ mapValue?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A value that relates a component to another component. */ relationshipValue?: pulumi.Input; /** * A string value. */ stringValue?: pulumi.Input; } /** * A value that relates a component to another component. */ interface ComponentTypeDataValueRelationshipValuePropertiesArgs { targetComponentName?: pulumi.Input; targetEntityId?: pulumi.Input; } /** * The function of component type. */ interface ComponentTypeFunctionArgs { /** * The data connector. */ implementedBy?: pulumi.Input; /** * The required properties of the function. */ requiredProperties?: pulumi.Input[]>; /** * The scope of the function. */ scope?: pulumi.Input; } interface ComponentTypeLambdaFunctionArgs { arn: pulumi.Input; } /** * An object that sets information about a property. */ interface ComponentTypePropertyDefinitionArgs { /** * An object that specifies information about a property. */ configurations?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An object that contains information about the data type. */ dataType?: pulumi.Input; /** * An object that contains the default value. */ defaultValue?: pulumi.Input; /** * A Boolean value that specifies whether the property ID comes from an external data store. */ isExternalId?: pulumi.Input; /** * A Boolean value that specifies whether the property is required. */ isRequiredInEntity?: pulumi.Input; /** * A Boolean value that specifies whether the property is stored externally. */ isStoredExternally?: pulumi.Input; /** * A Boolean value that specifies whether the property consists of time series data. */ isTimeSeries?: pulumi.Input; } /** * An object that sets information about a property group. */ interface ComponentTypePropertyGroupArgs { /** * The type of property group. */ groupType?: pulumi.Input; /** * The list of property names in the property group. */ propertyNames?: pulumi.Input[]>; } /** * The type of the relationship. */ interface ComponentTypeRelationshipArgs { /** * The type of the relationship. */ relationshipType?: pulumi.Input; /** * The ID of the target component type associated with this relationship. */ targetComponentTypeId?: pulumi.Input; } interface EntityComponentArgs { /** * The name of the component. */ componentName?: pulumi.Input; /** * The ID of the component type. */ componentTypeId?: pulumi.Input; /** * The name of the property definition set in the component. */ definedIn?: pulumi.Input; /** * The description of the component. */ description?: pulumi.Input; /** * An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object. */ properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object. */ propertyGroups?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The current status of the entity. */ status?: pulumi.Input; } interface EntityCompositeComponentArgs { /** * The name of the component. */ componentName?: pulumi.Input; /** * The path of the component. */ componentPath?: pulumi.Input; /** * The ID of the component type. */ componentTypeId?: pulumi.Input; /** * The description of the component. */ description?: pulumi.Input; /** * An object that maps strings to the properties to set in the component type. Each string in the mapping must be unique to this object. */ properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An object that maps strings to the property groups to set in the component type. Each string in the mapping must be unique to this object. */ propertyGroups?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The current status of the component. */ status?: pulumi.Input; } /** * An object that specifies the data type of a property. */ interface EntityDataTypeArgs { /** * The allowed values for this data type. */ allowedValues?: pulumi.Input[]>; /** * The nested type in the data type. */ nestedType?: pulumi.Input; /** * A relationship that associates a component with another component. */ relationship?: pulumi.Input; /** * The underlying type of the data type. */ type?: pulumi.Input; /** * The unit of measure used in this data type. */ unitOfMeasure?: pulumi.Input; } /** * An object that specifies a value for a property. */ interface EntityDataValueArgs { /** * A Boolean value. */ booleanValue?: pulumi.Input; /** * A double value. */ doubleValue?: pulumi.Input; /** * An expression that produces the value. */ expression?: pulumi.Input; /** * An integer value. */ integerValue?: pulumi.Input; /** * A list of multiple values. */ listValue?: pulumi.Input[]>; /** * A long value. */ longValue?: pulumi.Input; /** * An object that maps strings to multiple DataValue objects. */ mapValue?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A value that relates a component to another component. */ relationshipValue?: pulumi.Input; /** * A string value. */ stringValue?: pulumi.Input; } /** * A value that relates a component to another component. */ interface EntityDataValueRelationshipValuePropertiesArgs { targetComponentName?: pulumi.Input; targetEntityId?: pulumi.Input; } /** * An object that specifies information about a property definition. */ interface EntityDefinitionArgs { /** * An object that specifies information about a property configuration. */ configuration?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * An object that contains information about the data type. */ dataType?: pulumi.Input; /** * An object that contains the default value. */ defaultValue?: pulumi.Input; /** * A Boolean value that specifies whether the property ID comes from an external data store. */ isExternalId?: pulumi.Input; /** * A Boolean value that specifies whether the property definition can be updated. */ isFinal?: pulumi.Input; /** * A Boolean value that specifies whether the property definition is imported from an external data store. */ isImported?: pulumi.Input; /** * A Boolean value that specifies whether the property definition is inherited from a parent entity. */ isInherited?: pulumi.Input; /** * A Boolean value that specifies whether the property is required. */ isRequiredInEntity?: pulumi.Input; /** * A Boolean value that specifies whether the property is stored externally. */ isStoredExternally?: pulumi.Input; /** * A Boolean value that specifies whether the property consists of time series data. */ isTimeSeries?: pulumi.Input; } /** * An object that specifies information about a property. */ interface EntityPropertyArgs { /** * The definition of the property. */ definition?: pulumi.Input; /** * The value of the property. */ value?: pulumi.Input; } /** * An object that specifies information about a property group. */ interface EntityPropertyGroupArgs { /** * The type of property group. */ groupType?: pulumi.Input; /** * The list of property names in the property group. */ propertyNames?: pulumi.Input[]>; } /** * The type of the relationship. */ interface EntityRelationshipArgs { /** * The type of the relationship. */ relationshipType?: pulumi.Input; /** * The ID of the target component type associated with this relationship. */ targetComponentTypeId?: pulumi.Input; } interface EntityStatusArgs { error?: pulumi.Input; state?: pulumi.Input; } /** * Error object with Message and Code. */ interface EntityStatusErrorPropertiesArgs { code?: pulumi.Input; message?: pulumi.Input; } } export declare namespace iotwireless { interface DeviceProfileLoRaWanDeviceProfileArgs { /** * The ClassBTimeout value. */ classBTimeout?: pulumi.Input; /** * The ClassCTimeout value. */ classCTimeout?: pulumi.Input; /** * The list of values that make up the FactoryPresetFreqs value. Valid range of values include a minimum value of 1000000 and a maximum value of 16700000. */ factoryPresetFreqsList?: pulumi.Input[]>; /** * The MAC version (such as OTAA 1.1 or OTAA 1.0.3) to use with this device profile. */ macVersion?: pulumi.Input; /** * The MaxDutyCycle value. */ maxDutyCycle?: pulumi.Input; /** * The MaxEIRP value. */ maxEirp?: pulumi.Input; /** * The PingSlotDR value. */ pingSlotDr?: pulumi.Input; /** * The PingSlotFreq value. */ pingSlotFreq?: pulumi.Input; /** * The PingSlotPeriod value. */ pingSlotPeriod?: pulumi.Input; /** * The version of regional parameters. */ regParamsRevision?: pulumi.Input; /** * The frequency band (RFRegion) value. */ rfRegion?: pulumi.Input; /** * The RXDataRate2 value. */ rxDataRate2?: pulumi.Input; /** * The RXDelay1 value. */ rxDelay1?: pulumi.Input; /** * The RXDROffset1 value. */ rxDrOffset1?: pulumi.Input; /** * The RXFreq2 value. */ rxFreq2?: pulumi.Input; /** * The Supports32BitFCnt value. */ supports32BitFCnt?: pulumi.Input; /** * The SupportsClassB value. */ supportsClassB?: pulumi.Input; /** * The SupportsClassC value. */ supportsClassC?: pulumi.Input; /** * The SupportsJoin value. */ supportsJoin?: pulumi.Input; } interface FuotaTaskLoRaWanArgs { /** * FUOTA task LoRaWAN RF region */ rfRegion: pulumi.Input; /** * FUOTA task LoRaWAN start time */ startTime?: pulumi.Input; } interface MulticastGroupLoRaWanArgs { /** * Multicast group LoRaWAN DL Class */ dlClass: pulumi.Input; /** * Multicast group number of devices in group. Returned after successful read. */ numberOfDevicesInGroup?: pulumi.Input; /** * Multicast group number of devices requested. Returned after successful read. */ numberOfDevicesRequested?: pulumi.Input; /** * Multicast group LoRaWAN RF region */ rfRegion: pulumi.Input; } interface ServiceProfileLoRaWanServiceProfileArgs { /** * The AddGWMetaData value. */ addGwMetadata?: pulumi.Input; /** * The ChannelMask value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ channelMask?: pulumi.Input; /** * The DevStatusReqFreq value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ devStatusReqFreq?: pulumi.Input; /** * The DLBucketSize value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ dlBucketSize?: pulumi.Input; /** * The DLRate value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ dlRate?: pulumi.Input; /** * The DLRatePolicy value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ dlRatePolicy?: pulumi.Input; /** * The DRMax value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ drMax?: pulumi.Input; /** * The DRMin value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ drMin?: pulumi.Input; /** * The HRAllowed value that describes whether handover roaming is allowed. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ hrAllowed?: pulumi.Input; /** * The MinGwDiversity value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ minGwDiversity?: pulumi.Input; /** * The NwkGeoLoc value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ nwkGeoLoc?: pulumi.Input; /** * The PRAllowed value that describes whether passive roaming is allowed. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ prAllowed?: pulumi.Input; /** * The RAAllowed value that describes whether roaming activation is allowed. */ raAllowed?: pulumi.Input; /** * The ReportDevStatusBattery value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ reportDevStatusBattery?: pulumi.Input; /** * The ReportDevStatusMargin value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ reportDevStatusMargin?: pulumi.Input; /** * The TargetPer value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ targetPer?: pulumi.Input; /** * The UlBucketSize value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ ulBucketSize?: pulumi.Input; /** * The ULRate value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ ulRate?: pulumi.Input; /** * The ULRatePolicy value. * * This property is `ReadOnly` and can't be inputted for create. It's returned with `Fn::GetAtt` */ ulRatePolicy?: pulumi.Input; } interface TaskDefinitionLoRaWanGatewayVersionArgs { /** * The model number of the wireless gateway. */ model?: pulumi.Input; /** * The version of the wireless gateway firmware. */ packageVersion?: pulumi.Input; /** * The basic station version of the wireless gateway. */ station?: pulumi.Input; } interface TaskDefinitionLoRaWanUpdateGatewayTaskCreateArgs { /** * The version of the gateways that should receive the update. */ currentVersion?: pulumi.Input; /** * The CRC of the signature private key to check. */ sigKeyCrc?: pulumi.Input; /** * The signature used to verify the update firmware. */ updateSignature?: pulumi.Input; /** * The firmware version to update the gateway to. */ updateVersion?: pulumi.Input; } interface TaskDefinitionLoRaWanUpdateGatewayTaskEntryArgs { /** * The version of the gateways that should receive the update. */ currentVersion?: pulumi.Input; /** * The firmware version to update the gateway to. */ updateVersion?: pulumi.Input; } interface TaskDefinitionUpdateWirelessGatewayTaskCreateArgs { /** * The properties that relate to the LoRaWAN wireless gateway. */ loRaWan?: pulumi.Input; /** * The IAM role used to read data from the S3 bucket. */ updateDataRole?: pulumi.Input; /** * The link to the S3 bucket. */ updateDataSource?: pulumi.Input; } /** * Trace content for your wireless gateway and wireless device resources */ interface TraceContentPropertiesArgs { /** * The log level for a log message. The log levels can be disabled, or set to `ERROR` to display less verbose logs containing only error information, or to `INFO` for more detailed logs */ logLevel?: pulumi.Input; /** * `FrameInfo` of your wireless device resources for the trace content. Use FrameInfo to debug the communication between your LoRaWAN end devices and the network server. */ wirelessDeviceFrameInfo?: pulumi.Input; } interface WirelessDeviceAbpV10xArgs { /** * The DevAddr value. */ devAddr: pulumi.Input; /** * Session keys for ABP v1.0.x. */ sessionKeys: pulumi.Input; } interface WirelessDeviceAbpV11Args { /** * The DevAddr value. */ devAddr: pulumi.Input; /** * Session keys for ABP v1.1. */ sessionKeys: pulumi.Input; } /** * LoRaWAN application configuration, which can be used to perform geolocation. */ interface WirelessDeviceApplicationArgs { /** * The name of the position data destination that describes the AWS IoT rule that processes the device's position data for use by AWS IoT Core for LoRaWAN. */ destinationName?: pulumi.Input; /** * The Fport value. */ fPort?: pulumi.Input; /** * Application type, which can be specified to obtain real-time position information of your LoRaWAN device. */ type?: pulumi.Input; } interface WirelessDeviceFPortsArgs { /** * A list of optional LoRaWAN application information, which can be used for geolocation. */ applications?: pulumi.Input[]>; } interface WirelessDeviceLoRaWanDeviceArgs { /** * ABP device object for LoRaWAN specification v1.0.x. */ abpV10x?: pulumi.Input; /** * ABP device object for create APIs for v1.1. */ abpV11?: pulumi.Input; /** * The DevEUI value. */ devEui?: pulumi.Input; /** * The ID of the device profile for the new wireless device. */ deviceProfileId?: pulumi.Input; /** * List of FPort assigned for different LoRaWAN application packages to use. */ fPorts?: pulumi.Input; /** * OTAA device object for create APIs for v1.0.x */ otaaV10x?: pulumi.Input; /** * OTAA device object for v1.1 for create APIs. */ otaaV11?: pulumi.Input; /** * The ID of the service profile. */ serviceProfileId?: pulumi.Input; } interface WirelessDeviceOtaaV10xArgs { /** * The AppEUI value. You specify this value when using LoRaWAN versions v1.0.2 or v1.0.3. */ appEui: pulumi.Input; /** * The AppKey value. */ appKey: pulumi.Input; } interface WirelessDeviceOtaaV11Args { /** * The AppKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ appKey: pulumi.Input; /** * The JoinEUI value. */ joinEui: pulumi.Input; /** * The NwkKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ nwkKey: pulumi.Input; } interface WirelessDeviceSessionKeysAbpV10xArgs { /** * The AppSKey value. */ appSKey: pulumi.Input; /** * The NwkKey value. */ nwkSKey: pulumi.Input; } interface WirelessDeviceSessionKeysAbpV11Args { /** * The AppSKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the AppSKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ appSKey: pulumi.Input; /** * The FNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the FNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ fNwkSIntKey: pulumi.Input; /** * The NwkSEncKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the NwkSEncKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ nwkSEncKey: pulumi.Input; /** * The SNwkSIntKey is a secret key, which you should handle in a similar way as you would an application password. You can protect the SNwkSIntKey value by storing it in the AWS Secrets Manager and use the [secretsmanager](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html#dynamic-references-secretsmanager) to reference this value. */ sNwkSIntKey: pulumi.Input; } interface WirelessGatewayLoRaWanGatewayArgs { /** * The gateway's EUI value. */ gatewayEui: pulumi.Input; /** * The frequency band (RFRegion) value. */ rfRegion: pulumi.Input; } } export declare namespace ivs { interface ChannelMultitrackInputConfigurationArgs { /** * Indicates whether multitrack input is enabled. Can be set to true only if channel type is STANDARD. Setting enabled to true with any other channel type will cause an exception. If true, then policy, maximumResolution, and containerFormat are required, and containerFormat must be set to FRAGMENTED_MP4. Default: false. */ enabled?: pulumi.Input; /** * Maximum resolution for multitrack input. Required if enabled is true. */ maximumResolution?: pulumi.Input; /** * Indicates whether multitrack input is allowed or required. Required if enabled is true. */ policy?: pulumi.Input; } /** * Recording Destination Configuration. */ interface RecordingConfigurationDestinationConfigurationArgs { /** * An S3 destination configuration where recorded videos will be stored. See the [S3DestinationConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ivs-recordingconfiguration-s3destinationconfiguration.html) property type for more information. */ s3?: pulumi.Input; } /** * Rendition Configuration describes which renditions should be recorded for a stream. */ interface RecordingConfigurationRenditionConfigurationArgs { /** * Resolution Selection indicates which set of renditions are recorded for a stream. */ renditionSelection?: pulumi.Input; /** * Renditions indicates which renditions are recorded for a stream. */ renditions?: pulumi.Input[]>; } /** * Recording S3 Destination Configuration. */ interface RecordingConfigurationS3DestinationConfigurationArgs { /** * Location (S3 bucket name) where recorded videos will be stored. */ bucketName: pulumi.Input; } /** * Recording Thumbnail Configuration. */ interface RecordingConfigurationThumbnailConfigurationArgs { /** * Thumbnail Recording Mode, which determines whether thumbnails are recorded at an interval or are disabled. */ recordingMode?: pulumi.Input; /** * Resolution indicates the desired resolution of recorded thumbnails. */ resolution?: pulumi.Input; /** * Storage indicates the format in which thumbnails are recorded. */ storage?: pulumi.Input[]>; /** * Target Interval Seconds defines the interval at which thumbnails are recorded. This field is required if RecordingMode is INTERVAL. */ targetIntervalSeconds?: pulumi.Input; } /** * Configuration object for individual participant recording, to attach to the new stage. */ interface StageAutoParticipantRecordingConfigurationArgs { /** * HLS configuration object for individual participant recording. */ hlsConfiguration?: pulumi.Input; /** * Types of media to be recorded. Default: AUDIO_VIDEO. */ mediaTypes?: pulumi.Input[]>; /** * If a stage publisher disconnects and then reconnects within the specified interval, the multiple recordings will be considered a single recording and merged together. The default value is 0, which disables merging. */ recordingReconnectWindowSeconds?: pulumi.Input; /** * ARN of the StorageConfiguration resource to use for individual participant recording. */ storageConfigurationArn: pulumi.Input; /** * A complex type that allows you to enable/disable the recording of thumbnails for individual participant recording and modify the interval at which thumbnails are generated for the live session. */ thumbnailConfiguration?: pulumi.Input; } /** * HLS configuration object for individual participant recording. */ interface StageHlsConfigurationArgs { /** * Object specifying a configuration of participant HLS recordings for individual participant recording. */ participantRecordingHlsConfiguration?: pulumi.Input; } /** * An object representing a configuration of participant HLS recordings for individual participant recording. */ interface StageParticipantRecordingHlsConfigurationArgs { /** * Defines the target duration for recorded segments generated when recording a stage participant. Segments may have durations longer than the specified value when needed to ensure each segment begins with a keyframe. Default: 6. */ targetSegmentDurationSeconds?: pulumi.Input; } /** * A complex type that allows you to enable/disable the recording of thumbnails for individual participant recording and modify the interval at which thumbnails are generated for the live session. */ interface StageThumbnailConfigurationArgs { /** * An object representing a configuration of thumbnails for recorded video from an individual participant. */ participantThumbnailConfiguration?: pulumi.Input; } /** * An object representing a configuration of thumbnails for recorded video from an individual participant. */ interface StageThumbnailConfigurationParticipantThumbnailConfigurationPropertiesArgs { /** * Thumbnail recording mode. Default: DISABLED. */ recordingMode?: pulumi.Input; /** * Indicates the format in which thumbnails are recorded. SEQUENTIAL records all generated thumbnails in a serial manner, to the media/thumbnails/high directory. LATEST saves the latest thumbnail in media/latest_thumbnail/high/thumb.jpg and overwrites it at the interval specified by targetIntervalSeconds. You can enable both SEQUENTIAL and LATEST. Default: SEQUENTIAL. */ storage?: pulumi.Input[]>; /** * The targeted thumbnail-generation interval in seconds. This is configurable only if recordingMode is INTERVAL. Default: 60. */ targetIntervalSeconds?: pulumi.Input; } /** * A complex type that describes an S3 location where recorded videos will be stored. */ interface StorageConfigurationS3StorageConfigurationArgs { /** * Location (S3 bucket name) where recorded videos will be stored. Note that the StorageConfiguration and S3 bucket must be in the same region as the Composition. */ bucketName: pulumi.Input; } /** * Video configuration. Default: video resolution 1280x720, bitrate 2500 kbps, 30 fps */ interface VideoPropertiesArgs { /** * Bitrate for generated output, in bps. Default: 2500000. */ bitrate?: pulumi.Input; /** * Video frame rate, in fps. Default: 30. */ framerate?: pulumi.Input; /** * Video-resolution height. This must be an even number. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 720. */ height?: pulumi.Input; /** * Video-resolution width. This must be an even number. Note that the maximum value is determined by width times height, such that the maximum total pixels is 2073600 (1920x1080 or 1080x1920). Default: 1280. */ width?: pulumi.Input; } } export declare namespace ivschat { /** * CloudWatch destination configuration for IVS Chat logging. */ interface LoggingConfigurationCloudWatchLogsDestinationConfigurationArgs { /** * Name of the Amazon CloudWatch Logs log group where chat activity will be logged. */ logGroupName: pulumi.Input; } /** * Destination configuration for IVS Chat logging. */ interface LoggingConfigurationDestinationConfigurationArgs { /** * An Amazon CloudWatch Logs destination configuration where chat activity will be logged. */ cloudWatchLogs?: pulumi.Input; /** * An Amazon Kinesis Data Firehose destination configuration where chat activity will be logged. */ firehose?: pulumi.Input; /** * An Amazon S3 destination configuration where chat activity will be logged. */ s3?: pulumi.Input; } /** * Kinesis Firehose destination configuration for IVS Chat logging. */ interface LoggingConfigurationFirehoseDestinationConfigurationArgs { /** * Name of the Amazon Kinesis Firehose delivery stream where chat activity will be logged. */ deliveryStreamName: pulumi.Input; } /** * S3 destination configuration for IVS Chat logging. */ interface LoggingConfigurationS3DestinationConfigurationArgs { /** * Name of the Amazon S3 bucket where chat activity will be logged. */ bucketName: pulumi.Input; } /** * Configuration information for optional review of messages. */ interface RoomMessageReviewHandlerArgs { /** * Specifies the fallback behavior if the handler does not return a valid response, encounters an error, or times out. */ fallbackResult?: pulumi.Input; /** * Identifier of the message review handler. */ uri?: pulumi.Input; } } export declare namespace kafkaconnect { /** * Details of how to connect to an Apache Kafka cluster. */ interface ConnectorApacheKafkaClusterArgs { /** * The bootstrap servers string of the Apache Kafka cluster. */ bootstrapServers: pulumi.Input; /** * Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster. */ vpc: pulumi.Input; } /** * Details about auto scaling of a connector. */ interface ConnectorAutoScalingArgs { /** * The maximum number of tasks allocated to the connector during autoscaling operations. */ maxAutoscalingTaskCount?: pulumi.Input; /** * The maximum number of workers for a connector. */ maxWorkerCount: pulumi.Input; /** * Specifies how many MSK Connect Units (MCU) as the minimum scaling unit. */ mcuCount: pulumi.Input; /** * The minimum number of workers for a connector. */ minWorkerCount: pulumi.Input; /** * The sacle-in policy for the connector. */ scaleInPolicy: pulumi.Input; /** * The sacle-out policy for the connector. */ scaleOutPolicy: pulumi.Input; } /** * Information about the capacity allocated to the connector. */ interface ConnectorCapacityArgs { /** * Information about the auto scaling parameters for the connector. */ autoScaling?: pulumi.Input; /** * Details about a fixed capacity allocated to a connector. */ provisionedCapacity?: pulumi.Input; } /** * Details about delivering logs to Amazon CloudWatch Logs. */ interface ConnectorCloudWatchLogsLogDeliveryArgs { /** * Specifies whether the logs get sent to the specified CloudWatch Logs destination. */ enabled: pulumi.Input; /** * The CloudWatch log group that is the destination for log delivery. */ logGroup?: pulumi.Input; } /** * Details about a custom plugin. */ interface ConnectorCustomPluginArgs { /** * The Amazon Resource Name (ARN) of the custom plugin to use. */ customPluginArn: pulumi.Input; /** * The revision of the custom plugin to use. */ revision: pulumi.Input; } /** * Details about delivering logs to Amazon Kinesis Data Firehose. */ interface ConnectorFirehoseLogDeliveryArgs { /** * The Kinesis Data Firehose delivery stream that is the destination for log delivery. */ deliveryStream?: pulumi.Input; /** * Specifies whether the logs get sent to the specified Kinesis Data Firehose delivery stream. */ enabled: pulumi.Input; } /** * Details of how to connect to the Kafka cluster. */ interface ConnectorKafkaClusterArgs { /** * The Apache Kafka cluster to which the connector is connected. */ apacheKafkaCluster: pulumi.Input; } /** * Details of the client authentication used by the Kafka cluster. */ interface ConnectorKafkaClusterClientAuthenticationArgs { /** * The type of client authentication used to connect to the Apache Kafka cluster. Value NONE means that no client authentication is used. */ authenticationType: pulumi.Input; } /** * Details of encryption in transit to the Kafka cluster. */ interface ConnectorKafkaClusterEncryptionInTransitArgs { /** * The type of encryption in transit to the Apache Kafka cluster. */ encryptionType: pulumi.Input; } /** * Details of what logs are delivered and where they are delivered. */ interface ConnectorLogDeliveryArgs { /** * The workers can send worker logs to different destination types. This configuration specifies the details of these destinations. */ workerLogDelivery: pulumi.Input; } /** * Details about a Kafka Connect plugin which will be used with the connector. */ interface ConnectorPluginArgs { /** * Details about a custom plugin. */ customPlugin: pulumi.Input; } /** * Details about a fixed capacity allocated to a connector. */ interface ConnectorProvisionedCapacityArgs { /** * Specifies how many MSK Connect Units (MCU) are allocated to the connector. */ mcuCount: pulumi.Input; /** * Number of workers for a connector. */ workerCount: pulumi.Input; } /** * Details about delivering logs to Amazon S3. */ interface ConnectorS3LogDeliveryArgs { /** * The name of the S3 bucket that is the destination for log delivery. */ bucket?: pulumi.Input; /** * Specifies whether the logs get sent to the specified Amazon S3 destination. */ enabled: pulumi.Input; /** * The S3 prefix that is the destination for log delivery. */ prefix?: pulumi.Input; } /** * Information about the scale in policy of the connector. */ interface ConnectorScaleInPolicyArgs { /** * Specifies the CPU utilization percentage threshold at which connector scale in should trigger. */ cpuUtilizationPercentage: pulumi.Input; } /** * Information about the scale out policy of the connector. */ interface ConnectorScaleOutPolicyArgs { /** * Specifies the CPU utilization percentage threshold at which connector scale out should trigger. */ cpuUtilizationPercentage: pulumi.Input; } /** * Information about a VPC used with the connector. */ interface ConnectorVpcArgs { /** * The AWS security groups to associate with the elastic network interfaces in order to specify what the connector has access to. */ securityGroups: pulumi.Input[]>; /** * The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets. */ subnets: pulumi.Input[]>; } /** * Specifies the worker configuration to use with the connector. */ interface ConnectorWorkerConfigurationArgs { /** * The revision of the worker configuration to use. */ revision: pulumi.Input; /** * The Amazon Resource Name (ARN) of the worker configuration to use. */ workerConfigurationArn: pulumi.Input; } /** * Specifies where worker logs are delivered. */ interface ConnectorWorkerLogDeliveryArgs { /** * Details about delivering logs to Amazon CloudWatch Logs. */ cloudWatchLogs?: pulumi.Input; /** * Details about delivering logs to Amazon Kinesis Data Firehose. */ firehose?: pulumi.Input; /** * Details about delivering logs to Amazon S3. */ s3?: pulumi.Input; } /** * Information about the location of a custom plugin. */ interface CustomPluginLocationArgs { /** * The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3. */ s3Location: pulumi.Input; } /** * The S3 bucket Amazon Resource Name (ARN), file key, and object version of the plugin file stored in Amazon S3. */ interface CustomPluginS3LocationArgs { /** * The Amazon Resource Name (ARN) of an S3 bucket. */ bucketArn: pulumi.Input; /** * The file key for an object in an S3 bucket. */ fileKey: pulumi.Input; /** * The version of an object in an S3 bucket. */ objectVersion?: pulumi.Input; } } export declare namespace kendra { interface DataSourceAccessControlListConfigurationArgs { /** * Path to the AWS S3 bucket that contains the access control list files. */ keyPath?: pulumi.Input; } interface DataSourceAclConfigurationArgs { /** * A list of groups, separated by semi-colons, that filters a query response based on user context. The document is only returned to users that are in one of the groups specified in the `UserContext` field of the [Query](https://docs.aws.amazon.com/kendra/latest/dg/API_Query.html) operation. */ allowedGroupsColumnName: pulumi.Input; } interface DataSourceColumnConfigurationArgs { /** * One to five columns that indicate when a document in the database has changed. */ changeDetectingColumns: pulumi.Input[]>; /** * The column that contains the contents of the document. */ documentDataColumnName: pulumi.Input; /** * The column that provides the document's identifier. */ documentIdColumnName: pulumi.Input; /** * The column that contains the title of the document. */ documentTitleColumnName?: pulumi.Input; /** * An array of objects that map database column names to the corresponding fields in an index. You must first create the fields in the index using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation. */ fieldMappings?: pulumi.Input[]>; } interface DataSourceConfigurationArgs { /** * Provides the configuration information to connect to Confluence as your data source. */ confluenceConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to a database as your data source. */ databaseConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to Google Drive as your data source. */ googleDriveConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to Microsoft OneDrive as your data source. */ oneDriveConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to an Amazon S3 bucket as your data source. * * > Amazon Kendra now supports an upgraded Amazon S3 connector. * > * > You must now use the [TemplateConfiguration](https://docs.aws.amazon.com/kendra/latest/APIReference/API_TemplateConfiguration.html) object instead of the `S3DataSourceConfiguration` object to configure your connector. * > * > Connectors configured using the older console and API architecture will continue to function as configured. However, you won't be able to edit or update them. If you want to edit or update your connector configuration, you must create a new connector. * > * > We recommended migrating your connector workflow to the upgraded version. Support for connectors configured using the older architecture is scheduled to end by June 2024. */ s3Configuration?: pulumi.Input; /** * Provides the configuration information to connect to Salesforce as your data source. */ salesforceConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to ServiceNow as your data source. */ serviceNowConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to Microsoft SharePoint as your data source. */ sharePointConfiguration?: pulumi.Input; /** * Provides a template for the configuration information to connect to your data source. */ templateConfiguration?: pulumi.Input; /** * Provides the configuration information required for Amazon Kendra Web Crawler. */ webCrawlerConfiguration?: pulumi.Input; /** * Provides the configuration information to connect to WorkDocs as your data source. */ workDocsConfiguration?: pulumi.Input; } interface DataSourceConfluenceAttachmentConfigurationArgs { /** * Maps attributes or field names of Confluence attachments to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata. * * If you specify the `AttachentFieldMappings` parameter, you must specify at least one field mapping. */ attachmentFieldMappings?: pulumi.Input[]>; /** * `TRUE` to index attachments of pages and blogs in Confluence. */ crawlAttachments?: pulumi.Input; } interface DataSourceConfluenceAttachmentToIndexFieldMappingArgs { dataSourceFieldName: pulumi.Input; dateFieldFormat?: pulumi.Input; indexFieldName: pulumi.Input; } interface DataSourceConfluenceBlogConfigurationArgs { /** * Maps attributes or field names of Confluence blogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata. * * If you specify the `BlogFieldMappings` parameter, you must specify at least one field mapping. */ blogFieldMappings?: pulumi.Input[]>; } interface DataSourceConfluenceBlogToIndexFieldMappingArgs { dataSourceFieldName: pulumi.Input; dateFieldFormat?: pulumi.Input; indexFieldName: pulumi.Input; } interface DataSourceConfluenceConfigurationArgs { /** * Configuration information for indexing attachments to Confluence blogs and pages. */ attachmentConfiguration?: pulumi.Input; /** * Configuration information for indexing Confluence blogs. */ blogConfiguration?: pulumi.Input; /** * A list of regular expression patterns to exclude certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are excluded from the index. Content that doesn't match the patterns is included in the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index. */ exclusionPatterns?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain blog posts, pages, spaces, or attachments in your Confluence. Content that matches the patterns are included in the index. Content that doesn't match the patterns is excluded from the index. If content matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the content isn't included in the index. */ inclusionPatterns?: pulumi.Input[]>; /** * Configuration information for indexing Confluence pages. */ pageConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the Confluence instance. If you use Confluence Cloud, you use a generated API token as the password. * * You can also provide authentication credentials in the form of a personal access token. For more information, see [Using a Confluence data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-confluence.html) . */ secretArn: pulumi.Input; /** * The URL of your Confluence instance. Use the full URL of the server. For example, *https://server.example.com:port/* . You can also use an IP address, for example, *https://192.168.1.113/* . */ serverUrl: pulumi.Input; /** * Configuration information for indexing Confluence spaces. */ spaceConfiguration?: pulumi.Input; /** * The version or the type of Confluence installation to connect to. */ version: pulumi.Input; /** * Configuration information for an Amazon Virtual Private Cloud to connect to your Confluence. For more information, see [Configuring a VPC](https://docs.aws.amazon.com/kendra/latest/dg/vpc-configuration.html) . */ vpcConfiguration?: pulumi.Input; } interface DataSourceConfluencePageConfigurationArgs { /** * Maps attributes or field names of Confluence pages to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata. * * If you specify the `PageFieldMappings` parameter, you must specify at least one field mapping. */ pageFieldMappings?: pulumi.Input[]>; } interface DataSourceConfluencePageToIndexFieldMappingArgs { dataSourceFieldName: pulumi.Input; dateFieldFormat?: pulumi.Input; indexFieldName: pulumi.Input; } interface DataSourceConfluenceSpaceConfigurationArgs { /** * `TRUE` to index archived spaces. */ crawlArchivedSpaces?: pulumi.Input; /** * `TRUE` to index personal spaces. You can add restrictions to items in personal spaces. If personal spaces are indexed, queries without user context information may return restricted items from a personal space in their results. For more information, see [Filtering on user context](https://docs.aws.amazon.com/kendra/latest/dg/user-context-filter.html) . */ crawlPersonalSpaces?: pulumi.Input; /** * A list of space keys of Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are not indexed. If a space is in both the `ExcludeSpaces` and the `IncludeSpaces` list, the space is excluded. */ excludeSpaces?: pulumi.Input[]>; /** * A list of space keys for Confluence spaces. If you include a key, the blogs, documents, and attachments in the space are indexed. Spaces that aren't in the list aren't indexed. A space in the list must exist. Otherwise, Amazon Kendra logs an error when the data source is synchronized. If a space is in both the `IncludeSpaces` and the `ExcludeSpaces` list, the space is excluded. */ includeSpaces?: pulumi.Input[]>; /** * Maps attributes or field names of Confluence spaces to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Confluence fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Confluence data source field names must exist in your Confluence custom metadata. * * If you specify the `SpaceFieldMappings` parameter, you must specify at least one field mapping. */ spaceFieldMappings?: pulumi.Input[]>; } interface DataSourceConfluenceSpaceToIndexFieldMappingArgs { dataSourceFieldName: pulumi.Input; dateFieldFormat?: pulumi.Input; indexFieldName: pulumi.Input; } interface DataSourceConnectionConfigurationArgs { /** * The name of the host for the database. Can be either a string (host.subdomain.domain.tld) or an IPv4 or IPv6 address. */ databaseHost: pulumi.Input; /** * The name of the database containing the document data. */ databaseName: pulumi.Input; /** * The port that the database uses for connections. */ databasePort: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that stores the credentials. The credentials should be a user-password pair. For more information, see [Using a Database Data Source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-database.html) . For more information about AWS Secrets Manager , see [What Is AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) in the *AWS Secrets Manager* user guide. */ secretArn: pulumi.Input; /** * The name of the table that contains the document data. */ tableName: pulumi.Input; } interface DataSourceCustomDocumentEnrichmentConfigurationArgs { /** * Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Kendra. */ inlineConfigurations?: pulumi.Input[]>; /** * Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) . */ postExtractionHookConfiguration?: pulumi.Input; /** * Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Advanced data manipulation](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#advanced-data-manipulation) . */ preExtractionHookConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an IAM role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) . */ roleArn?: pulumi.Input; } interface DataSourceDatabaseConfigurationArgs { /** * Information about the database column that provides information for user context filtering. */ aclConfiguration?: pulumi.Input; /** * Information about where the index should get the document information from the database. */ columnConfiguration: pulumi.Input; /** * Configuration information that's required to connect to a database. */ connectionConfiguration: pulumi.Input; /** * The type of database engine that runs the database. */ databaseEngineType: pulumi.Input; /** * Provides information about how Amazon Kendra uses quote marks around SQL identifiers when querying a database data source. */ sqlConfiguration?: pulumi.Input; /** * Provides information for connecting to an Amazon VPC. */ vpcConfiguration?: pulumi.Input; } interface DataSourceDocumentAttributeConditionArgs { /** * The identifier of the document attribute used for the condition. * * For example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. * * Amazon Kendra currently does not support `_document_body` as an attribute key used for the condition. */ conditionDocumentAttributeKey: pulumi.Input; /** * The value used by the operator. * * For example, you can specify the value 'financial' for strings in the 'Source_URI' field that partially match or contain this value. */ conditionOnValue?: pulumi.Input; /** * The condition operator. * * For example, you can use 'Contains' to partially match a string. */ operator: pulumi.Input; } interface DataSourceDocumentAttributeTargetArgs { targetDocumentAttributeKey: pulumi.Input; targetDocumentAttributeValue?: pulumi.Input; targetDocumentAttributeValueDeletion?: pulumi.Input; } interface DataSourceDocumentAttributeValueArgs { /** * A date expressed as an ISO 8601 string. * * It is important for the time zone to be included in the ISO 8601 date-time format. For example, 2012-03-25T12:30:10+01:00 is the ISO 8601 date-time format for March 25th 2012 at 12:30PM (plus 10 seconds) in Central European Time. */ dateValue?: pulumi.Input; /** * A long integer value. */ longValue?: pulumi.Input; /** * A list of strings. The default maximum length or number of strings is 10. */ stringListValue?: pulumi.Input[]>; /** * A string, such as "department". */ stringValue?: pulumi.Input; } interface DataSourceDocumentsMetadataConfigurationArgs { /** * A prefix used to filter metadata configuration files in the AWS S3 bucket. The S3 bucket might contain multiple metadata files. Use `S3Prefix` to include only the desired metadata files. */ s3Prefix?: pulumi.Input; } interface DataSourceGoogleDriveConfigurationArgs { /** * A list of MIME types to exclude from the index. All documents matching the specified MIME type are excluded. * * For a list of MIME types, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) . */ excludeMimeTypes?: pulumi.Input[]>; /** * A list of identifiers or shared drives to exclude from the index. All files and folders stored on the shared drive are excluded. */ excludeSharedDrives?: pulumi.Input[]>; /** * A list of email addresses of the users. Documents owned by these users are excluded from the index. Documents shared with excluded users are indexed unless they are excluded in another way. */ excludeUserAccounts?: pulumi.Input[]>; /** * A list of regular expression patterns to exclude certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. */ exclusionPatterns?: pulumi.Input[]>; /** * Maps Google Drive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Google Drive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Google Drive data source field names must exist in your Google Drive custom metadata. */ fieldMappings?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain items in your Google Drive, including shared drives and users' My Drives. Items that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. */ inclusionPatterns?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of a AWS Secrets Manager secret that contains the credentials required to connect to Google Drive. For more information, see [Using a Google Workspace Drive data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-google-drive.html) . */ secretArn: pulumi.Input; } interface DataSourceHookConfigurationArgs { /** * The condition used for when a Lambda function should be invoked. * * For example, you can specify a condition that if there are empty date-time values, then Amazon Kendra should invoke a function that inserts the current date-time. */ invocationCondition?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an IAM role with permission to run a Lambda function during ingestion. For more information, see [an IAM roles for Amazon Kendra](https://docs.aws.amazon.com/kendra/latest/dg/iam-roles.html) . */ lambdaArn: pulumi.Input; /** * Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/kendra/latest/dg/custom-document-enrichment.html#cde-data-contracts-lambda) . */ s3Bucket: pulumi.Input; } interface DataSourceInlineCustomDocumentEnrichmentConfigurationArgs { condition?: pulumi.Input; documentContentDeletion?: pulumi.Input; target?: pulumi.Input; } interface DataSourceOneDriveConfigurationArgs { /** * `TRUE` to disable local groups information. */ disableLocalGroups?: pulumi.Input; /** * A list of regular expression patterns to exclude certain documents in your OneDrive. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index. * * The pattern is applied to the file name. */ exclusionPatterns?: pulumi.Input[]>; /** * A list of `DataSourceToIndexFieldMapping` objects that map OneDrive data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to OneDrive fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The OneDrive data source field names must exist in your OneDrive custom metadata. */ fieldMappings?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain documents in your OneDrive. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index. * * The pattern is applied to the file name. */ inclusionPatterns?: pulumi.Input[]>; /** * A list of user accounts whose documents should be indexed. */ oneDriveUsers: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password to connect to OneDrive. The user name should be the application ID for the OneDrive application, and the password is the application key for the OneDrive application. */ secretArn: pulumi.Input; /** * The Azure Active Directory domain of the organization. */ tenantDomain: pulumi.Input; } interface DataSourceOneDriveUsersArgs { /** * A list of users whose documents should be indexed. Specify the user names in email format, for example, `username@tenantdomain` . If you need to index the documents of more than 10 users, use the `OneDriveUserS3Path` field to specify the location of a file containing a list of users. */ oneDriveUserList?: pulumi.Input[]>; /** * The S3 bucket location of a file containing a list of users whose documents should be indexed. */ oneDriveUserS3Path?: pulumi.Input; } interface DataSourceProxyConfigurationArgs { /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret. You create a secret to store your credentials in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) * * The credentials are optional. You use a secret if web proxy credentials are required to connect to a website host. Amazon Kendra currently support basic authentication to connect to a web proxy server. The secret stores your credentials. */ credentials?: pulumi.Input; /** * The name of the website host you want to connect to via a web proxy server. * * For example, the host name of https://a.example.com/page1.html is "a.example.com". */ host: pulumi.Input; /** * The port number of the website host you want to connect to via a web proxy server. * * For example, the port for https://a.example.com/page1.html is 443, the standard port for HTTPS. */ port: pulumi.Input; } /** * S3 data source configuration */ interface DataSourceS3DataSourceConfigurationArgs { /** * Provides the path to the S3 bucket that contains the user context filtering files for the data source. For the format of the file, see [Access control for S3 data sources](https://docs.aws.amazon.com/kendra/latest/dg/s3-acl.html) . */ accessControlListConfiguration?: pulumi.Input; /** * The name of the bucket that contains the documents. */ bucketName: pulumi.Input; /** * Specifies document metadata files that contain information such as the document access control information, source URI, document author, and custom attributes. Each metadata file contains metadata about a single document. */ documentsMetadataConfiguration?: pulumi.Input; /** * A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to exclude from your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include: * * - */myapp/config/** —All files inside config directory. * - ***/*.png* —All .png files in all directories. * - ***/*.{png, ico, md}* —All .png, .ico or .md files in all directories. * - */myapp/src/**/*.ts* —All .ts files inside src directory (and all its subdirectories). * - ***/!(*.module).ts* —All .ts files but not .module.ts * - **.png , *.jpg* —All PNG and JPEG image files in a directory (files with the extensions .png and .jpg). * - **internal** —All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'. * - ***/*internal** —All internal-related files in a directory and its subdirectories. * * For more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference. */ exclusionPatterns?: pulumi.Input[]>; /** * A list of glob patterns (patterns that can expand a wildcard pattern into a list of path names that match the given pattern) for certain file names and file types to include in your index. If a document matches both an inclusion and exclusion prefix or pattern, the exclusion prefix takes precendence and the document is not indexed. Examples of glob patterns include: * * - */myapp/config/** —All files inside config directory. * - ***/*.png* —All .png files in all directories. * - ***/*.{png, ico, md}* —All .png, .ico or .md files in all directories. * - */myapp/src/**/*.ts* —All .ts files inside src directory (and all its subdirectories). * - ***/!(*.module).ts* —All .ts files but not .module.ts * - **.png , *.jpg* —All PNG and JPEG image files in a directory (files with the extensions .png and .jpg). * - **internal** —All files in a directory that contain 'internal' in the file name, such as 'internal', 'internal_only', 'company_internal'. * - ***/*internal** —All internal-related files in a directory and its subdirectories. * * For more examples, see [Use of Exclude and Include Filters](https://docs.aws.amazon.com/cli/latest/reference/s3/#use-of-exclude-and-include-filters) in the AWS CLI Command Reference. */ inclusionPatterns?: pulumi.Input[]>; /** * A list of S3 prefixes for the documents that should be included in the index. */ inclusionPrefixes?: pulumi.Input[]>; } interface DataSourceS3PathArgs { /** * The name of the S3 bucket that contains the file. */ bucket: pulumi.Input; /** * The name of the file. */ key: pulumi.Input; } interface DataSourceSalesforceChatterFeedConfigurationArgs { /** * The name of the column in the Salesforce FeedItem table that contains the content to index. Typically this is the `Body` column. */ documentDataFieldName: pulumi.Input; /** * The name of the column in the Salesforce FeedItem table that contains the title of the document. This is typically the `Title` column. */ documentTitleFieldName?: pulumi.Input; /** * Maps fields from a Salesforce chatter feed into Amazon Kendra index fields. */ fieldMappings?: pulumi.Input[]>; /** * Filters the documents in the feed based on status of the user. When you specify `ACTIVE_USERS` only documents from users who have an active account are indexed. When you specify `STANDARD_USER` only documents for Salesforce standard users are documented. You can specify both. */ includeFilterTypes?: pulumi.Input[]>; } interface DataSourceSalesforceConfigurationArgs { /** * Configuration information for Salesforce chatter feeds. */ chatterFeedConfiguration?: pulumi.Input; /** * Indicates whether Amazon Kendra should index attachments to Salesforce objects. */ crawlAttachments?: pulumi.Input; /** * A list of regular expression patterns to exclude certain documents in your Salesforce. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index. * * The pattern is applied to the name of the attached file. */ excludeAttachmentFilePatterns?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain documents in your Salesforce. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index. * * The pattern is applied to the name of the attached file. */ includeAttachmentFilePatterns?: pulumi.Input[]>; /** * Configuration information for the knowledge article types that Amazon Kendra indexes. Amazon Kendra indexes standard knowledge articles and the standard fields of knowledge articles, or the custom fields of custom knowledge articles, but not both. */ knowledgeArticleConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the key/value pairs required to connect to your Salesforce instance. The secret must contain a JSON structure with the following keys: * * - authenticationUrl - The OAUTH endpoint that Amazon Kendra connects to get an OAUTH token. * - consumerKey - The application public key generated when you created your Salesforce application. * - consumerSecret - The application private key generated when you created your Salesforce application. * - password - The password associated with the user logging in to the Salesforce instance. * - securityToken - The token associated with the user logging in to the Salesforce instance. * - username - The user name of the user logging in to the Salesforce instance. */ secretArn: pulumi.Input; /** * The instance URL for the Salesforce site that you want to index. */ serverUrl: pulumi.Input; /** * Configuration information for processing attachments to Salesforce standard objects. */ standardObjectAttachmentConfiguration?: pulumi.Input; /** * Configuration of the Salesforce standard objects that Amazon Kendra indexes. */ standardObjectConfigurations?: pulumi.Input[]>; } interface DataSourceSalesforceCustomKnowledgeArticleTypeConfigurationArgs { documentDataFieldName: pulumi.Input; documentTitleFieldName?: pulumi.Input; fieldMappings?: pulumi.Input[]>; name: pulumi.Input; } interface DataSourceSalesforceKnowledgeArticleConfigurationArgs { /** * Configuration information for custom Salesforce knowledge articles. */ customKnowledgeArticleTypeConfigurations?: pulumi.Input[]>; /** * Specifies the document states that should be included when Amazon Kendra indexes knowledge articles. You must specify at least one state. */ includedStates: pulumi.Input[]>; /** * Configuration information for standard Salesforce knowledge articles. */ standardKnowledgeArticleTypeConfiguration?: pulumi.Input; } interface DataSourceSalesforceStandardKnowledgeArticleTypeConfigurationArgs { /** * The name of the field that contains the document data to index. */ documentDataFieldName: pulumi.Input; /** * The name of the field that contains the document title. */ documentTitleFieldName?: pulumi.Input; /** * Maps attributes or field names of the knowledge article to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to Salesforce fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The Salesforce data source field names must exist in your Salesforce custom metadata. */ fieldMappings?: pulumi.Input[]>; } interface DataSourceSalesforceStandardObjectAttachmentConfigurationArgs { /** * The name of the field used for the document title. */ documentTitleFieldName?: pulumi.Input; /** * One or more objects that map fields in attachments to Amazon Kendra index fields. */ fieldMappings?: pulumi.Input[]>; } interface DataSourceSalesforceStandardObjectConfigurationArgs { documentDataFieldName: pulumi.Input; documentTitleFieldName?: pulumi.Input; fieldMappings?: pulumi.Input[]>; name: pulumi.Input; } interface DataSourceServiceNowConfigurationArgs { /** * The type of authentication used to connect to the ServiceNow instance. If you choose `HTTP_BASIC` , Amazon Kendra is authenticated using the user name and password provided in the AWS Secrets Manager secret in the `SecretArn` field. If you choose `OAUTH2` , Amazon Kendra is authenticated using the credentials of client ID, client secret, user name and password. * * When you use `OAUTH2` authentication, you must generate a token and a client secret using the ServiceNow console. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) . */ authenticationType?: pulumi.Input; /** * The ServiceNow instance that the data source connects to. The host endpoint should look like the following: *{instance}.service-now.com.* */ hostUrl: pulumi.Input; /** * Configuration information for crawling knowledge articles in the ServiceNow site. */ knowledgeArticleConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the user name and password required to connect to the ServiceNow instance. You can also provide OAuth authentication credentials of user name, password, client ID, and client secret. For more information, see [Using a ServiceNow data source](https://docs.aws.amazon.com/kendra/latest/dg/data-source-servicenow.html) . */ secretArn: pulumi.Input; /** * Configuration information for crawling service catalogs in the ServiceNow site. */ serviceCatalogConfiguration?: pulumi.Input; /** * The identifier of the release that the ServiceNow host is running. If the host is not running the `LONDON` release, use `OTHERS` . */ serviceNowBuildVersion: pulumi.Input; } interface DataSourceServiceNowKnowledgeArticleConfigurationArgs { /** * `TRUE` to index attachments to knowledge articles. */ crawlAttachments?: pulumi.Input; /** * The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index. */ documentDataFieldName: pulumi.Input; /** * The name of the ServiceNow field that is mapped to the index document title field. */ documentTitleFieldName?: pulumi.Input; /** * A list of regular expression patterns applied to exclude certain knowledge article attachments. Attachments that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. */ excludeAttachmentFilePatterns?: pulumi.Input[]>; /** * Maps attributes or field names of knoweldge articles to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata. */ fieldMappings?: pulumi.Input[]>; /** * A query that selects the knowledge articles to index. The query can return articles from multiple knowledge bases, and the knowledge bases can be public or private. * * The query string must be one generated by the ServiceNow console. For more information, see [Specifying documents to index with a query](https://docs.aws.amazon.com/kendra/latest/dg/servicenow-query.html) . */ filterQuery?: pulumi.Input; /** * A list of regular expression patterns applied to include knowledge article attachments. Attachments that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. */ includeAttachmentFilePatterns?: pulumi.Input[]>; } interface DataSourceServiceNowServiceCatalogConfigurationArgs { /** * `TRUE` to index attachments to service catalog items. */ crawlAttachments?: pulumi.Input; /** * The name of the ServiceNow field that is mapped to the index document contents field in the Amazon Kendra index. */ documentDataFieldName: pulumi.Input; /** * The name of the ServiceNow field that is mapped to the index document title field. */ documentTitleFieldName?: pulumi.Input; /** * A list of regular expression patterns to exclude certain attachments of catalogs in your ServiceNow. Item that match the patterns are excluded from the index. Items that don't match the patterns are included in the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. * * The regex is applied to the file name of the attachment. */ excludeAttachmentFilePatterns?: pulumi.Input[]>; /** * Maps attributes or field names of catalogs to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to ServiceNow fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The ServiceNow data source field names must exist in your ServiceNow custom metadata. */ fieldMappings?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain attachments of catalogs in your ServiceNow. Item that match the patterns are included in the index. Items that don't match the patterns are excluded from the index. If an item matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the item isn't included in the index. * * The regex is applied to the file name of the attachment. */ includeAttachmentFilePatterns?: pulumi.Input[]>; } /** * SharePoint configuration */ interface DataSourceSharePointConfigurationArgs { /** * `TRUE` to index document attachments. */ crawlAttachments?: pulumi.Input; /** * `TRUE` to disable local groups information. */ disableLocalGroups?: pulumi.Input; /** * The Microsoft SharePoint attribute field that contains the title of the document. */ documentTitleFieldName?: pulumi.Input; /** * A list of regular expression patterns. Documents that match the patterns are excluded from the index. Documents that don't match the patterns are included in the index. If a document matches both an exclusion pattern and an inclusion pattern, the document is not included in the index. * * The regex is applied to the display URL of the SharePoint document. */ exclusionPatterns?: pulumi.Input[]>; /** * A list of `DataSourceToIndexFieldMapping` objects that map Microsoft SharePoint attributes or fields to Amazon Kendra index fields. You must first create the index fields using the [UpdateIndex](https://docs.aws.amazon.com/kendra/latest/dg/API_UpdateIndex.html) operation before you map SharePoint attributes. For more information, see [Mapping Data Source Fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . */ fieldMappings?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain documents in your SharePoint. Documents that match the patterns are included in the index. Documents that don't match the patterns are excluded from the index. If a document matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the document isn't included in the index. * * The regex applies to the display URL of the SharePoint document. */ inclusionPatterns?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of an AWS Secrets Manager secret that contains the user name and password required to connect to the SharePoint instance. For more information, see [Microsoft SharePoint](https://docs.aws.amazon.com/kendra/latest/dg/data-source-sharepoint.html) . */ secretArn: pulumi.Input; /** * The version of Microsoft SharePoint that you use. */ sharePointVersion: pulumi.Input; /** * Information required to find a specific file in an Amazon S3 bucket. */ sslCertificateS3Path?: pulumi.Input; /** * The Microsoft SharePoint site URLs for the documents you want to index. */ urls: pulumi.Input[]>; /** * `TRUE` to use the SharePoint change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in SharePoint. */ useChangeLog?: pulumi.Input; /** * Provides information for connecting to an Amazon VPC. */ vpcConfiguration?: pulumi.Input; } interface DataSourceSqlConfigurationArgs { /** * Determines whether Amazon Kendra encloses SQL identifiers for tables and column names in double quotes (") when making a database query. You can set the value to `DOUBLE_QUOTES` or `NONE` . * * By default, Amazon Kendra passes SQL identifiers the way that they are entered into the data source configuration. It does not change the case of identifiers or enclose them in quotes. * * PostgreSQL internally converts uppercase characters to lower case characters in identifiers unless they are quoted. Choosing this option encloses identifiers in quotes so that PostgreSQL does not convert the character's case. * * For MySQL databases, you must enable the ansi_quotes option when you set this field to `DOUBLE_QUOTES` . */ queryIdentifiersEnclosingOption?: pulumi.Input; } interface DataSourceTemplateConfigurationArgs { /** * The template schema used for the data source, where templates schemas are supported. * * See [Data source template schemas](https://docs.aws.amazon.com/kendra/latest/dg/ds-schemas.html) . */ template: any; } interface DataSourceToIndexFieldMappingArgs { dataSourceFieldName: pulumi.Input; dateFieldFormat?: pulumi.Input; indexFieldName: pulumi.Input; } interface DataSourceVpcConfigurationArgs { /** * A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Kendra to connect to the data source. */ securityGroupIds: pulumi.Input[]>; /** * A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device. */ subnetIds: pulumi.Input[]>; } interface DataSourceWebCrawlerAuthenticationConfigurationArgs { /** * The list of configuration information that's required to connect to and crawl a website host using basic authentication credentials. * * The list includes the name and port number of the website host. */ basicAuthentication?: pulumi.Input[]>; } interface DataSourceWebCrawlerBasicAuthenticationArgs { credentials: pulumi.Input; host: pulumi.Input; port: pulumi.Input; } interface DataSourceWebCrawlerConfigurationArgs { /** * Configuration information required to connect to websites using authentication. * * You can connect to websites using basic authentication of user name and password. You use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) to store your authentication credentials. * * You must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is "a.example.com" and the port is 443, the standard port for HTTPS. */ authenticationConfiguration?: pulumi.Input; /** * The 'depth' or number of levels from the seed level to crawl. For example, the seed URL page is depth 1 and any hyperlinks on this page that are also crawled are depth 2. */ crawlDepth?: pulumi.Input; /** * The maximum size (in MB) of a web page or attachment to crawl. * * Files larger than this size (in MB) are skipped/not crawled. * * The default maximum size of a web page or attachment is set to 50 MB. */ maxContentSizePerPageInMegaBytes?: pulumi.Input; /** * The maximum number of URLs on a web page to include when crawling a website. This number is per web page. * * As a website’s web pages are crawled, any URLs the web pages link to are also crawled. URLs on a web page are crawled in order of appearance. * * The default maximum links per page is 100. */ maxLinksPerPage?: pulumi.Input; /** * The maximum number of URLs crawled per website host per minute. * * A minimum of one URL is required. * * The default maximum number of URLs crawled per website host per minute is 300. */ maxUrlsPerMinuteCrawlRate?: pulumi.Input; /** * Configuration information required to connect to your internal websites via a web proxy. * * You must provide the website host name and port number. For example, the host name of https://a.example.com/page1.html is "a.example.com" and the port is 443, the standard port for HTTPS. * * Web proxy credentials are optional and you can use them to connect to a web proxy server that requires basic authentication. To store web proxy credentials, you use a secret in [AWS Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/intro.html) . */ proxyConfiguration?: pulumi.Input; /** * A list of regular expression patterns to exclude certain URLs to crawl. URLs that match the patterns are excluded from the index. URLs that don't match the patterns are included in the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index. */ urlExclusionPatterns?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain URLs to crawl. URLs that match the patterns are included in the index. URLs that don't match the patterns are excluded from the index. If a URL matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the URL file isn't included in the index. */ urlInclusionPatterns?: pulumi.Input[]>; /** * Specifies the seed or starting point URLs of the websites or the sitemap URLs of the websites you want to crawl. * * You can include website subdomains. You can list up to 100 seed URLs and up to three sitemap URLs. * * You can only crawl websites that use the secure communication protocol, Hypertext Transfer Protocol Secure (HTTPS). If you receive an error when crawling a website, it could be that the website is blocked from crawling. * * *When selecting websites to index, you must adhere to the [Amazon Acceptable Use Policy](https://docs.aws.amazon.com/aup/) and all other Amazon terms. Remember that you must only use Amazon Kendra Web Crawler to index your own webpages, or webpages that you have authorization to index.* */ urls: pulumi.Input; } interface DataSourceWebCrawlerSeedUrlConfigurationArgs { /** * The list of seed or starting point URLs of the websites you want to crawl. * * The list can include a maximum of 100 seed URLs. */ seedUrls: pulumi.Input[]>; /** * You can choose one of the following modes: * * - `HOST_ONLY` —crawl only the website host names. For example, if the seed URL is "abc.example.com", then only URLs with host name "abc.example.com" are crawled. * - `SUBDOMAINS` —crawl the website host names with subdomains. For example, if the seed URL is "abc.example.com", then "a.abc.example.com" and "b.abc.example.com" are also crawled. * - `EVERYTHING` —crawl the website host names with subdomains and other domains that the web pages link to. * * The default mode is set to `HOST_ONLY` . */ webCrawlerMode?: pulumi.Input; } interface DataSourceWebCrawlerSiteMapsConfigurationArgs { /** * The list of sitemap URLs of the websites you want to crawl. * * The list can include a maximum of three sitemap URLs. */ siteMaps: pulumi.Input[]>; } interface DataSourceWebCrawlerUrlsArgs { /** * Configuration of the seed or starting point URLs of the websites you want to crawl. * * You can choose to crawl only the website host names, or the website host names with subdomains, or the website host names with subdomains and other domains that the web pages link to. * * You can list up to 100 seed URLs. */ seedUrlConfiguration?: pulumi.Input; /** * Configuration of the sitemap URLs of the websites you want to crawl. * * Only URLs belonging to the same website host names are crawled. You can list up to three sitemap URLs. */ siteMapsConfiguration?: pulumi.Input; } interface DataSourceWorkDocsConfigurationArgs { /** * `TRUE` to include comments on documents in your index. Including comments in your index means each comment is a document that can be searched on. * * The default is set to `FALSE` . */ crawlComments?: pulumi.Input; /** * A list of regular expression patterns to exclude certain files in your WorkDocs site repository. Files that match the patterns are excluded from the index. Files that don’t match the patterns are included in the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index. */ exclusionPatterns?: pulumi.Input[]>; /** * A list of `DataSourceToIndexFieldMapping` objects that map WorkDocs data source attributes or field names to Amazon Kendra index field names. To create custom fields, use the `UpdateIndex` API before you map to WorkDocs fields. For more information, see [Mapping data source fields](https://docs.aws.amazon.com/kendra/latest/dg/field-mapping.html) . The WorkDocs data source field names must exist in your WorkDocs custom metadata. */ fieldMappings?: pulumi.Input[]>; /** * A list of regular expression patterns to include certain files in your WorkDocs site repository. Files that match the patterns are included in the index. Files that don't match the patterns are excluded from the index. If a file matches both an inclusion and exclusion pattern, the exclusion pattern takes precedence and the file isn't included in the index. */ inclusionPatterns?: pulumi.Input[]>; /** * The identifier of the directory corresponding to your WorkDocs site repository. * * You can find the organization ID in the [Directory Service](https://docs.aws.amazon.com/directoryservicev2/) by going to *Active Directory* , then *Directories* . Your WorkDocs site directory has an ID, which is the organization ID. You can also set up a new WorkDocs directory in the Directory Service console and enable a WorkDocs site for the directory in the WorkDocs console. */ organizationId: pulumi.Input; /** * `TRUE` to use the WorkDocs change log to determine which documents require updating in the index. Depending on the change log's size, it may take longer for Amazon Kendra to use the change log than to scan all of your documents in WorkDocs. */ useChangeLog?: pulumi.Input; } interface FaqS3PathArgs { /** * The name of the S3 bucket that contains the file. */ bucket: pulumi.Input; /** * The name of the file. */ key: pulumi.Input; } interface IndexCapacityUnitsConfigurationArgs { /** * The amount of extra query capacity for an index and [GetQuerySuggestions](https://docs.aws.amazon.com/kendra/latest/dg/API_GetQuerySuggestions.html) capacity. * * A single extra capacity unit for an index provides 0.1 queries per second or approximately 8,000 queries per day. You can add up to 100 extra capacity units. * * `GetQuerySuggestions` capacity is five times the provisioned query capacity for an index, or the base capacity of 2.5 calls per second, whichever is higher. For example, the base capacity for an index is 0.1 queries per second, and `GetQuerySuggestions` capacity has a base of 2.5 calls per second. If you add another 0.1 queries per second to total 0.2 queries per second for an index, the `GetQuerySuggestions` capacity is 2.5 calls per second (higher than five times 0.2 queries per second). */ queryCapacityUnits: pulumi.Input; /** * The amount of extra storage capacity for an index. A single capacity unit provides 30 GB of storage space or 100,000 documents, whichever is reached first. You can add up to 100 extra capacity units. */ storageCapacityUnits: pulumi.Input; } interface IndexDocumentMetadataConfigurationArgs { name: pulumi.Input; relevance?: pulumi.Input; search?: pulumi.Input; type: pulumi.Input; } interface IndexJsonTokenTypeConfigurationArgs { groupAttributeField: pulumi.Input; userNameAttributeField: pulumi.Input; } interface IndexJwtTokenTypeConfigurationArgs { claimRegex?: pulumi.Input; groupAttributeField?: pulumi.Input; issuer?: pulumi.Input; keyLocation: pulumi.Input; secretManagerArn?: pulumi.Input; url?: pulumi.Input; userNameAttributeField?: pulumi.Input; } interface IndexRelevanceArgs { duration?: pulumi.Input; freshness?: pulumi.Input; importance?: pulumi.Input; rankOrder?: pulumi.Input; valueImportanceItems?: pulumi.Input[]>; } interface IndexSearchArgs { displayable?: pulumi.Input; facetable?: pulumi.Input; searchable?: pulumi.Input; sortable?: pulumi.Input; } interface IndexServerSideEncryptionConfigurationArgs { /** * The identifier of the AWS KMS key . Amazon Kendra doesn't support asymmetric keys. */ kmsKeyId?: pulumi.Input; } interface IndexUserTokenConfigurationArgs { jsonTokenTypeConfiguration?: pulumi.Input; jwtTokenTypeConfiguration?: pulumi.Input; } interface IndexValueImportanceItemArgs { key?: pulumi.Input; value?: pulumi.Input; } } export declare namespace kendraranking { interface ExecutionPlanCapacityUnitsConfigurationArgs { /** * The amount of extra capacity for your rescore execution plan. * * A single extra capacity unit for a rescore execution plan provides 0.01 rescore requests per second. You can add up to 1000 extra capacity units. */ rescoreCapacityUnits: pulumi.Input; } } export declare namespace kinesis { /** * When specified, enables or updates server-side encryption using an AWS KMS key for a specified stream. Removing this property from your stack template and updating your stack disables encryption. */ interface StreamEncryptionArgs { /** * The encryption type to use. The only valid value is KMS. */ encryptionType: pulumi.Input; /** * The GUID for the customer-managed AWS KMS key to use for encryption. This value can be a globally unique identifier, a fully specified Amazon Resource Name (ARN) to either an alias or a key, or an alias name prefixed by "alias/".You can also use a master key owned by Kinesis Data Streams by specifying the alias aws/kinesis. */ keyId: pulumi.Input; } /** * When specified, enables or updates the mode of stream. Default is PROVISIONED. */ interface StreamModeDetailsArgs { /** * The mode of the stream */ streamMode: pulumi.Input; } } export declare namespace kinesisanalyticsv2 { /** * The configuration parameters for the default Amazon Glue database. You use this database for SQL queries that you write in a Kinesis Data Analytics Studio notebook. */ interface ApplicationCatalogConfigurationArgs { /** * The configuration parameters for the default Amazon Glue database. You use this database for Apache Flink SQL queries and table API transforms that you write in a Kinesis Data Analytics Studio notebook. */ glueDataCatalogConfiguration?: pulumi.Input; } /** * Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see Checkpoints for Fault Tolerance in the Apache Flink Documentation. */ interface ApplicationCheckpointConfigurationArgs { /** * Describes the interval in milliseconds between checkpoint operations. */ checkpointInterval?: pulumi.Input; /** * Describes whether checkpointing is enabled for a Flink-based Kinesis Data Analytics application. */ checkpointingEnabled?: pulumi.Input; /** * Describes whether the application uses Kinesis Data Analytics' default checkpointing behavior. You must set this property to `CUSTOM` in order to set the `CheckpointingEnabled`, `CheckpointInterval`, or `MinPauseBetweenCheckpoints` parameters. */ configurationType: pulumi.Input; /** * Describes the minimum time in milliseconds after a checkpoint operation completes that a new checkpoint operation can start. If a checkpoint operation takes longer than the CheckpointInterval, the application otherwise performs continual checkpoint operations. For more information, see Tuning Checkpointing in the Apache Flink Documentation. */ minPauseBetweenCheckpoints?: pulumi.Input; } /** * Describes code configuration for an application. */ interface ApplicationCodeConfigurationArgs { /** * The location and type of the application code. */ codeContent: pulumi.Input; /** * Specifies whether the code content is in text or zip format. */ codeContentType: pulumi.Input; } /** * Specifies either the application code, or the location of the application code, for a Flink-based Kinesis Data Analytics application. */ interface ApplicationCodeContentArgs { /** * Information about the Amazon S3 bucket that contains the application code. */ s3ContentLocation?: pulumi.Input; /** * The text-format code for a Flink-based Kinesis Data Analytics application. */ textContent?: pulumi.Input; /** * The zip-format code for a Flink-based Kinesis Data Analytics application. */ zipFileContent?: pulumi.Input; } /** * Specifies the creation parameters for a Kinesis Data Analytics application. */ interface ApplicationConfigurationArgs { /** * The code location and type parameters for a Flink-based Kinesis Data Analytics application. */ applicationCodeConfiguration?: pulumi.Input; /** * Describes whether customer managed key is enabled and key details for customer data encryption */ applicationEncryptionConfiguration?: pulumi.Input; /** * Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. */ applicationSnapshotConfiguration?: pulumi.Input; /** * Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application. */ applicationSystemRollbackConfiguration?: pulumi.Input; /** * Describes execution properties for a Flink-based Kinesis Data Analytics application. */ environmentProperties?: pulumi.Input; /** * The creation and update parameters for a Flink-based Kinesis Data Analytics application. */ flinkApplicationConfiguration?: pulumi.Input; /** * The creation and update parameters for a SQL-based Kinesis Data Analytics application. */ sqlApplicationConfiguration?: pulumi.Input; /** * The array of descriptions of VPC configurations available to the application. */ vpcConfigurations?: pulumi.Input[]>; /** * The configuration parameters for a Kinesis Data Analytics Studio notebook. */ zeppelinApplicationConfiguration?: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, provides additional mapping information when the record format uses delimiters, such as CSV. For example, the following sample records use CSV format, where the records use the '\n' as the row delimiter and a comma (",") as the column delimiter: * `"name1", "address1"` * `"name2", "address2"` */ interface ApplicationCsvMappingParametersArgs { /** * The column delimiter. For example, in a CSV format, a comma (",") is the typical column delimiter. */ recordColumnDelimiter: pulumi.Input; /** * The row delimiter. For example, in a CSV format, '\n' is the typical row delimiter. */ recordRowDelimiter: pulumi.Input; } /** * The configuration of connectors and user-defined functions. */ interface ApplicationCustomArtifactConfigurationArgs { /** * Set this to either `UDF` or `DEPENDENCY_JAR`. `UDF` stands for user-defined functions. This type of artifact must be in an S3 bucket. A `DEPENDENCY_JAR` can be in either Maven or an S3 bucket. */ artifactType: pulumi.Input; /** * The parameters required to fully specify a Maven reference. */ mavenReference?: pulumi.Input; /** * The location of the custom artifacts. */ s3ContentLocation?: pulumi.Input; } /** * The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state. */ interface ApplicationDeployAsApplicationConfigurationArgs { /** * The description of an Amazon S3 object that contains the Amazon Data Analytics application, including the Amazon Resource Name (ARN) of the S3 bucket, the name of the Amazon S3 object that contains the data, and the version number of the Amazon S3 object that contains the data. */ s3ContentLocation: pulumi.Input; } /** * Describes whether customer managed key is enabled and key details for customer data encryption */ interface ApplicationEncryptionConfigurationArgs { /** * KMS KeyId. Can be either key uuid or full key arn or key alias arn or short key alias */ keyId?: pulumi.Input; /** * Specifies whether application data is encrypted using service key: AWS_OWNED_KEY or customer key: CUSTOMER_MANAGED_KEY */ keyType: pulumi.Input; } /** * Describes execution properties for a Flink-based Kinesis Data Analytics application. */ interface ApplicationEnvironmentPropertiesArgs { /** * Describes the execution property groups. */ propertyGroups?: pulumi.Input[]>; } /** * Describes configuration parameters for a Flink-based Kinesis Data Analytics application or a Studio notebook. */ interface ApplicationFlinkApplicationConfigurationArgs { /** * Describes an application's checkpointing configuration. Checkpointing is the process of persisting application state for fault tolerance. For more information, see Checkpoints for Fault Tolerance in the Apache Flink Documentation. */ checkpointConfiguration?: pulumi.Input; /** * Describes configuration parameters for Amazon CloudWatch logging for an application. */ monitoringConfiguration?: pulumi.Input; /** * Describes parameters for how an application executes multiple tasks simultaneously. */ parallelismConfiguration?: pulumi.Input; } /** * Describes the starting parameters for a Flink-based Kinesis Data Analytics application. */ interface ApplicationFlinkRunConfigurationArgs { /** * When restoring from a snapshot, specifies whether the runtime is allowed to skip a state that cannot be mapped to the new program. Defaults to false. If you update your application without specifying this parameter, AllowNonRestoredState will be set to false, even if it was previously set to true. */ allowNonRestoredState?: pulumi.Input; } /** * The configuration of the Glue Data Catalog that you use for Apache Flink SQL queries and table API transforms that you write in an application. */ interface ApplicationGlueDataCatalogConfigurationArgs { /** * The Amazon Resource Name (ARN) of the database. */ databaseArn?: pulumi.Input; } /** * When you configure the application input for a SQL-based Kinesis Data Analytics application, you specify the streaming source, the in-application stream name that is created, and the mapping between the two. */ interface ApplicationInputArgs { /** * Describes the number of in-application streams to create. */ inputParallelism?: pulumi.Input; /** * The InputProcessingConfiguration for the input. An input processor transforms records as they are received from the stream, before the application's SQL code executes. Currently, the only input processing configuration available is InputLambdaProcessor. */ inputProcessingConfiguration?: pulumi.Input; /** * Describes the format of the data in the streaming source, and how each data element maps to corresponding columns in the in-application stream that is being created. */ inputSchema: pulumi.Input; /** * If the streaming source is an Amazon Kinesis Data Firehose delivery stream, identifies the delivery stream's ARN. */ kinesisFirehoseInput?: pulumi.Input; /** * If the streaming source is an Amazon Kinesis data stream, identifies the stream's Amazon Resource Name (ARN). */ kinesisStreamsInput?: pulumi.Input; /** * The name prefix to use when creating an in-application stream. Suppose that you specify a prefix `"MyInApplicationStream"`. Kinesis Data Analytics then creates one or more (as per the InputParallelism count you specified) in-application streams with the names `"MyInApplicationStream_001"`, `"MyInApplicationStream_002"`, and so on. */ namePrefix: pulumi.Input; } /** * An object that contains the Amazon Resource Name (ARN) of the Amazon Lambda function that is used to preprocess records in the stream in a SQL-based Kinesis Data Analytics application. */ interface ApplicationInputLambdaProcessorArgs { /** * The ARN of the Amazon Lambda function that operates on records in the stream. */ resourceArn: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, describes the number of in-application streams to create for a given streaming source. */ interface ApplicationInputParallelismArgs { /** * The number of in-application streams to create. */ count?: pulumi.Input; } /** * For an SQL-based Amazon Kinesis Data Analytics application, describes a processor that is used to preprocess the records in the stream before being processed by your application code. Currently, the only input processor available is Amazon Lambda. */ interface ApplicationInputProcessingConfigurationArgs { /** * The InputLambdaProcessor that is used to preprocess the records in the stream before being processed by your application code. */ inputLambdaProcessor?: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, describes the format of the data in the streaming source, and how each data element maps to corresponding columns created in the in-application stream. */ interface ApplicationInputSchemaArgs { /** * A list of `RecordColumn` objects. */ recordColumns: pulumi.Input[]>; /** * Specifies the encoding of the records in the streaming source. For example, UTF-8. */ recordEncoding?: pulumi.Input; /** * Specifies the format of the records on the streaming source. */ recordFormat: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, provides additional mapping information when JSON is the record format on the streaming source. */ interface ApplicationJsonMappingParametersArgs { /** * The path to the top-level parent that contains the records. */ recordRowPath: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, identifies a Kinesis Data Firehose delivery stream as the streaming source. You provide the delivery stream's Amazon Resource Name (ARN). */ interface ApplicationKinesisFirehoseInputArgs { /** * The Amazon Resource Name (ARN) of the delivery stream. */ resourceArn: pulumi.Input; } /** * Identifies a Kinesis data stream as the streaming source. You provide the stream's Amazon Resource Name (ARN). */ interface ApplicationKinesisStreamsInputArgs { /** * The ARN of the input Kinesis data stream to read. */ resourceArn: pulumi.Input; } /** * Describes the maintenance configuration for the application. */ interface ApplicationMaintenanceConfigurationArgs { /** * The start time for the maintenance window. */ applicationMaintenanceWindowStartTime: pulumi.Input; } /** * When you configure a SQL-based Kinesis Data Analytics application's input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source. */ interface ApplicationMappingParametersArgs { /** * Provides additional mapping information when the record format uses delimiters (for example, CSV). */ csvMappingParameters?: pulumi.Input; /** * Provides additional mapping information when JSON is the record format on the streaming source. */ jsonMappingParameters?: pulumi.Input; } /** * The information required to specify a Maven reference. You can use Maven references to specify dependency JAR files. */ interface ApplicationMavenReferenceArgs { /** * The artifact ID of the Maven reference. */ artifactId: pulumi.Input; /** * The group ID of the Maven reference. */ groupId: pulumi.Input; /** * The version of the Maven reference. */ version: pulumi.Input; } /** * Describes configuration parameters for Amazon CloudWatch logging for a Java-based Kinesis Data Analytics application. For more information about CloudWatch logging, see Monitoring. */ interface ApplicationMonitoringConfigurationArgs { /** * Describes whether to use the default CloudWatch logging configuration for an application. You must set this property to CUSTOM in order to set the LogLevel or MetricsLevel parameters. */ configurationType: pulumi.Input; /** * Describes the verbosity of the CloudWatch Logs for an application. */ logLevel?: pulumi.Input; /** * Describes the granularity of the CloudWatch Logs for an application. The Parallelism level is not recommended for applications with a Parallelism over 64 due to excessive costs. */ metricsLevel?: pulumi.Input; } /** * Describes parameters for how a Flink-based Kinesis Data Analytics application executes multiple tasks simultaneously. For more information about parallelism, see Parallel Execution in the Apache Flink Documentation */ interface ApplicationParallelismConfigurationArgs { /** * Describes whether the Kinesis Data Analytics service can increase the parallelism of the application in response to increased throughput. */ autoScalingEnabled?: pulumi.Input; /** * Describes whether the application uses the default parallelism for the Kinesis Data Analytics service. You must set this property to `CUSTOM` in order to change your application's `AutoScalingEnabled`, `Parallelism`, or `ParallelismPerKPU` properties. */ configurationType: pulumi.Input; /** * Describes the initial number of parallel tasks that a Java-based Kinesis Data Analytics application can perform. The Kinesis Data Analytics service can increase this number automatically if ParallelismConfiguration:AutoScalingEnabled is set to true. */ parallelism?: pulumi.Input; /** * Describes the number of parallel tasks that a Java-based Kinesis Data Analytics application can perform per Kinesis Processing Unit (KPU) used by the application. For more information about KPUs, see Amazon Kinesis Data Analytics Pricing. */ parallelismPerKpu?: pulumi.Input; } /** * Property key-value pairs passed into an application. */ interface ApplicationPropertyGroupArgs { /** * Describes the key of an application execution property key-value pair. */ propertyGroupId?: pulumi.Input; /** * Describes the value of an application execution property key-value pair. */ propertyMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * For a SQL-based Kinesis Data Analytics application, describes the mapping of each data element in the streaming source to the corresponding column in the in-application stream. * Also used to describe the format of the reference data source. */ interface ApplicationRecordColumnArgs { /** * A reference to the data element in the streaming input or the reference data source. */ mapping?: pulumi.Input; /** * The name of the column that is created in the in-application input stream or reference table. */ name: pulumi.Input; /** * The type of column created in the in-application input stream or reference table. */ sqlType: pulumi.Input; } /** * For a SQL-based Kinesis Data Analytics application, describes the record format and relevant mapping information that should be applied to schematize the records on the stream. */ interface ApplicationRecordFormatArgs { /** * When you configure application input at the time of creating or updating an application, provides additional mapping information specific to the record format (such as JSON, CSV, or record fields delimited by some delimiter) on the streaming source. */ mappingParameters?: pulumi.Input; /** * The type of record format. */ recordFormatType: pulumi.Input; } /** * Describes the restore behavior of a restarting application. */ interface ApplicationRestoreConfigurationArgs { /** * Specifies how the application should be restored. */ applicationRestoreType: pulumi.Input; /** * The identifier of an existing snapshot of application state to use to restart an application. The application uses this value if RESTORE_FROM_CUSTOM_SNAPSHOT is specified for the ApplicationRestoreType. */ snapshotName?: pulumi.Input; } /** * Identifies the run configuration (start parameters) of a Kinesis Data Analytics application. This section is evaluated only on stack updates for applications in running RUNNING state and has no effect during manual application start. */ interface ApplicationRunConfigurationArgs { /** * Describes the restore behavior of a restarting application. */ applicationRestoreConfiguration?: pulumi.Input; /** * Describes the starting parameters for a Flink-based Kinesis Data Analytics application. */ flinkRunConfiguration?: pulumi.Input; } /** * The base location of the Amazon Data Analytics application. */ interface ApplicationS3ContentBaseLocationArgs { /** * The base path for the S3 bucket. */ basePath?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the S3 bucket. */ bucketArn: pulumi.Input; } /** * The location of an application or a custom artifact. */ interface ApplicationS3ContentLocationArgs { /** * The Amazon Resource Name (ARN) for the S3 bucket containing the application code. */ bucketArn: pulumi.Input; /** * The file key for the object containing the application code. */ fileKey: pulumi.Input; /** * The version of the object containing the application code. */ objectVersion?: pulumi.Input; } /** * Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. */ interface ApplicationSnapshotConfigurationArgs { /** * Describes whether snapshots are enabled for a Flink-based Kinesis Data Analytics application. */ snapshotsEnabled: pulumi.Input; } /** * Describes the inputs, outputs, and reference data sources for a SQL-based Kinesis Data Analytics application. */ interface ApplicationSqlApplicationConfigurationArgs { /** * The array of Input objects describing the input streams used by the application. */ inputs?: pulumi.Input[]>; } /** * Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application. */ interface ApplicationSystemRollbackConfigurationArgs { /** * Describes whether system initiated rollbacks are enabled for a Flink-based Kinesis Data Analytics application. */ rollbackEnabled: pulumi.Input; } /** * Describes the parameters of a VPC used by the application. */ interface ApplicationVpcConfigurationArgs { /** * The array of SecurityGroup IDs used by the VPC configuration. */ securityGroupIds: pulumi.Input[]>; /** * The array of Subnet IDs used by the VPC configuration. */ subnetIds: pulumi.Input[]>; } /** * The configuration of a Kinesis Data Analytics Studio notebook. */ interface ApplicationZeppelinApplicationConfigurationArgs { /** * The Amazon Glue Data Catalog that you use in queries in a Kinesis Data Analytics Studio notebook. */ catalogConfiguration?: pulumi.Input; /** * A list of CustomArtifactConfiguration objects. */ customArtifactsConfiguration?: pulumi.Input[]>; /** * The information required to deploy a Kinesis Data Analytics Studio notebook as an application with durable state. */ deployAsApplicationConfiguration?: pulumi.Input; /** * The monitoring configuration of a Kinesis Data Analytics Studio notebook. */ monitoringConfiguration?: pulumi.Input; } /** * Describes configuration parameters for Amazon CloudWatch logging for a Kinesis Data Analytics Studio notebook. For more information about CloudWatch logging, see Monitoring. */ interface ApplicationZeppelinMonitoringConfigurationArgs { /** * The verbosity of the CloudWatch Logs for an application. You can set it to `INFO`, `WARN`, `ERROR`, or `DEBUG`. */ logLevel?: pulumi.Input; } } export declare namespace kinesisfirehose { interface DeliveryStreamAmazonOpenSearchServerlessBufferingHintsArgs { /** * Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes). */ intervalInSeconds?: pulumi.Input; /** * Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. * * We recommend setting this parameter to a value greater than the amount of data you typically ingest into the Firehose stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher. */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamAmazonOpenSearchServerlessDestinationConfigurationArgs { /** * The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used. */ bufferingHints?: pulumi.Input; cloudWatchLoggingOptions?: pulumi.Input; /** * The endpoint to use when communicating with the collection in the Serverless offering for Amazon OpenSearch Service. */ collectionEndpoint?: pulumi.Input; /** * The Serverless offering for Amazon OpenSearch Service index name. */ indexName: pulumi.Input; processingConfiguration?: pulumi.Input; /** * The retry behavior in case Firehose is unable to deliver documents to the Serverless offering for Amazon OpenSearch Service. The default value is 300 (5 minutes). */ retryOptions?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling the Serverless offering for Amazon OpenSearch Service Configuration API and for indexing documents. */ roleArn: pulumi.Input; /** * Defines how documents should be delivered to Amazon S3. When it is set to FailedDocumentsOnly, Firehose writes any documents that could not be indexed to the configured Amazon S3 destination, with AmazonOpenSearchService-failed/ appended to the key prefix. When set to AllDocuments, Firehose delivers all incoming records to Amazon S3, and also writes failed documents with AmazonOpenSearchService-failed/ appended to the prefix. */ s3BackupMode?: pulumi.Input; s3Configuration: pulumi.Input; vpcConfiguration?: pulumi.Input; } interface DeliveryStreamAmazonOpenSearchServerlessRetryOptionsArgs { /** * After an initial failure to deliver to the Serverless offering for Amazon OpenSearch Service, the total amount of time during which Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamAmazonopensearchserviceBufferingHintsArgs { /** * Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 300 (5 minutes). */ intervalInSeconds?: pulumi.Input; /** * Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. We recommend setting this parameter to a value greater than the amount of data you typically ingest into the delivery stream in 10 seconds. For example, if you typically ingest data at 1 MB/sec, the value should be 10 MB or higher. */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamAmazonopensearchserviceDestinationConfigurationArgs { /** * The buffering options. If no value is specified, the default values for AmazonopensearchserviceBufferingHints are used. */ bufferingHints?: pulumi.Input; /** * Describes the Amazon CloudWatch logging options for your delivery stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The endpoint to use when communicating with the cluster. Specify either this ClusterEndpoint or the DomainARN field. */ clusterEndpoint?: pulumi.Input; /** * Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID. */ documentIdOptions?: pulumi.Input; /** * The ARN of the Amazon OpenSearch Service domain. */ domainArn?: pulumi.Input; /** * The Amazon OpenSearch Service index name. */ indexName: pulumi.Input; /** * The Amazon OpenSearch Service index rotation period. Index rotation appends a timestamp to the IndexName to facilitate the expiration of old data. */ indexRotationPeriod?: pulumi.Input; /** * Describes a data processing configuration. */ processingConfiguration?: pulumi.Input; /** * The retry behavior in case Kinesis Data Firehose is unable to deliver documents to Amazon OpenSearch Service. The default value is 300 (5 minutes). */ retryOptions?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon OpenSearch Service Configuration API and for indexing documents. */ roleArn: pulumi.Input; /** * Defines how documents should be delivered to Amazon S3. */ s3BackupMode?: pulumi.Input; /** * Describes the configuration of a destination in Amazon S3. */ s3Configuration: pulumi.Input; /** * The Amazon OpenSearch Service type name. */ typeName?: pulumi.Input; /** * The details of the VPC of the Amazon OpenSearch Service destination. */ vpcConfiguration?: pulumi.Input; } interface DeliveryStreamAmazonopensearchserviceRetryOptionsArgs { /** * After an initial failure to deliver to Amazon OpenSearch Service, the total amount of time during which Kinesis Data Firehose retries delivery (including the first attempt). After this time has elapsed, the failed documents are written to Amazon S3. Default value is 300 seconds (5 minutes). A value of 0 (zero) results in no retries. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamAuthenticationConfigurationArgs { /** * The type of connectivity used to access the Amazon MSK cluster. */ connectivity: pulumi.Input; /** * The ARN of the role used to access the Amazon MSK cluster. */ roleArn: pulumi.Input; } interface DeliveryStreamBufferingHintsArgs { /** * The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ intervalInSeconds?: pulumi.Input; /** * The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamCatalogConfigurationArgs { /** * Specifies the Glue catalog ARN identifier of the destination Apache Iceberg Tables. You must specify the ARN in the format `arn:aws:glue:region:account-id:catalog` . */ catalogArn?: pulumi.Input; /** * The warehouse location for Apache Iceberg tables. You must configure this when schema evolution and table creation is enabled. * * Amazon Data Firehose is in preview release and is subject to change. */ warehouseLocation?: pulumi.Input; } interface DeliveryStreamCloudWatchLoggingOptionsArgs { /** * Indicates whether CloudWatch Logs logging is enabled. */ enabled?: pulumi.Input; /** * The name of the CloudWatch Logs log group that contains the log stream that Kinesis Data Firehose will use. * * Conditional. If you enable logging, you must specify this property. */ logGroupName?: pulumi.Input; /** * The name of the CloudWatch Logs log stream that Kinesis Data Firehose uses to send logs about data delivery. * * Conditional. If you enable logging, you must specify this property. */ logStreamName?: pulumi.Input; } interface DeliveryStreamCopyCommandArgs { /** * Parameters to use with the Amazon Redshift `COPY` command. For examples, see the `CopyOptions` content for the [CopyCommand](https://docs.aws.amazon.com/firehose/latest/APIReference/API_CopyCommand.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ copyOptions?: pulumi.Input; /** * A comma-separated list of column names. */ dataTableColumns?: pulumi.Input; /** * The name of the target table. The table must already exist in the database. */ dataTableName: pulumi.Input; } interface DeliveryStreamDataFormatConversionConfigurationArgs { /** * Defaults to `true` . Set it to `false` if you want to disable format conversion while preserving the configuration details. */ enabled?: pulumi.Input; /** * Specifies the deserializer that you want Firehose to use to convert the format of your data from JSON. This parameter is required if `Enabled` is set to true. */ inputFormatConfiguration?: pulumi.Input; /** * Specifies the serializer that you want Firehose to use to convert the format of your data to the Parquet or ORC format. This parameter is required if `Enabled` is set to true. */ outputFormatConfiguration?: pulumi.Input; /** * Specifies the AWS Glue Data Catalog table that contains the column information. This parameter is required if `Enabled` is set to true. */ schemaConfiguration?: pulumi.Input; } interface DeliveryStreamDatabaseColumnsArgs { exclude?: pulumi.Input[]>; include?: pulumi.Input[]>; } interface DeliveryStreamDatabaseSourceAuthenticationConfigurationArgs { secretsManagerConfiguration: pulumi.Input; } interface DeliveryStreamDatabaseSourceConfigurationArgs { /** * The list of column patterns in source database endpoint for Firehose to read from. * * Amazon Data Firehose is in preview release and is subject to change. */ columns?: pulumi.Input; /** * The structure to configure the authentication methods for Firehose to connect to source database endpoint. * * Amazon Data Firehose is in preview release and is subject to change. */ databaseSourceAuthenticationConfiguration: pulumi.Input; /** * The details of the VPC Endpoint Service which Firehose uses to create a PrivateLink to the database. * * Amazon Data Firehose is in preview release and is subject to change. */ databaseSourceVpcConfiguration: pulumi.Input; /** * The list of database patterns in source database endpoint for Firehose to read from. * * Amazon Data Firehose is in preview release and is subject to change. */ databases: pulumi.Input; digest?: pulumi.Input; /** * The endpoint of the database server. * * Amazon Data Firehose is in preview release and is subject to change. */ endpoint: pulumi.Input; /** * The port of the database. This can be one of the following values. * * - 3306 for MySQL database type * - 5432 for PostgreSQL database type * * Amazon Data Firehose is in preview release and is subject to change. */ port: pulumi.Input; publicCertificate?: pulumi.Input; /** * The fully qualified name of the table in source database endpoint that Firehose uses to track snapshot progress. * * Amazon Data Firehose is in preview release and is subject to change. */ snapshotWatermarkTable: pulumi.Input; /** * The mode to enable or disable SSL when Firehose connects to the database endpoint. * * Amazon Data Firehose is in preview release and is subject to change. */ sslMode?: pulumi.Input; /** * The optional list of table and column names used as unique key columns when taking snapshot if the tables don’t have primary keys configured. * * Amazon Data Firehose is in preview release and is subject to change. */ surrogateKeys?: pulumi.Input[]>; /** * The list of table patterns in source database endpoint for Firehose to read from. * * Amazon Data Firehose is in preview release and is subject to change. */ tables: pulumi.Input; /** * The type of database engine. This can be one of the following values. * * - MySQL * - PostgreSQL * * Amazon Data Firehose is in preview release and is subject to change. */ type: pulumi.Input; } interface DeliveryStreamDatabaseSourceVpcConfigurationArgs { /** * The VPC endpoint service name which Firehose uses to create a PrivateLink to the database. The endpoint service must have the Firehose service principle `firehose.amazonaws.com` as an allowed principal on the VPC endpoint service. The VPC endpoint service name is a string that looks like `com.amazonaws.vpce..` . * * Amazon Data Firehose is in preview release and is subject to change. */ vpcEndpointServiceName: pulumi.Input; } interface DeliveryStreamDatabaseTablesArgs { exclude?: pulumi.Input[]>; include?: pulumi.Input[]>; } interface DeliveryStreamDatabasesArgs { exclude?: pulumi.Input[]>; include?: pulumi.Input[]>; } interface DeliveryStreamDeserializerArgs { /** * The native Hive / HCatalog JsonSerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the OpenX SerDe. */ hiveJsonSerDe?: pulumi.Input; /** * The OpenX SerDe. Used by Firehose for deserializing data, which means converting it from the JSON format in preparation for serializing it to the Parquet or ORC format. This is one of two deserializers you can choose, depending on which one offers the functionality you need. The other option is the native Hive / HCatalog JsonSerDe. */ openXJsonSerDe?: pulumi.Input; } interface DeliveryStreamDestinationTableConfigurationArgs { destinationDatabaseName: pulumi.Input; destinationTableName: pulumi.Input; partitionSpec?: pulumi.Input; s3ErrorOutputPrefix?: pulumi.Input; uniqueKeys?: pulumi.Input[]>; } interface DeliveryStreamDestinationTableConfigurationPartitionSpecPropertiesArgs { identity?: pulumi.Input[]>; } interface DeliveryStreamDirectPutSourceConfigurationArgs { /** * The value that you configure for this parameter is for information purpose only and does not affect Firehose delivery throughput limit. You can use the [Firehose Limits form](https://docs.aws.amazon.com/https://support.console.aws.amazon.com/support/home#/case/create%3FissueType=service-limit-increase%26limitType=kinesis-firehose-limits) to request a throughput limit increase. */ throughputHintInMbs?: pulumi.Input; } interface DeliveryStreamDocumentIdOptionsArgs { /** * When the `FIREHOSE_DEFAULT` option is chosen, Firehose generates a unique document ID for each record based on a unique internal identifier. The generated document ID is stable across multiple delivery attempts, which helps prevent the same record from being indexed multiple times with different document IDs. * * When the `NO_DOCUMENT_ID` option is chosen, Firehose does not include any document IDs in the requests it sends to the Amazon OpenSearch Service. This causes the Amazon OpenSearch Service domain to generate document IDs. In case of multiple delivery attempts, this may cause the same record to be indexed more than once with different document IDs. This option enables write-heavy operations, such as the ingestion of logs and observability data, to consume less resources in the Amazon OpenSearch Service domain, resulting in improved performance. */ defaultDocumentIdFormat: pulumi.Input; } interface DeliveryStreamDynamicPartitioningConfigurationArgs { /** * Specifies whether dynamic partitioning is enabled for this Kinesis Data Firehose delivery stream. */ enabled?: pulumi.Input; /** * Specifies the retry behavior in case Kinesis Data Firehose is unable to deliver data to an Amazon S3 prefix. */ retryOptions?: pulumi.Input; } interface DeliveryStreamElasticsearchBufferingHintsArgs { /** * The length of time, in seconds, that Kinesis Data Firehose buffers incoming data before delivering it to the destination. For valid values, see the `IntervalInSeconds` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ intervalInSeconds?: pulumi.Input; /** * The size of the buffer, in MBs, that Kinesis Data Firehose uses for incoming data before delivering it to the destination. For valid values, see the `SizeInMBs` content for the [BufferingHints](https://docs.aws.amazon.com/firehose/latest/APIReference/API_BufferingHints.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamElasticsearchDestinationConfigurationArgs { /** * Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon ES domain. */ bufferingHints?: pulumi.Input; /** * The Amazon CloudWatch Logs logging options for the delivery stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The endpoint to use when communicating with the cluster. Specify either this `ClusterEndpoint` or the `DomainARN` field. */ clusterEndpoint?: pulumi.Input; /** * Indicates the method for setting up document ID. The supported methods are Firehose generated document ID and OpenSearch Service generated document ID. */ documentIdOptions?: pulumi.Input; /** * The ARN of the Amazon ES domain. The IAM role must have permissions for `DescribeElasticsearchDomain` , `DescribeElasticsearchDomains` , and `DescribeElasticsearchDomainConfig` after assuming the role specified in *RoleARN* . * * Specify either `ClusterEndpoint` or `DomainARN` . */ domainArn?: pulumi.Input; /** * The name of the Elasticsearch index to which Kinesis Data Firehose adds data for indexing. */ indexName: pulumi.Input; /** * The frequency of Elasticsearch index rotation. If you enable index rotation, Kinesis Data Firehose appends a portion of the UTC arrival timestamp to the specified index name, and rotates the appended timestamp accordingly. For more information, see [Index Rotation for the Amazon ES Destination](https://docs.aws.amazon.com/firehose/latest/dev/basic-deliver.html#es-index-rotation) in the *Amazon Kinesis Data Firehose Developer Guide* . */ indexRotationPeriod?: pulumi.Input; /** * The data processing configuration for the Kinesis Data Firehose delivery stream. */ processingConfiguration?: pulumi.Input; /** * The retry behavior when Kinesis Data Firehose is unable to deliver data to Amazon ES. */ retryOptions?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be assumed by Kinesis Data Firehose for calling the Amazon ES Configuration API and for indexing documents. For more information, see [Controlling Access with Amazon Kinesis Data Firehose](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html) . */ roleArn: pulumi.Input; /** * The condition under which Kinesis Data Firehose delivers data to Amazon Simple Storage Service (Amazon S3). You can send Amazon S3 all documents (all data) or only the documents that Kinesis Data Firehose could not deliver to the Amazon ES destination. For more information and valid values, see the `S3BackupMode` content for the [ElasticsearchDestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchDestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ s3BackupMode?: pulumi.Input; /** * The S3 bucket where Kinesis Data Firehose backs up incoming data. */ s3Configuration: pulumi.Input; /** * The Elasticsearch type name that Amazon ES adds to documents when indexing data. */ typeName?: pulumi.Input; /** * The details of the VPC of the Amazon ES destination. */ vpcConfiguration?: pulumi.Input; } interface DeliveryStreamElasticsearchRetryOptionsArgs { /** * After an initial failure to deliver to Amazon ES, the total amount of time during which Kinesis Data Firehose re-attempts delivery (including the first attempt). If Kinesis Data Firehose can't deliver the data within the specified time, it writes the data to the backup S3 bucket. For valid values, see the `DurationInSeconds` content for the [ElasticsearchRetryOptions](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ElasticsearchRetryOptions.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamEncryptionConfigurationArgs { /** * The AWS Key Management Service ( AWS KMS) encryption key that Amazon S3 uses to encrypt your data. */ kmsEncryptionConfig?: pulumi.Input; /** * Disables encryption. For valid values, see the `NoEncryptionConfig` content for the [EncryptionConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_EncryptionConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ noEncryptionConfig?: pulumi.Input; } interface DeliveryStreamEncryptionConfigurationInputArgs { /** * If you set `KeyType` to `CUSTOMER_MANAGED_CMK` , you must specify the Amazon Resource Name (ARN) of the CMK. If you set `KeyType` to `AWS _OWNED_CMK` , Firehose uses a service-account CMK. */ keyArn?: pulumi.Input; /** * Indicates the type of customer master key (CMK) to use for encryption. The default setting is `AWS_OWNED_CMK` . For more information about CMKs, see [Customer Master Keys (CMKs)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#master_keys) . * * You can use a CMK of type CUSTOMER_MANAGED_CMK to encrypt up to 500 delivery streams. * * > To encrypt your delivery stream, use symmetric CMKs. Kinesis Data Firehose doesn't support asymmetric CMKs. For information about symmetric and asymmetric CMKs, see [About Symmetric and Asymmetric CMKs](https://docs.aws.amazon.com/kms/latest/developerguide/symm-asymm-concepts.html) in the AWS Key Management Service developer guide. */ keyType: pulumi.Input; } interface DeliveryStreamExtendedS3DestinationConfigurationArgs { /** * The Amazon Resource Name (ARN) of the Amazon S3 bucket. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* . */ bucketArn: pulumi.Input; /** * The buffering option. */ bufferingHints?: pulumi.Input; /** * The Amazon CloudWatch logging options for your Firehose stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The compression format. If no value is specified, the default is `UNCOMPRESSED` . */ compressionFormat?: pulumi.Input; /** * The time zone you prefer. UTC is the default. */ customTimeZone?: pulumi.Input; /** * The serializer, deserializer, and schema for converting data from the JSON format to the Parquet or ORC format before writing it to Amazon S3. */ dataFormatConversionConfiguration?: pulumi.Input; /** * The configuration of the dynamic partitioning mechanism that creates targeted data sets from the streaming data by partitioning it based on partition keys. */ dynamicPartitioningConfiguration?: pulumi.Input; /** * The encryption configuration for the Kinesis Data Firehose delivery stream. The default value is `NoEncryption` . */ encryptionConfiguration?: pulumi.Input; /** * A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) . */ errorOutputPrefix?: pulumi.Input; /** * Specify a file extension. It will override the default file extension */ fileExtension?: pulumi.Input; /** * The `YYYY/MM/DD/HH` time format prefix is automatically used for delivered Amazon S3 files. For more information, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* . */ prefix?: pulumi.Input; /** * The data processing configuration for the Kinesis Data Firehose delivery stream. */ processingConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the AWS credentials. For constraints, see [ExtendedS3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_ExtendedS3DestinationConfiguration.html) in the *Amazon Kinesis Data Firehose API Reference* . */ roleArn: pulumi.Input; /** * The configuration for backup in Amazon S3. */ s3BackupConfiguration?: pulumi.Input; /** * The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it. */ s3BackupMode?: pulumi.Input; } interface DeliveryStreamHiveJsonSerDeArgs { /** * Indicates how you want Firehose to parse the date and timestamps that may be present in your input data JSON. To specify these format strings, follow the pattern syntax of JodaTime's DateTimeFormat format strings. For more information, see [Class DateTimeFormat](https://docs.aws.amazon.com/https://www.joda.org/joda-time/apidocs/org/joda/time/format/DateTimeFormat.html) . You can also use the special value `millis` to parse timestamps in epoch milliseconds. If you don't specify a format, Firehose uses `java.sql.Timestamp::valueOf` by default. */ timestampFormats?: pulumi.Input[]>; } interface DeliveryStreamHttpEndpointCommonAttributeArgs { /** * The name of the HTTP endpoint common attribute. */ attributeName: pulumi.Input; /** * The value of the HTTP endpoint common attribute. */ attributeValue: pulumi.Input; } interface DeliveryStreamHttpEndpointConfigurationArgs { /** * The access key required for Kinesis Firehose to authenticate with the HTTP endpoint selected as the destination. */ accessKey?: pulumi.Input; /** * The name of the HTTP endpoint selected as the destination. */ name?: pulumi.Input; /** * The URL of the HTTP endpoint selected as the destination. */ url: pulumi.Input; } interface DeliveryStreamHttpEndpointDestinationConfigurationArgs { /** * The buffering options that can be used before data is delivered to the specified destination. Kinesis Data Firehose treats these options as hints, and it might choose to use more optimal values. The SizeInMBs and IntervalInSeconds parameters are optional. However, if you specify a value for one of them, you must also provide a value for the other. */ bufferingHints?: pulumi.Input; /** * Describes the Amazon CloudWatch logging options for your delivery stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The configuration of the HTTP endpoint selected as the destination. */ endpointConfiguration: pulumi.Input; /** * Describes the data processing configuration. */ processingConfiguration?: pulumi.Input; /** * The configuration of the request sent to the HTTP endpoint specified as the destination. */ requestConfiguration?: pulumi.Input; /** * Describes the retry behavior in case Kinesis Data Firehose is unable to deliver data to the specified HTTP endpoint destination, or if it doesn't receive a valid acknowledgment of receipt from the specified HTTP endpoint destination. */ retryOptions?: pulumi.Input; /** * Kinesis Data Firehose uses this IAM role for all the permissions that the delivery stream needs. */ roleArn?: pulumi.Input; /** * Describes the S3 bucket backup options for the data that Kinesis Data Firehose delivers to the HTTP endpoint destination. You can back up all documents (AllData) or only the documents that Kinesis Data Firehose could not deliver to the specified HTTP endpoint destination (FailedDataOnly). */ s3BackupMode?: pulumi.Input; /** * Describes the configuration of a destination in Amazon S3. */ s3Configuration: pulumi.Input; /** * The configuration that defines how you access secrets for HTTP Endpoint destination. */ secretsManagerConfiguration?: pulumi.Input; } interface DeliveryStreamHttpEndpointRequestConfigurationArgs { /** * Describes the metadata sent to the HTTP endpoint destination. */ commonAttributes?: pulumi.Input[]>; /** * Kinesis Data Firehose uses the content encoding to compress the body of a request before sending the request to the destination. For more information, see Content-Encoding in MDN Web Docs, the official Mozilla documentation. */ contentEncoding?: pulumi.Input; } interface DeliveryStreamIcebergDestinationConfigurationArgs { /** * Describes whether all incoming data for this delivery stream will be append only (inserts only and not for updates and deletes) for Iceberg delivery. This feature is only applicable for Apache Iceberg Tables. * * The default value is false. If you set this value to true, Firehose automatically increases the throughput limit of a stream based on the throttling levels of the stream. If you set this parameter to true for a stream with updates and deletes, you will see out of order delivery. */ appendOnly?: pulumi.Input; bufferingHints?: pulumi.Input; /** * Configuration describing where the destination Apache Iceberg Tables are persisted. */ catalogConfiguration: pulumi.Input; cloudWatchLoggingOptions?: pulumi.Input; /** * Provides a list of `DestinationTableConfigurations` which Firehose uses to deliver data to Apache Iceberg Tables. Firehose will write data with insert if table specific configuration is not provided here. */ destinationTableConfigurationList?: pulumi.Input[]>; processingConfiguration?: pulumi.Input; retryOptions?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be assumed by Firehose for calling Apache Iceberg Tables. */ roleArn: pulumi.Input; /** * Describes how Firehose will backup records. Currently,S3 backup only supports `FailedDataOnly` . */ s3BackupMode?: pulumi.Input; s3Configuration: pulumi.Input; /** * The configuration to enable automatic schema evolution. * * Amazon Data Firehose is in preview release and is subject to change. */ schemaEvolutionConfiguration?: pulumi.Input; /** * The configuration to enable automatic table creation. * * Amazon Data Firehose is in preview release and is subject to change. */ tableCreationConfiguration?: pulumi.Input; } interface DeliveryStreamInputFormatConfigurationArgs { /** * Specifies which deserializer to use. You can choose either the Apache Hive JSON SerDe or the OpenX JSON SerDe. If both are non-null, the server rejects the request. */ deserializer?: pulumi.Input; } interface DeliveryStreamKinesisStreamSourceConfigurationArgs { /** * The ARN of the source Kinesis data stream. */ kinesisStreamArn: pulumi.Input; /** * The ARN of the role that provides access to the source Kinesis data stream. */ roleArn: pulumi.Input; } interface DeliveryStreamKmsEncryptionConfigArgs { /** * The Amazon Resource Name (ARN) of the AWS KMS encryption key that Amazon S3 uses to encrypt data delivered by the Kinesis Data Firehose stream. The key must belong to the same region as the destination S3 bucket. */ awskmsKeyArn: pulumi.Input; } interface DeliveryStreamMskSourceConfigurationArgs { /** * The authentication configuration of the Amazon MSK cluster. */ authenticationConfiguration: pulumi.Input; /** * The ARN of the Amazon MSK cluster. */ mskClusterArn: pulumi.Input; /** * The start date and time in UTC for the offset position within your MSK topic from where Firehose begins to read. By default, this is set to timestamp when Firehose becomes Active. * * If you want to create a Firehose stream with Earliest start position from SDK or CLI, you need to set the `ReadFromTimestamp` parameter to Epoch (1970-01-01T00:00:00Z). */ readFromTimestamp?: pulumi.Input; /** * The topic name within the Amazon MSK cluster. */ topicName: pulumi.Input; } interface DeliveryStreamOpenXJsonSerDeArgs { /** * When set to `true` , which is the default, Firehose converts JSON keys to lowercase before deserializing them. */ caseInsensitive?: pulumi.Input; /** * Maps column names to JSON keys that aren't identical to the column names. This is useful when the JSON contains keys that are Hive keywords. For example, `timestamp` is a Hive keyword. If you have a JSON key named `timestamp` , set this parameter to `{"ts": "timestamp"}` to map this key to a column named `ts` . */ columnToJsonKeyMappings?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * When set to `true` , specifies that the names of the keys include dots and that you want Firehose to replace them with underscores. This is useful because Apache Hive does not allow dots in column names. For example, if the JSON contains a key whose name is "a.b", you can define the column name to be "a_b" when using this option. * * The default is `false` . */ convertDotsInJsonKeysToUnderscores?: pulumi.Input; } interface DeliveryStreamOrcSerDeArgs { /** * The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations. */ blockSizeBytes?: pulumi.Input; /** * The column names for which you want Firehose to create bloom filters. The default is `null` . */ bloomFilterColumns?: pulumi.Input[]>; /** * The Bloom filter false positive probability (FPP). The lower the FPP, the bigger the Bloom filter. The default value is 0.05, the minimum is 0, and the maximum is 1. */ bloomFilterFalsePositiveProbability?: pulumi.Input; /** * The compression code to use over data blocks. The default is `SNAPPY` . */ compression?: pulumi.Input; /** * Represents the fraction of the total number of non-null rows. To turn off dictionary encoding, set this fraction to a number that is less than the number of distinct keys in a dictionary. To always use dictionary encoding, set this threshold to 1. */ dictionaryKeyThreshold?: pulumi.Input; /** * Set this to `true` to indicate that you want stripes to be padded to the HDFS block boundaries. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is `false` . */ enablePadding?: pulumi.Input; /** * The version of the file to write. The possible values are `V0_11` and `V0_12` . The default is `V0_12` . */ formatVersion?: pulumi.Input; /** * A number between 0 and 1 that defines the tolerance for block padding as a decimal fraction of stripe size. The default value is 0.05, which means 5 percent of stripe size. * * For the default values of 64 MiB ORC stripes and 256 MiB HDFS blocks, the default block padding tolerance of 5 percent reserves a maximum of 3.2 MiB for padding within the 256 MiB block. In such a case, if the available size within the block is more than 3.2 MiB, a new, smaller stripe is inserted to fit within that space. This ensures that no stripe crosses block boundaries and causes remote reads within a node-local task. * * Kinesis Data Firehose ignores this parameter when `EnablePadding` is `false` . */ paddingTolerance?: pulumi.Input; /** * The number of rows between index entries. The default is 10,000 and the minimum is 1,000. */ rowIndexStride?: pulumi.Input; /** * The number of bytes in each stripe. The default is 64 MiB and the minimum is 8 MiB. */ stripeSizeBytes?: pulumi.Input; } interface DeliveryStreamOutputFormatConfigurationArgs { /** * Specifies which serializer to use. You can choose either the ORC SerDe or the Parquet SerDe. If both are non-null, the server rejects the request. */ serializer?: pulumi.Input; } interface DeliveryStreamParquetSerDeArgs { /** * The Hadoop Distributed File System (HDFS) block size. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 256 MiB and the minimum is 64 MiB. Firehose uses this value for padding calculations. */ blockSizeBytes?: pulumi.Input; /** * The compression code to use over data blocks. The possible values are `UNCOMPRESSED` , `SNAPPY` , and `GZIP` , with the default being `SNAPPY` . Use `SNAPPY` for higher decompression speed. Use `GZIP` if the compression ratio is more important than speed. */ compression?: pulumi.Input; /** * Indicates whether to enable dictionary compression. */ enableDictionaryCompression?: pulumi.Input; /** * The maximum amount of padding to apply. This is useful if you intend to copy the data from Amazon S3 to HDFS before querying. The default is 0. */ maxPaddingBytes?: pulumi.Input; /** * The Parquet page size. Column chunks are divided into pages. A page is conceptually an indivisible unit (in terms of compression and encoding). The minimum value is 64 KiB and the default is 1 MiB. */ pageSizeBytes?: pulumi.Input; /** * Indicates the version of row format to output. The possible values are `V1` and `V2` . The default is `V1` . */ writerVersion?: pulumi.Input; } interface DeliveryStreamPartitionFieldArgs { sourceName: pulumi.Input; } interface DeliveryStreamProcessingConfigurationArgs { /** * Indicates whether data processing is enabled (true) or disabled (false). */ enabled?: pulumi.Input; /** * The data processors. */ processors?: pulumi.Input[]>; } interface DeliveryStreamProcessorArgs { /** * The processor parameters. */ parameters?: pulumi.Input[]>; /** * The type of processor. Valid values: `Lambda` . */ type: pulumi.Input; } interface DeliveryStreamProcessorParameterArgs { /** * The name of the parameter. Currently the following default values are supported: 3 for `NumberOfRetries` and 60 for the `BufferIntervalInSeconds` . The `BufferSizeInMBs` ranges between 0.2 MB and up to 3MB. The default buffering hint is 1MB for all destinations, except Splunk. For Splunk, the default buffering hint is 256 KB. */ parameterName: pulumi.Input; /** * The parameter value. */ parameterValue: pulumi.Input; } interface DeliveryStreamRedshiftDestinationConfigurationArgs { /** * The CloudWatch logging options for your Firehose stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The connection string that Kinesis Data Firehose uses to connect to the Amazon Redshift cluster. */ clusterJdbcurl: pulumi.Input; /** * Configures the Amazon Redshift `COPY` command that Kinesis Data Firehose uses to load data into the cluster from the Amazon S3 bucket. */ copyCommand: pulumi.Input; /** * The password for the Amazon Redshift user that you specified in the `Username` property. */ password?: pulumi.Input; /** * The data processing configuration for the Kinesis Data Firehose delivery stream. */ processingConfiguration?: pulumi.Input; /** * The retry behavior in case Firehose is unable to deliver documents to Amazon Redshift. Default value is 3600 (60 minutes). */ retryOptions?: pulumi.Input; /** * The ARN of the AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon Redshift Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-rs) in the *Amazon Kinesis Data Firehose Developer Guide* . */ roleArn: pulumi.Input; /** * The configuration for backup in Amazon S3. */ s3BackupConfiguration?: pulumi.Input; /** * The Amazon S3 backup mode. After you create a Firehose stream, you can update it to enable Amazon S3 backup if it is disabled. If backup is enabled, you can't update the Firehose stream to disable it. */ s3BackupMode?: pulumi.Input; /** * The S3 bucket where Kinesis Data Firehose first delivers data. After the data is in the bucket, Kinesis Data Firehose uses the `COPY` command to load the data into the Amazon Redshift cluster. For the Amazon S3 bucket's compression format, don't specify `SNAPPY` or `ZIP` because the Amazon Redshift `COPY` command doesn't support them. */ s3Configuration: pulumi.Input; /** * The configuration that defines how you access secrets for Amazon Redshift. */ secretsManagerConfiguration?: pulumi.Input; /** * The Amazon Redshift user that has permission to access the Amazon Redshift cluster. This user must have `INSERT` privileges for copying data from the Amazon S3 bucket to the cluster. */ username?: pulumi.Input; } interface DeliveryStreamRedshiftRetryOptionsArgs { /** * The length of time during which Firehose retries delivery after a failure, starting from the initial request and including the first attempt. The default value is 3600 seconds (60 minutes). Firehose does not retry if the value of `DurationInSeconds` is 0 (zero) or if the first delivery attempt takes longer than the current value. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamRetryOptionsArgs { /** * The total amount of time that Kinesis Data Firehose spends on retries. This duration starts after the initial attempt to send data to the custom destination via HTTPS endpoint fails. It doesn't include the periods during which Kinesis Data Firehose waits for acknowledgment from the specified destination after each attempt. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamS3DestinationConfigurationArgs { /** * The Amazon Resource Name (ARN) of the Amazon S3 bucket to send data to. */ bucketArn: pulumi.Input; /** * Configures how Kinesis Data Firehose buffers incoming data while delivering it to the Amazon S3 bucket. */ bufferingHints?: pulumi.Input; /** * The CloudWatch logging options for your Firehose stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The type of compression that Kinesis Data Firehose uses to compress the data that it delivers to the Amazon S3 bucket. For valid values, see the `CompressionFormat` content for the [S3DestinationConfiguration](https://docs.aws.amazon.com/firehose/latest/APIReference/API_S3DestinationConfiguration.html) data type in the *Amazon Kinesis Data Firehose API Reference* . */ compressionFormat?: pulumi.Input; /** * Configures Amazon Simple Storage Service (Amazon S3) server-side encryption. Kinesis Data Firehose uses AWS Key Management Service ( AWS KMS) to encrypt the data that it delivers to your Amazon S3 bucket. */ encryptionConfiguration?: pulumi.Input; /** * A prefix that Kinesis Data Firehose evaluates and adds to failed records before writing them to S3. This prefix appears immediately following the bucket name. For information about how to specify this prefix, see [Custom Prefixes for Amazon S3 Objects](https://docs.aws.amazon.com/firehose/latest/dev/s3-prefixes.html) . */ errorOutputPrefix?: pulumi.Input; /** * A prefix that Kinesis Data Firehose adds to the files that it delivers to the Amazon S3 bucket. The prefix helps you identify the files that Kinesis Data Firehose delivered. */ prefix?: pulumi.Input; /** * The ARN of an AWS Identity and Access Management (IAM) role that grants Kinesis Data Firehose access to your Amazon S3 bucket and AWS KMS (if you enable data encryption). For more information, see [Grant Kinesis Data Firehose Access to an Amazon S3 Destination](https://docs.aws.amazon.com/firehose/latest/dev/controlling-access.html#using-iam-s3) in the *Amazon Kinesis Data Firehose Developer Guide* . */ roleArn: pulumi.Input; } interface DeliveryStreamSchemaConfigurationArgs { /** * The ID of the AWS Glue Data Catalog. If you don't supply this, the AWS account ID is used by default. */ catalogId?: pulumi.Input; /** * Specifies the name of the AWS Glue database that contains the schema for the output data. * * > If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `DatabaseName` property is required and its value must be specified. */ databaseName?: pulumi.Input; /** * If you don't specify an AWS Region, the default is the current Region. */ region?: pulumi.Input; /** * The role that Firehose can use to access AWS Glue. This role must be in the same account you use for Firehose. Cross-account roles aren't allowed. * * > If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `RoleARN` property is required and its value must be specified. */ roleArn?: pulumi.Input; /** * Specifies the AWS Glue table that contains the column information that constitutes your data schema. * * > If the `SchemaConfiguration` request parameter is used as part of invoking the `CreateDeliveryStream` API, then the `TableName` property is required and its value must be specified. */ tableName?: pulumi.Input; /** * Specifies the table version for the output data schema. If you don't specify this version ID, or if you set it to `LATEST` , Firehose uses the most recent version. This means that any updates to the table are automatically picked up. */ versionId?: pulumi.Input; } interface DeliveryStreamSchemaEvolutionConfigurationArgs { /** * Specify whether you want to enable schema evolution. * * Amazon Data Firehose is in preview release and is subject to change. */ enabled?: pulumi.Input; } interface DeliveryStreamSecretsManagerConfigurationArgs { /** * Specifies whether you want to use the secrets manager feature. When set as `True` the secrets manager configuration overwrites the existing secrets in the destination configuration. When it's set to `False` Firehose falls back to the credentials in the destination configuration. */ enabled: pulumi.Input; /** * Specifies the role that Firehose assumes when calling the Secrets Manager API operation. When you provide the role, it overrides any destination specific role defined in the destination configuration. If you do not provide the then we use the destination specific role. This parameter is required for Splunk. */ roleArn?: pulumi.Input; /** * The ARN of the secret that stores your credentials. It must be in the same region as the Firehose stream and the role. The secret ARN can reside in a different account than the Firehose stream and role as Firehose supports cross-account secret access. This parameter is required when *Enabled* is set to `True` . */ secretArn?: pulumi.Input; } interface DeliveryStreamSerializerArgs { /** * A serializer to use for converting data to the ORC format before storing it in Amazon S3. For more information, see [Apache ORC](https://docs.aws.amazon.com/https://orc.apache.org/docs/) . */ orcSerDe?: pulumi.Input; /** * A serializer to use for converting data to the Parquet format before storing it in Amazon S3. For more information, see [Apache Parquet](https://docs.aws.amazon.com/https://parquet.apache.org/docs/contribution-guidelines/) . */ parquetSerDe?: pulumi.Input; } interface DeliveryStreamSnowflakeBufferingHintsArgs { /** * Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 0. */ intervalInSeconds?: pulumi.Input; /** * Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 128. */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamSnowflakeDestinationConfigurationArgs { /** * URL for accessing your Snowflake account. This URL must include your [account identifier](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-account-identifier) . Note that the protocol (https://) and port number are optional. */ accountUrl: pulumi.Input; /** * Describes the buffering to perform before delivering data to the Snowflake destination. If you do not specify any value, Firehose uses the default values. */ bufferingHints?: pulumi.Input; cloudWatchLoggingOptions?: pulumi.Input; /** * The name of the record content column. */ contentColumnName?: pulumi.Input; /** * Choose to load JSON keys mapped to table column names or choose to split the JSON payload where content is mapped to a record content column and source metadata is mapped to a record metadata column. */ dataLoadingOption?: pulumi.Input; /** * All data in Snowflake is maintained in databases. */ database: pulumi.Input; /** * Passphrase to decrypt the private key when the key is encrypted. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) . */ keyPassphrase?: pulumi.Input; /** * Specify a column name in the table, where the metadata information has to be loaded. When you enable this field, you will see the following column in the snowflake table, which differs based on the source type. * * For Direct PUT as source * * `{ "firehoseDeliveryStreamName" : "streamname", "IngestionTime" : "timestamp" }` * * For Kinesis Data Stream as source * * `"kinesisStreamName" : "streamname", "kinesisShardId" : "Id", "kinesisPartitionKey" : "key", "kinesisSequenceNumber" : "1234", "subsequenceNumber" : "2334", "IngestionTime" : "timestamp" }` */ metaDataColumnName?: pulumi.Input; /** * The private key used to encrypt your Snowflake client. For information, see [Using Key Pair Authentication & Key Rotation](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/data-load-snowpipe-streaming-configuration#using-key-pair-authentication-key-rotation) . */ privateKey?: pulumi.Input; processingConfiguration?: pulumi.Input; /** * The time period where Firehose will retry sending data to the chosen HTTP endpoint. */ retryOptions?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Snowflake role */ roleArn: pulumi.Input; /** * Choose an S3 backup mode */ s3BackupMode?: pulumi.Input; s3Configuration: pulumi.Input; /** * Each database consists of one or more schemas, which are logical groupings of database objects, such as tables and views */ schema: pulumi.Input; /** * The configuration that defines how you access secrets for Snowflake. */ secretsManagerConfiguration?: pulumi.Input; /** * Optionally configure a Snowflake role. Otherwise the default user role will be used. */ snowflakeRoleConfiguration?: pulumi.Input; /** * The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink) */ snowflakeVpcConfiguration?: pulumi.Input; /** * All data in Snowflake is stored in database tables, logically structured as collections of columns and rows. */ table: pulumi.Input; /** * User login name for the Snowflake account. */ user?: pulumi.Input; } interface DeliveryStreamSnowflakeRetryOptionsArgs { /** * the time period where Firehose will retry sending data to the chosen HTTP endpoint. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamSnowflakeRoleConfigurationArgs { /** * Enable Snowflake role */ enabled?: pulumi.Input; /** * The Snowflake role you wish to configure */ snowflakeRole?: pulumi.Input; } interface DeliveryStreamSnowflakeVpcConfigurationArgs { /** * The VPCE ID for Firehose to privately connect with Snowflake. The ID format is com.amazonaws.vpce.[region].vpce-svc-<[id]>. For more information, see [Amazon PrivateLink & Snowflake](https://docs.aws.amazon.com/https://docs.snowflake.com/en/user-guide/admin-security-privatelink) */ privateLinkVpceId: pulumi.Input; } interface DeliveryStreamSplunkBufferingHintsArgs { /** * Buffer incoming data for the specified period of time, in seconds, before delivering it to the destination. The default value is 60 (1 minute). */ intervalInSeconds?: pulumi.Input; /** * Buffer incoming data to the specified size, in MBs, before delivering it to the destination. The default value is 5. */ sizeInMbs?: pulumi.Input; } interface DeliveryStreamSplunkDestinationConfigurationArgs { /** * The buffering options. If no value is specified, the default values for Splunk are used. */ bufferingHints?: pulumi.Input; /** * The Amazon CloudWatch logging options for your Firehose stream. */ cloudWatchLoggingOptions?: pulumi.Input; /** * The amount of time that Firehose waits to receive an acknowledgment from Splunk after it sends it data. At the end of the timeout period, Firehose either tries to send the data again or considers it an error, based on your retry settings. */ hecAcknowledgmentTimeoutInSeconds?: pulumi.Input; /** * The HTTP Event Collector (HEC) endpoint to which Firehose sends your data. */ hecEndpoint: pulumi.Input; /** * This type can be either `Raw` or `Event` . */ hecEndpointType: pulumi.Input; /** * This is a GUID that you obtain from your Splunk cluster when you create a new HEC endpoint. */ hecToken?: pulumi.Input; /** * The data processing configuration. */ processingConfiguration?: pulumi.Input; /** * The retry behavior in case Firehose is unable to deliver data to Splunk, or if it doesn't receive an acknowledgment of receipt from Splunk. */ retryOptions?: pulumi.Input; /** * Defines how documents should be delivered to Amazon S3. When set to `FailedEventsOnly` , Firehose writes any data that could not be indexed to the configured Amazon S3 destination. When set to `AllEvents` , Firehose delivers all incoming records to Amazon S3, and also writes failed documents to Amazon S3. The default value is `FailedEventsOnly` . * * You can update this backup mode from `FailedEventsOnly` to `AllEvents` . You can't update it from `AllEvents` to `FailedEventsOnly` . */ s3BackupMode?: pulumi.Input; /** * The configuration for the backup Amazon S3 location. */ s3Configuration: pulumi.Input; /** * The configuration that defines how you access secrets for Splunk. */ secretsManagerConfiguration?: pulumi.Input; } interface DeliveryStreamSplunkRetryOptionsArgs { /** * The total amount of time that Firehose spends on retries. This duration starts after the initial attempt to send data to Splunk fails. It doesn't include the periods during which Firehose waits for acknowledgment from Splunk after each attempt. */ durationInSeconds?: pulumi.Input; } interface DeliveryStreamTableCreationConfigurationArgs { /** * Specify whether you want to enable automatic table creation. * * Amazon Data Firehose is in preview release and is subject to change. */ enabled?: pulumi.Input; } interface DeliveryStreamVpcConfigurationArgs { /** * The ARN of the IAM role that you want the delivery stream to use to create endpoints in the destination VPC. You can use your existing Kinesis Data Firehose delivery role or you can specify a new role. In either case, make sure that the role trusts the Kinesis Data Firehose service principal and that it grants the following permissions: * * - `ec2:DescribeVpcs` * - `ec2:DescribeVpcAttribute` * - `ec2:DescribeSubnets` * - `ec2:DescribeSecurityGroups` * - `ec2:DescribeNetworkInterfaces` * - `ec2:CreateNetworkInterface` * - `ec2:CreateNetworkInterfacePermission` * - `ec2:DeleteNetworkInterface` * * If you revoke these permissions after you create the delivery stream, Kinesis Data Firehose can't scale out by creating more ENIs when necessary. You might therefore see a degradation in performance. */ roleArn: pulumi.Input; /** * The IDs of the security groups that you want Kinesis Data Firehose to use when it creates ENIs in the VPC of the Amazon ES destination. You can use the same security group that the Amazon ES domain uses or different ones. If you specify different security groups here, ensure that they allow outbound HTTPS traffic to the Amazon ES domain's security group. Also ensure that the Amazon ES domain's security group allows HTTPS traffic from the security groups specified here. If you use the same security group for both your delivery stream and the Amazon ES domain, make sure the security group inbound rule allows HTTPS traffic. */ securityGroupIds: pulumi.Input[]>; /** * The IDs of the subnets that Kinesis Data Firehose uses to create ENIs in the VPC of the Amazon ES destination. Make sure that the routing tables and inbound and outbound rules allow traffic to flow from the subnets whose IDs are specified here to the subnets that have the destination Amazon ES endpoints. Kinesis Data Firehose creates at least one ENI in each of the subnets that are specified here. Do not delete or modify these ENIs. * * The number of ENIs that Kinesis Data Firehose creates in the subnets specified here scales up and down automatically based on throughput. To enable Kinesis Data Firehose to scale up the number of ENIs to match throughput, ensure that you have sufficient quota. To help you calculate the quota you need, assume that Kinesis Data Firehose can create up to three ENIs for this delivery stream for each of the subnets specified here. */ subnetIds: pulumi.Input[]>; } } export declare namespace kinesisvideo { /** * Configuration for the storage tier of the Kinesis Video Stream. */ interface StreamStorageConfigurationArgs { /** * The storage tier for the Kinesis Video Stream. Determines the storage class used for stream data. */ defaultStorageTier?: pulumi.Input; } } export declare namespace kms { } export declare namespace lakeformation { /** * An object representing the Data Cells Filter's Columns. Either Column Names or a Wildcard is required. */ interface DataCellsFilterColumnWildcardArgs { /** * A list of column names to be excluded from the Data Cells Filter. */ excludedColumnNames?: pulumi.Input[]>; } /** * An object representing the Data Cells Filter's Row Filter. Either a Filter Expression or a Wildcard is required. */ interface DataCellsFilterRowFilterArgs { /** * An empty object representing a row wildcard. */ allRowsWildcard?: any; /** * A PartiQL predicate. */ filterExpression?: pulumi.Input; } interface PrincipalPermissionsCatalogResourceArgs { } /** * A wildcard object, consisting of an optional list of excluded column names or indexes. */ interface PrincipalPermissionsColumnWildcardArgs { /** * Excludes column names. Any column with this name will be excluded. */ excludedColumnNames?: pulumi.Input[]>; } /** * A structure that describes certain columns on certain rows. */ interface PrincipalPermissionsDataCellsFilterResourceArgs { /** * A database in the GLUDC. */ databaseName: pulumi.Input; /** * The name given by the user to the data filter cell. */ name: pulumi.Input; /** * The ID of the catalog to which the table belongs. */ tableCatalogId: pulumi.Input; /** * The name of the table. */ tableName: pulumi.Input; } /** * The LFlong principal. */ interface PrincipalPermissionsDataLakePrincipalArgs { /** * An identifier for the LFlong principal. */ dataLakePrincipalIdentifier?: pulumi.Input; } /** * A structure for a data location object where permissions are granted or revoked. */ interface PrincipalPermissionsDataLocationResourceArgs { /** * The identifier for the GLUDC where the location is registered with LFlong. */ catalogId: pulumi.Input; /** * The Amazon Resource Name (ARN) that uniquely identifies the data location resource. */ resourceArn: pulumi.Input; } /** * A structure for the database object. */ interface PrincipalPermissionsDatabaseResourceArgs { /** * The identifier for the Data Catalog. By default, it is the account ID of the caller. */ catalogId: pulumi.Input; /** * The name of the database resource. Unique to the Data Catalog. */ name: pulumi.Input; } /** * The LF-tag key and values attached to a resource. */ interface PrincipalPermissionsLfTagArgs { /** * The key-name for the LF-tag. */ tagKey?: pulumi.Input; /** * A list of possible values of the corresponding ``TagKey`` of an LF-tag key-value pair. */ tagValues?: pulumi.Input[]>; } /** * A structure containing an LF-tag key and values for a resource. */ interface PrincipalPermissionsLfTagKeyResourceArgs { /** * The identifier for the GLUDC where the location is registered with GLUDC. */ catalogId: pulumi.Input; /** * The key-name for the LF-tag. */ tagKey: pulumi.Input; /** * A list of possible values for the corresponding ``TagKey`` of an LF-tag key-value pair. */ tagValues: pulumi.Input[]>; } /** * A list of LF-tag conditions that define a resource's LF-tag policy. * A structure that allows an admin to grant user permissions on certain conditions. For example, granting a role access to all columns that do not have the LF-tag 'PII' in tables that have the LF-tag 'Prod'. */ interface PrincipalPermissionsLfTagPolicyResourceArgs { /** * The identifier for the GLUDC. The GLUDC is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your LFlong environment. */ catalogId: pulumi.Input; /** * A list of LF-tag conditions that apply to the resource's LF-tag policy. */ expression: pulumi.Input[]>; /** * The resource type for which the LF-tag policy applies. */ resourceType: pulumi.Input; } /** * A structure for the resource. */ interface PrincipalPermissionsResourceArgs { /** * The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your LFlong environment. */ catalog?: pulumi.Input; /** * A data cell filter. */ dataCellsFilter?: pulumi.Input; /** * The location of an Amazon S3 path where permissions are granted or revoked. */ dataLocation?: pulumi.Input; /** * The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal. */ database?: pulumi.Input; /** * The LF-tag key and values attached to a resource. */ lfTag?: pulumi.Input; /** * A list of LF-tag conditions that define a resource's LF-tag policy. */ lfTagPolicy?: pulumi.Input; /** * The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal. */ table?: pulumi.Input; /** * The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3. */ tableWithColumns?: pulumi.Input; } /** * A structure for the table object. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal. */ interface PrincipalPermissionsTableResourceArgs { /** * The identifier for the Data Catalog. By default, it is the account ID of the caller. */ catalogId: pulumi.Input; /** * The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal. */ databaseName: pulumi.Input; /** * The name of the table. */ name?: pulumi.Input; /** * A wildcard object representing every table under a database. * At least one of ``TableResource$Name`` or ``TableResource$TableWildcard`` is required. */ tableWildcard?: pulumi.Input; } interface PrincipalPermissionsTableWildcardArgs { } /** * A structure for a table with columns object. This object is only used when granting a SELECT permission. * This object must take a value for at least one of ``ColumnsNames``, ``ColumnsIndexes``, or ``ColumnsWildcard``. */ interface PrincipalPermissionsTableWithColumnsResourceArgs { /** * The identifier for the GLUDC where the location is registered with LFlong. */ catalogId: pulumi.Input; /** * The list of column names for the table. At least one of ``ColumnNames`` or ``ColumnWildcard`` is required. */ columnNames?: pulumi.Input[]>; /** * A wildcard specified by a ``ColumnWildcard`` object. At least one of ``ColumnNames`` or ``ColumnWildcard`` is required. */ columnWildcard?: pulumi.Input; /** * The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal. */ databaseName: pulumi.Input; /** * The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal. */ name: pulumi.Input; } interface TagAssociationCatalogResourceArgs { } interface TagAssociationDatabaseResourceArgs { /** * The identifier for the Data Catalog . By default, it should be the account ID of the caller. */ catalogId: pulumi.Input; /** * The name of the database resource. Unique to the Data Catalog. */ name: pulumi.Input; } interface TagAssociationLfTagPairArgs { catalogId: pulumi.Input; tagKey: pulumi.Input; tagValues: pulumi.Input[]>; } interface TagAssociationResourceArgs { /** * The identifier for the Data Catalog. By default, the account ID. The Data Catalog is the persistent metadata store. It contains database definitions, table definitions, and other control information to manage your AWS Lake Formation environment. */ catalog?: pulumi.Input; /** * The database for the resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database permissions to a principal. */ database?: pulumi.Input; /** * The table for the resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal. */ table?: pulumi.Input; /** * The table with columns for the resource. A principal with permissions to this resource can select metadata from the columns of a table in the Data Catalog and the underlying data in Amazon S3. */ tableWithColumns?: pulumi.Input; } interface TagAssociationTableResourceArgs { /** * The identifier for the Data Catalog . By default, it is the account ID of the caller. */ catalogId: pulumi.Input; /** * The name of the database for the table. Unique to a Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal. */ databaseName: pulumi.Input; /** * The name of the table. */ name?: pulumi.Input; /** * A wildcard object representing every table under a database.This is an object with no properties that effectively behaves as a true or false depending on whether not it is passed as a parameter. The valid inputs for a property with this type in either yaml or json is null or {}. * * At least one of `TableResource$Name` or `TableResource$TableWildcard` is required. */ tableWildcard?: pulumi.Input; } interface TagAssociationTableWildcardArgs { } interface TagAssociationTableWithColumnsResourceArgs { /** * A wildcard object representing every table under a database. * * At least one of TableResource$Name or TableResource$TableWildcard is required. */ catalogId: pulumi.Input; /** * The list of column names for the table. At least one of `ColumnNames` or `ColumnWildcard` is required. */ columnNames: pulumi.Input[]>; /** * The name of the database for the table with columns resource. Unique to the Data Catalog. A database is a set of associated table definitions organized into a logical group. You can Grant and Revoke database privileges to a principal. */ databaseName: pulumi.Input; /** * The name of the table resource. A table is a metadata definition that represents your data. You can Grant and Revoke table privileges to a principal. */ name: pulumi.Input; } } export declare namespace lambda { /** * A provisioned concurrency configuration for a function's alias. */ interface AliasProvisionedConcurrencyConfigurationArgs { /** * The amount of provisioned concurrency to allocate for the alias. */ provisionedConcurrentExecutions: pulumi.Input; } /** * The traffic-shifting configuration of a Lambda function alias. */ interface AliasRoutingConfigurationArgs { /** * The second version, and the percentage of traffic that's routed to it. */ additionalVersionWeights?: pulumi.Input[]>; } /** * The traffic-shifting configuration of a Lambda function alias. */ interface AliasVersionWeightArgs { /** * The qualifier of the second version. */ functionVersion: pulumi.Input; /** * The percentage of traffic that the alias routes to the second version. */ functionWeight: pulumi.Input; } /** * Specifications that define the characteristics and constraints for compute instances used by the capacity provider. */ interface CapacityProviderInstanceRequirementsArgs { /** * A list of EC2 instance types that the capacity provider is allowed to use. If not specified, all compatible instance types are allowed. */ allowedInstanceTypes?: pulumi.Input[]>; /** * A list of supported CPU architectures for compute instances. Valid values include ``x86_64`` and ``arm64``. */ architectures?: pulumi.Input[]>; /** * A list of EC2 instance types that the capacity provider should not use, even if they meet other requirements. */ excludedInstanceTypes?: pulumi.Input[]>; } /** * Configuration that specifies the permissions required for the capacity provider to manage compute resources. */ interface CapacityProviderPermissionsConfigArgs { /** * The ARN of the IAM role that the capacity provider uses to manage compute instances and other AWS resources. */ capacityProviderOperatorRoleArn: pulumi.Input; } /** * Configuration that defines how the capacity provider scales compute instances based on demand and policies. */ interface CapacityProviderScalingConfigArgs { /** * The maximum number of vCPUs that the capacity provider can provision across all compute instances. */ maxVCpuCount?: pulumi.Input; /** * The scaling mode that determines how the capacity provider responds to changes in demand. */ scalingMode?: pulumi.Input; /** * A list of target tracking scaling policies for the capacity provider. */ scalingPolicies?: pulumi.Input[]>; } /** * A scaling policy for the capacity provider that automatically adjusts capacity to maintain a target value for a specific metric. */ interface CapacityProviderTargetTrackingScalingPolicyArgs { /** * The predefined metric type to track for scaling decisions. */ predefinedMetricType: pulumi.Input; /** * The target value for the metric that the scaling policy attempts to maintain through scaling actions. */ targetValue: pulumi.Input; } /** * VPC configuration that specifies the network settings for compute instances managed by the capacity provider. */ interface CapacityProviderVpcConfigArgs { /** * A list of security group IDs that control network access for compute instances managed by the capacity provider. */ securityGroupIds: pulumi.Input[]>; /** * A list of subnet IDs where the capacity provider launches compute instances. */ subnetIds: pulumi.Input[]>; } /** * When the CodeSigningConfig is later on attached to a function, the function code will be expected to be signed by profiles from this list */ interface CodeSigningConfigAllowedPublishersArgs { /** * List of Signing profile version Arns */ signingProfileVersionArns: pulumi.Input[]>; } /** * Policies to control how to act if a signature is invalid */ interface CodeSigningConfigCodeSigningPoliciesArgs { /** * Indicates how Lambda operations involve updating the code artifact will operate. Default to Warn if not provided */ untrustedArtifactOnDeployment: pulumi.Input; } /** * A destination for events after they have been sent to a function for processing. */ interface EventInvokeConfigDestinationConfigArgs { /** * The destination configuration for failed invocations. * * > When using an Amazon SQS queue as a destination, FIFO queues cannot be used. */ onFailure?: pulumi.Input; /** * The destination configuration for successful invocations. * * > When using an Amazon SQS queue as a destination, FIFO queues cannot be used. */ onSuccess?: pulumi.Input; } /** * The destination configuration for failed invocations. */ interface EventInvokeConfigOnFailureArgs { /** * The Amazon Resource Name (ARN) of the destination resource. */ destination: pulumi.Input; } /** * The destination configuration for successful invocations. */ interface EventInvokeConfigOnSuccessArgs { /** * The Amazon Resource Name (ARN) of the destination resource. */ destination: pulumi.Input; } /** * Specific configuration settings for an Amazon Managed Streaming for Apache Kafka (Amazon MSK) event source. */ interface EventSourceMappingAmazonManagedKafkaEventSourceConfigArgs { /** * The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-consumer-group-id). */ consumerGroupId?: pulumi.Input; /** * Specific configuration settings for a Kafka schema registry. */ schemaRegistryConfig?: pulumi.Input; } /** * A configuration object that specifies the destination of an event after Lambda processes it. For more information, see [Adding a destination](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html#invocation-async-destinations). */ interface EventSourceMappingDestinationConfigArgs { /** * The destination configuration for failed invocations. */ onFailure?: pulumi.Input; } /** * Specific configuration settings for a DocumentDB event source. */ interface EventSourceMappingDocumentDbEventSourceConfigArgs { /** * The name of the collection to consume within the database. If you do not specify a collection, Lambda consumes all collections. */ collectionName?: pulumi.Input; /** * The name of the database to consume within the DocumentDB cluster. */ databaseName?: pulumi.Input; /** * Determines what DocumentDB sends to your event stream during document update operations. If set to UpdateLookup, DocumentDB sends a delta describing the changes, along with a copy of the entire document. Otherwise, DocumentDB sends only a partial document that contains the changes. */ fullDocument?: pulumi.Input; } /** * The list of bootstrap servers for your Kafka brokers in the following format: ``"KafkaBootstrapServers": ["abc.xyz.com:xxxx","abc2.xyz.com:xxxx"]``. */ interface EventSourceMappingEndpointsArgs { /** * The list of bootstrap servers for your Kafka brokers in the following format: ``"KafkaBootstrapServers": ["abc.xyz.com:xxxx","abc2.xyz.com:xxxx"]``. */ kafkaBootstrapServers?: pulumi.Input[]>; } /** * A structure within a ``FilterCriteria`` object that defines an event filtering pattern. */ interface EventSourceMappingFilterArgs { /** * A filter pattern. For more information on the syntax of a filter pattern, see [Filter rule syntax](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventfiltering.html#filtering-syntax). */ pattern?: pulumi.Input; } /** * An object that contains the filters for an event source. */ interface EventSourceMappingFilterCriteriaArgs { /** * A list of filters. */ filters?: pulumi.Input[]>; } /** * The function's Amazon CloudWatch Logs configuration settings. */ interface EventSourceMappingLoggingConfigArgs { /** * Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where ``DEBUG`` is the highest level and ``WARN`` is the lowest. */ systemLogLevel?: pulumi.Input; } /** * The metrics configuration for your event source. Use this configuration object to define which metrics you want your event source mapping to produce. */ interface EventSourceMappingMetricsConfigArgs { /** * The metrics you want your event source mapping to produce. Include ``EventCount`` to receive event source mapping metrics related to the number of events processed by your event source mapping. For more information about these metrics, see [Event source mapping metrics](https://docs.aws.amazon.com/lambda/latest/dg/monitoring-metrics-types.html#event-source-mapping-metrics). */ metrics?: pulumi.Input[]>; } /** * A destination for events that failed processing. For more information, see [Adding a destination](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html#invocation-async-destinations). */ interface EventSourceMappingOnFailureArgs { /** * The Amazon Resource Name (ARN) of the destination resource. * To retain records of unsuccessful [asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async.html#invocation-async-destinations), you can configure an Amazon SNS topic, Amazon SQS queue, Amazon S3 bucket, Lambda function, or Amazon EventBridge event bus as the destination. * Amazon SNS destinations have a message size limit of 256 KB. If the combined size of the function request and response payload exceeds the limit, Lambda will drop the payload when sending ``OnFailure`` event to the destination. For details on this behavior, refer to [Retaining records of asynchronous invocations](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html). * To retain records of failed invocations from [Kinesis](https://docs.aws.amazon.com/lambda/latest/dg/with-kinesis.html), [DynamoDB](https://docs.aws.amazon.com/lambda/latest/dg/with-ddb.html), [self-managed Kafka](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka.html#services-smaa-onfailure-destination) or [Amazon MSK](https://docs.aws.amazon.com/lambda/latest/dg/with-msk.html#services-msk-onfailure-destination), you can configure an Amazon SNS topic, Amazon SQS queue, or Amazon S3 bucket as the destination. */ destination?: pulumi.Input; } /** * The [provisioned mode](https://docs.aws.amazon.com/lambda/latest/dg/invocation-eventsourcemapping.html#invocation-eventsourcemapping-provisioned-mode) configuration for the event source. Use Provisioned Mode to customize the minimum and maximum number of event pollers for your event source. */ interface EventSourceMappingProvisionedPollerConfigArgs { /** * The maximum number of event pollers this event source can scale up to. For Amazon SQS events source mappings, default is 200, and minimum value allowed is 2. For Amazon MSK and self-managed Apache Kafka event source mappings, default is 200, and minimum value allowed is 1. */ maximumPollers?: pulumi.Input; /** * The minimum number of event pollers this event source can scale down to. For Amazon SQS events source mappings, default is 2, and minimum 2 required. For Amazon MSK and self-managed Apache Kafka event source mappings, default is 1. */ minimumPollers?: pulumi.Input; /** * (Amazon MSK and self-managed Apache Kafka) The name of the provisioned poller group. Use this option to group multiple ESMs within the event source's VPC to share Event Poller Unit (EPU) capacity. You can use this option to optimize Provisioned mode costs for your ESMs. You can group up to 100 ESMs per poller group and aggregate maximum pollers across all ESMs in a group cannot exceed 2000. */ pollerGroupName?: pulumi.Input; } /** * (Amazon SQS only) The scaling configuration for the event source. To remove the configuration, pass an empty value. */ interface EventSourceMappingScalingConfigArgs { /** * Limits the number of concurrent instances that the SQS event source can invoke. */ maximumConcurrency?: pulumi.Input; } /** * Specific access configuration settings that tell Lambda how to authenticate with your schema registry. * If you're working with an GLU schema registry, don't provide authentication details in this object. Instead, ensure that your execution role has the required permissions for Lambda to access your cluster. * If you're working with a Confluent schema registry, choose the authentication method in the ``Type`` field, and provide the ASMlong secret ARN in the ``URI`` field. */ interface EventSourceMappingSchemaRegistryAccessConfigArgs { /** * The type of authentication Lambda uses to access your schema registry. */ type?: pulumi.Input; /** * The URI of the secret (Secrets Manager secret ARN) to authenticate with your schema registry. */ uri?: pulumi.Input; } /** * Specific configuration settings for a Kafka schema registry. */ interface EventSourceMappingSchemaRegistryConfigArgs { /** * An array of access configuration objects that tell Lambda how to authenticate with your schema registry. */ accessConfigs?: pulumi.Input[]>; /** * The record format that Lambda delivers to your function after schema validation. * + Choose ``JSON`` to have Lambda deliver the record to your function as a standard JSON object. * + Choose ``SOURCE`` to have Lambda deliver the record to your function in its original source format. Lambda removes all schema metadata, such as the schema ID, before sending the record to your function. */ eventRecordFormat?: pulumi.Input; /** * The URI for your schema registry. The correct URI format depends on the type of schema registry you're using. * + For GLU schema registries, use the ARN of the registry. * + For Confluent schema registries, use the URL of the registry. */ schemaRegistryUri?: pulumi.Input; /** * An array of schema validation configuration objects, which tell Lambda the message attributes you want to validate and filter using your schema registry. */ schemaValidationConfigs?: pulumi.Input[]>; } /** * Specific schema validation configuration settings that tell Lambda the message attributes you want to validate and filter using your schema registry. */ interface EventSourceMappingSchemaValidationConfigArgs { /** * The attributes you want your schema registry to validate and filter for. If you selected ``JSON`` as the ``EventRecordFormat``, Lambda also deserializes the selected message attributes. */ attribute?: pulumi.Input; } /** * The self-managed Apache Kafka cluster for your event source. */ interface EventSourceMappingSelfManagedEventSourceArgs { /** * The list of bootstrap servers for your Kafka brokers in the following format: ``"KafkaBootstrapServers": ["abc.xyz.com:xxxx","abc2.xyz.com:xxxx"]``. */ endpoints?: pulumi.Input; } /** * Specific configuration settings for a self-managed Apache Kafka event source. */ interface EventSourceMappingSelfManagedKafkaEventSourceConfigArgs { /** * The identifier for the Kafka consumer group to join. The consumer group ID must be unique among all your Kafka event sources. After creating a Kafka event source mapping with the consumer group ID specified, you cannot update this value. For more information, see [Customizable consumer group ID](https://docs.aws.amazon.com/lambda/latest/dg/with-kafka-process.html#services-smaa-topic-add). */ consumerGroupId?: pulumi.Input; /** * Specific configuration settings for a Kafka schema registry. */ schemaRegistryConfig?: pulumi.Input; } /** * An array of the authentication protocol, VPC components, or virtual host to secure and define your event source. */ interface EventSourceMappingSourceAccessConfigurationArgs { /** * The type of authentication protocol, VPC components, or virtual host for your event source. For example: ``"Type":"SASL_SCRAM_512_AUTH"``. * + ``BASIC_AUTH`` – (Amazon MQ) The ASMlong secret that stores your broker credentials. * + ``BASIC_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL/PLAIN authentication of your Apache Kafka brokers. * + ``VPC_SUBNET`` – (Self-managed Apache Kafka) The subnets associated with your VPC. Lambda connects to these subnets to fetch data from your self-managed Apache Kafka cluster. * + ``VPC_SECURITY_GROUP`` – (Self-managed Apache Kafka) The VPC security group used to manage access to your self-managed Apache Kafka brokers. * + ``SASL_SCRAM_256_AUTH`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-256 authentication of your self-managed Apache Kafka brokers. * + ``SASL_SCRAM_512_AUTH`` – (Amazon MSK, Self-managed Apache Kafka) The Secrets Manager ARN of your secret key used for SASL SCRAM-512 authentication of your self-managed Apache Kafka brokers. * + ``VIRTUAL_HOST`` –- (RabbitMQ) The name of the virtual host in your RabbitMQ broker. Lambda uses this RabbitMQ host as the event source. This property cannot be specified in an UpdateEventSourceMapping API call. * + ``CLIENT_CERTIFICATE_TLS_AUTH`` – (Amazon MSK, self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the certificate chain (X.509 PEM), private key (PKCS#8 PEM), and private key password (optional) used for mutual TLS authentication of your MSK/Apache Kafka brokers. * + ``SERVER_ROOT_CA_CERTIFICATE`` – (Self-managed Apache Kafka) The Secrets Manager ARN of your secret key containing the root CA certificate (X.509 PEM) used for TLS encryption of your Apache Kafka brokers. */ type?: pulumi.Input; /** * The value for your chosen configuration in ``Type``. For example: ``"URI": "arn:aws:secretsmanager:us-east-1:01234567890:secret:MyBrokerSecretName"``. */ uri?: pulumi.Input; } /** * Configuration for the capacity provider that manages compute resources for Lambda functions. */ interface FunctionCapacityProviderConfigArgs { /** * Configuration for Lambda-managed instances used by the capacity provider. */ lambdaManagedInstancesCapacityProviderConfig: pulumi.Input; } /** * The [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html) for a Lambda function. To deploy a function defined as a container image, you specify the location of a container image in the Amazon ECR registry. For a .zip file deployment package, you can specify the location of an object in Amazon S3. For Node.js and Python functions, you can specify the function code inline in the template. * When you specify source code inline for a Node.js function, the ``index`` file that CFN creates uses the extension ``.js``. This means that Node.js treats the file as a CommonJS module. * Changes to a deployment package in Amazon S3 or a container image in ECR are not detected automatically during stack updates. To update the function code, change the object key or version in the template. */ interface FunctionCodeArgs { /** * URI of a [container image](https://docs.aws.amazon.com/lambda/latest/dg/lambda-images.html) in the Amazon ECR registry. */ imageUri?: pulumi.Input; /** * An Amazon S3 bucket in the same AWS-Region as your function. The bucket can be in a different AWS-account. */ s3Bucket?: pulumi.Input; /** * The Amazon S3 key of the deployment package. */ s3Key?: pulumi.Input; s3ObjectStorageMode?: pulumi.Input; /** * For versioned objects, the version of the deployment package object to use. */ s3ObjectVersion?: pulumi.Input; /** * The ARN of the KMSlong (KMS) customer managed key that's used to encrypt your function's .zip deployment package. If you don't provide a customer managed key, Lambda uses an [owned key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-owned-cmk). */ sourceKmsKeyArn?: pulumi.Input; /** * (Node.js and Python) The source code of your Lambda function. If you include your function source inline with this parameter, CFN places it in a file named ``index`` and zips it to create a [deployment package](https://docs.aws.amazon.com/lambda/latest/dg/gettingstarted-package.html). This zip file cannot exceed 4MB. For the ``Handler`` property, the first part of the handler identifier must be ``index``. For example, ``index.handler``. * When you specify source code inline for a Node.js function, the ``index`` file that CFN creates uses the extension ``.js``. This means that Node.js treats the file as a CommonJS module. * When using Node.js 24 or later, Node.js can automatically detect if a ``.js`` file should be treated as CommonJS or as an ES module. To enable auto-detection, add the ``--experimental-detect-module`` flag to the ``NODE_OPTIONS`` environment variable. For more information, see [Experimental Node.js features](https://docs.aws.amazon.com//lambda/latest/dg/lambda-nodejs.html#nodejs-experimental-features). * For JSON, you must escape quotes and special characters such as newline (``\n``) with a backslash. * If you specify a function that interacts with an AWS CloudFormation custom resource, you don't have to write your own functions to send responses to the custom resource that invoked the function. AWS CloudFormation provides a response module ([cfn-response](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/cfn-lambda-function-code-cfnresponsemodule.html)) that simplifies sending responses. See [Using Lambda with CloudFormation](https://docs.aws.amazon.com/lambda/latest/dg/services-cloudformation.html) for details. */ zipFile?: pulumi.Input; } /** * The [dead-letter queue](https://docs.aws.amazon.com/lambda/latest/dg/invocation-async-retain-records.html#invocation-dlq) for failed asynchronous invocations. */ interface FunctionDeadLetterConfigArgs { /** * The Amazon Resource Name (ARN) of an Amazon SQS queue or Amazon SNS topic. */ targetArn?: pulumi.Input; } /** * Configuration settings for [durable functions](https://docs.aws.amazon.com/lambda/latest/dg/durable-functions.html), including execution timeout and retention period for execution history. */ interface FunctionDurableConfigArgs { /** * The maximum time (in seconds) that a durable execution can run before timing out. This timeout applies to the entire durable execution, not individual function invocations. */ executionTimeout: pulumi.Input; /** * The number of days to retain execution history after a durable execution completes. After this period, execution history is no longer available through the GetDurableExecutionHistory API. */ retentionPeriodInDays?: pulumi.Input; } /** * A function's environment variable settings. You can use environment variables to adjust your function's behavior without updating code. An environment variable is a pair of strings that are stored in a function's version-specific configuration. */ interface FunctionEnvironmentArgs { /** * Environment variable key-value pairs. For more information, see [Using Lambda environment variables](https://docs.aws.amazon.com/lambda/latest/dg/configuration-envvars.html). * If the value of the environment variable is a time or a duration, enclose the value in quotes. */ variables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * The size of the function's ``/tmp`` directory in MB. The default value is 512, but it can be any whole number between 512 and 10,240 MB. */ interface FunctionEphemeralStorageArgs { /** * The size of the function's ``/tmp`` directory. */ size: pulumi.Input; } /** * Details about the connection between a Lambda function and an [Amazon EFS file system](https://docs.aws.amazon.com/lambda/latest/dg/configuration-filesystem.html). */ interface FunctionFileSystemConfigArgs { /** * The Amazon Resource Name (ARN) of the Amazon EFS access point that provides access to the file system. */ arn: pulumi.Input; /** * The path where the function can access the file system, starting with ``/mnt/``. */ localMountPath: pulumi.Input; } /** * Configuration values that override the container image Dockerfile settings. For more information, see [Container image settings](https://docs.aws.amazon.com/lambda/latest/dg/images-create.html#images-parms). */ interface FunctionImageConfigArgs { /** * Specifies parameters that you want to pass in with ENTRYPOINT. You can specify a maximum of 1,500 parameters in the list. */ command?: pulumi.Input[]>; /** * Specifies the entry point to their application, which is typically the location of the runtime executable. You can specify a maximum of 1,500 string entries in the list. */ entryPoint?: pulumi.Input[]>; /** * Specifies the working directory. The length of the directory string cannot exceed 1,000 characters. */ workingDirectory?: pulumi.Input; } /** * Configuration for Lambda-managed instances used by the capacity provider. */ interface FunctionLambdaManagedInstancesCapacityProviderConfigArgs { /** * The Amazon Resource Name (ARN) of the capacity provider. */ capacityProviderArn: pulumi.Input; /** * The amount of memory in GiB allocated per vCPU for execution environments. */ executionEnvironmentMemoryGiBPerVCpu?: pulumi.Input; /** * The maximum number of concurrent executions that can run on each execution environment. */ perExecutionEnvironmentMaxConcurrency?: pulumi.Input; } /** * The function's Amazon CloudWatch Logs configuration settings. */ interface FunctionLoggingConfigArgs { /** * Set this property to filter the application logs for your function that Lambda sends to CloudWatch. Lambda only sends application logs at the selected level of detail and lower, where ``TRACE`` is the highest level and ``FATAL`` is the lowest. */ applicationLogLevel?: pulumi.Input; /** * The format in which Lambda sends your function's application and system logs to CloudWatch. Select between plain text and structured JSON. */ logFormat?: pulumi.Input; /** * The name of the Amazon CloudWatch log group the function sends logs to. By default, Lambda functions send logs to a default log group named ``/aws/lambda/``. To use a different log group, enter an existing log group or enter a new log group name. */ logGroup?: pulumi.Input; /** * Set this property to filter the system logs for your function that Lambda sends to CloudWatch. Lambda only sends system logs at the selected level of detail and lower, where ``DEBUG`` is the highest level and ``WARN`` is the lowest. */ systemLogLevel?: pulumi.Input; } /** * Sets the runtime management configuration for a function's version. For more information, see [Runtime updates](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html). */ interface FunctionRuntimeManagementConfigArgs { /** * The ARN of the runtime version you want the function to use. * This is only required if you're using the *Manual* runtime update mode. */ runtimeVersionArn?: pulumi.Input; /** * Specify the runtime update mode. * + *Auto (default)* - Automatically update to the most recent and secure runtime version using a [Two-phase runtime version rollout](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-two-phase). This is the best choice for most customers to ensure they always benefit from runtime updates. * + *FunctionUpdate* - LAM updates the runtime of you function to the most recent and secure runtime version when you update your function. This approach synchronizes runtime updates with function deployments, giving you control over when runtime updates are applied and allowing you to detect and mitigate rare runtime update incompatibilities early. When using this setting, you need to regularly update your functions to keep their runtime up-to-date. * + *Manual* - You specify a runtime version in your function configuration. The function will use this runtime version indefinitely. In the rare case where a new runtime version is incompatible with an existing function, this allows you to roll back your function to an earlier runtime version. For more information, see [Roll back a runtime version](https://docs.aws.amazon.com/lambda/latest/dg/runtimes-update.html#runtime-management-rollback). * * *Valid Values*: ``Auto`` | ``FunctionUpdate`` | ``Manual`` */ updateRuntimeOn: pulumi.Input; } /** * Configuration that defines the scaling behavior for a Lambda Managed Instances function, including the minimum and maximum number of execution environments that can be provisioned. */ interface FunctionScalingConfigArgs { /** * The maximum number of execution environments that can be provisioned for the function. */ maxExecutionEnvironments?: pulumi.Input; /** * The minimum number of execution environments to maintain for the function. */ minExecutionEnvironments?: pulumi.Input; } /** * The function's [SnapStart](https://docs.aws.amazon.com/lambda/latest/dg/snapstart.html) setting. */ interface FunctionSnapStartArgs { /** * Set ``ApplyOn`` to ``PublishedVersions`` to create a snapshot of the initialized execution environment when you publish a function version. */ applyOn: pulumi.Input; } /** * Specifies the tenant isolation mode configuration for a Lambda function. This allows you to configure specific tenant isolation strategies for your function invocations. Tenant isolation configuration cannot be modified after function creation. */ interface FunctionTenancyConfigArgs { /** * Tenant isolation mode allows for invocation to be sent to a corresponding execution environment dedicated to a specific tenant ID. */ tenantIsolationMode: pulumi.Input; } /** * The function's [](https://docs.aws.amazon.com/lambda/latest/dg/services-xray.html) tracing configuration. To sample and record incoming requests, set ``Mode`` to ``Active``. */ interface FunctionTracingConfigArgs { /** * The tracing mode. */ mode?: pulumi.Input; } /** * The VPC security groups and subnets that are attached to a Lambda function. When you connect a function to a VPC, Lambda creates an elastic network interface for each combination of security group and subnet in the function's VPC configuration. The function can only access resources and the internet through that VPC. For more information, see [VPC Settings](https://docs.aws.amazon.com/lambda/latest/dg/configuration-vpc.html). * When you delete a function, CFN monitors the state of its network interfaces and waits for Lambda to delete them before proceeding. If the VPC is defined in the same stack, the network interfaces need to be deleted by Lambda before CFN can delete the VPC's resources. * To monitor network interfaces, CFN needs the ``ec2:DescribeNetworkInterfaces`` permission. It obtains this from the user or role that modifies the stack. If you don't provide this permission, CFN does not wait for network interfaces to be deleted. */ interface FunctionVpcConfigArgs { /** * Allows outbound IPv6 traffic on VPC functions that are connected to dual-stack subnets. */ ipv6AllowedForDualStack?: pulumi.Input; /** * A list of VPC security group IDs. */ securityGroupIds?: pulumi.Input[]>; /** * A list of VPC subnet IDs. */ subnetIds?: pulumi.Input[]>; } interface LayerVersionContentArgs { /** * The Amazon S3 bucket of the layer archive. */ s3Bucket: pulumi.Input; /** * The Amazon S3 key of the layer archive. */ s3Key: pulumi.Input; /** * For versioned objects, the version of the layer archive object to use. */ s3ObjectVersion?: pulumi.Input; } interface UrlCorsArgs { /** * Specifies whether credentials are included in the CORS request. */ allowCredentials?: pulumi.Input; /** * Represents a collection of allowed headers. */ allowHeaders?: pulumi.Input[]>; /** * Represents a collection of allowed HTTP methods. */ allowMethods?: pulumi.Input[]>; /** * Represents a collection of allowed origins. */ allowOrigins?: pulumi.Input[]>; /** * Represents a collection of exposed headers. */ exposeHeaders?: pulumi.Input[]>; /** * The maximum amount of time, in seconds, that browsers can cache results of a preflight request. By default, this is set to `0` , which means the browser will not cache results. */ maxAge?: pulumi.Input; } /** * Configuration that defines the scaling behavior for a Lambda Managed Instances function, including the minimum and maximum number of execution environments that can be provisioned. */ interface VersionFunctionScalingConfigArgs { /** * The maximum number of execution environments that can be provisioned for the function. */ maxExecutionEnvironments?: pulumi.Input; /** * The minimum number of execution environments to maintain for the function. */ minExecutionEnvironments?: pulumi.Input; } /** * A provisioned concurrency configuration for a function's version. */ interface VersionProvisionedConcurrencyConfigurationArgs { /** * The amount of provisioned concurrency to allocate for the version. */ provisionedConcurrentExecutions: pulumi.Input; } /** * Runtime Management Config of a function. */ interface VersionRuntimePolicyArgs { /** * The ARN of the runtime the function is configured to use. If the runtime update mode is manual, the ARN is returned, otherwise null is returned. */ runtimeVersionArn?: pulumi.Input; /** * The runtime update mode. */ updateRuntimeOn: pulumi.Input; } } export declare namespace launchwizard { } export declare namespace lex { interface BotAdvancedRecognitionSettingArgs { /** * Enables using the slot values as a custom vocabulary for recognizing user utterances. */ audioRecognitionStrategy?: pulumi.Input; } /** * The location of audio log files collected when conversation logging is enabled for a bot. */ interface BotAliasAudioLogDestinationArgs { s3Bucket: pulumi.Input; } /** * Settings for logging audio of conversations between Amazon Lex and a user. You specify whether to log audio and the Amazon S3 bucket where the audio file is stored. */ interface BotAliasAudioLogSettingArgs { destination: pulumi.Input; enabled: pulumi.Input; } interface BotAliasCloudWatchLogGroupLogDestinationArgs { /** * A string used to identify the groupArn for the Cloudwatch Log Group */ cloudWatchLogGroupArn: pulumi.Input; /** * A string containing the value for the Log Prefix */ logPrefix: pulumi.Input; } /** * Contains information about code hooks that Amazon Lex calls during a conversation. */ interface BotAliasCodeHookSpecificationArgs { lambdaCodeHook: pulumi.Input; } /** * Contains information about code hooks that Amazon Lex calls during a conversation. */ interface BotAliasConversationLogSettingsArgs { /** * The Amazon S3 settings for logging audio to an S3 bucket. */ audioLogSettings?: pulumi.Input[]>; /** * The Amazon CloudWatch Logs settings for logging text and metadata. */ textLogSettings?: pulumi.Input[]>; } /** * Contains information about code hooks that Amazon Lex calls during a conversation. */ interface BotAliasLambdaCodeHookArgs { /** * The version of the request-response that you want Amazon Lex to use to invoke your Lambda function. */ codeHookInterfaceVersion: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lambda function. */ lambdaArn: pulumi.Input; } /** * You can use this parameter to specify a specific Lambda function to run different functions in different locales. */ interface BotAliasLocaleSettingsArgs { codeHookSpecification?: pulumi.Input; /** * Whether the Lambda code hook is enabled */ enabled: pulumi.Input; } /** * A locale setting in alias */ interface BotAliasLocaleSettingsItemArgs { botAliasLocaleSetting: pulumi.Input; /** * A string used to identify the locale */ localeId: pulumi.Input; } /** * Specifies an Amazon S3 bucket for logging audio conversations */ interface BotAliasS3BucketLogDestinationArgs { /** * The Amazon Resource Name (ARN) of an AWS Key Management Service (KMS) key for encrypting audio log files stored in an S3 bucket. */ kmsKeyArn?: pulumi.Input; /** * The Amazon S3 key of the deployment package. */ logPrefix: pulumi.Input; /** * The Amazon Resource Name (ARN) of an Amazon S3 bucket where audio log files are stored. */ s3BucketArn: pulumi.Input; } /** * Defines the Amazon CloudWatch Logs destination log group for conversation text logs. */ interface BotAliasTextLogDestinationArgs { cloudWatch: pulumi.Input; } /** * Contains information about code hooks that Amazon Lex calls during a conversation. */ interface BotAliasTextLogSettingArgs { destination: pulumi.Input; enabled: pulumi.Input; } interface BotAllowedInputTypesArgs { allowAudioInput: pulumi.Input; allowDtmfInput: pulumi.Input; } interface BotAudioAndDtmfInputSpecificationArgs { audioSpecification?: pulumi.Input; dtmfSpecification?: pulumi.Input; startTimeoutMs: pulumi.Input; } interface BotAudioLogDestinationArgs { s3Bucket: pulumi.Input; } interface BotAudioLogSettingArgs { destination: pulumi.Input; enabled: pulumi.Input; } interface BotAudioSpecificationArgs { endTimeoutMs: pulumi.Input; maxLengthMs: pulumi.Input; } interface BotBedrockAgentIntentConfigurationArgs { bedrockAgentConfiguration?: pulumi.Input; bedrockAgentIntentKnowledgeBaseConfiguration?: pulumi.Input; } interface BotBedrockAgentIntentConfigurationBedrockAgentConfigurationPropertiesArgs { bedrockAgentAliasId?: pulumi.Input; bedrockAgentId?: pulumi.Input; } interface BotBedrockAgentIntentConfigurationBedrockAgentIntentKnowledgeBaseConfigurationPropertiesArgs { bedrockKnowledgeBaseArn: pulumi.Input; bedrockModelConfiguration: pulumi.Input; } interface BotBedrockModelSpecificationArgs { bedrockGuardrailConfiguration?: pulumi.Input; bedrockModelCustomPrompt?: pulumi.Input; bedrockTraceStatus?: pulumi.Input; /** * The ARN of the foundation model used in descriptive bot building. */ modelArn: pulumi.Input; } interface BotBedrockModelSpecificationBedrockGuardrailConfigurationPropertiesArgs { bedrockGuardrailIdentifier?: pulumi.Input; bedrockGuardrailVersion?: pulumi.Input; } interface BotButtonArgs { text: pulumi.Input; value: pulumi.Input; } interface BotCloudWatchLogGroupLogDestinationArgs { cloudWatchLogGroupArn: pulumi.Input; logPrefix: pulumi.Input; } interface BotCompositeSlotTypeSettingArgs { /** * Subslots in the composite slot. */ subSlots?: pulumi.Input[]>; } interface BotConditionArgs { expressionString: pulumi.Input; } interface BotConditionalBranchArgs { condition: pulumi.Input; name: pulumi.Input; nextStep: pulumi.Input; response?: pulumi.Input; } interface BotConditionalSpecificationArgs { /** * A list of conditional branches. A conditional branch is made up of a condition, a response and a next step. The response and next step are executed when the condition is true. */ conditionalBranches: pulumi.Input[]>; /** * The conditional branch that should be followed when the conditions for other branches are not satisfied. A conditional branch is made up of a condition, a response and a next step. */ defaultBranch: pulumi.Input; /** * Determines whether a conditional branch is active. When `IsActive` is false, the conditions are not evaluated. */ isActive: pulumi.Input; } interface BotConversationLogSettingsArgs { /** * The Amazon S3 settings for logging audio to an S3 bucket. */ audioLogSettings?: pulumi.Input[]>; /** * The Amazon CloudWatch Logs settings for logging text and metadata. */ textLogSettings?: pulumi.Input[]>; } interface BotCustomPayloadArgs { value: pulumi.Input; } interface BotCustomVocabularyArgs { /** * Specifies a list of words that you expect to be used during a conversation with your bot. */ customVocabularyItems: pulumi.Input[]>; } interface BotCustomVocabularyItemArgs { displayAs?: pulumi.Input; phrase: pulumi.Input; weight?: pulumi.Input; } interface BotDeepgramSpeechModelConfigArgs { apiTokenSecretArn: pulumi.Input; modelId?: pulumi.Input; } interface BotDefaultConditionalBranchArgs { /** * The next step in the conversation. */ nextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input. */ response?: pulumi.Input; } interface BotDialogActionArgs { /** * If the dialog action is `ElicitSlot` , defines the slot to elicit from the user. */ slotToElicit?: pulumi.Input; /** * When true the next message for the intent is not used. */ suppressNextMessage?: pulumi.Input; /** * The action that the bot should execute. */ type: pulumi.Input; } interface BotDialogCodeHookInvocationSettingArgs { /** * Indicates whether a Lambda function should be invoked for the dialog. */ enableCodeHookInvocation: pulumi.Input; /** * A label that indicates the dialog step from which the dialog code hook is happening. */ invocationLabel?: pulumi.Input; /** * Determines whether a dialog code hook is used when the intent is activated. */ isActive: pulumi.Input; /** * Contains the responses and actions that Amazon Lex takes after the Lambda function is complete. */ postCodeHookSpecification: pulumi.Input; } interface BotDialogCodeHookSettingArgs { /** * Enables the dialog code hook so that it processes user requests. */ enabled: pulumi.Input; } interface BotDialogStateArgs { /** * Defines the action that the bot executes at runtime when the conversation reaches this step. */ dialogAction?: pulumi.Input; /** * Override settings to configure the intent state. */ intent?: pulumi.Input; /** * Map of key/value pairs representing session-specific context information. It contains application information passed between Amazon Lex and a client application. */ sessionAttributes?: pulumi.Input[]>; } interface BotDtmfSpecificationArgs { deletionCharacter: pulumi.Input; endCharacter: pulumi.Input; endTimeoutMs: pulumi.Input; maxLength: pulumi.Input; } interface BotElicitationCodeHookInvocationSettingArgs { /** * Indicates whether a Lambda function should be invoked for the dialog. */ enableCodeHookInvocation: pulumi.Input; /** * A label that indicates the dialog step from which the dialog code hook is happening. */ invocationLabel?: pulumi.Input; } interface BotExternalSourceSettingArgs { /** * Settings required for a slot type based on a grammar that you provide. */ grammarSlotTypeSetting?: pulumi.Input; } interface BotFulfillmentCodeHookSettingArgs { /** * Indicates whether a Lambda function should be invoked to fulfill a specific intent. */ enabled: pulumi.Input; /** * Provides settings for update messages sent to the user for long-running Lambda fulfillment functions. Fulfillment updates can be used only with streaming conversations. */ fulfillmentUpdatesSpecification?: pulumi.Input; /** * Determines whether the fulfillment code hook is used. When `active` is false, the code hook doesn't run. */ isActive?: pulumi.Input; /** * Provides settings for messages sent to the user for after the Lambda fulfillment function completes. Post-fulfillment messages can be sent for both streaming and non-streaming conversations. */ postFulfillmentStatusSpecification?: pulumi.Input; } interface BotFulfillmentStartResponseSpecificationArgs { /** * Determines whether the user can interrupt the start message while it is playing. */ allowInterrupt?: pulumi.Input; /** * The delay between when the Lambda fulfillment function starts running and the start message is played. If the Lambda function returns before the delay is over, the start message isn't played. */ delayInSeconds: pulumi.Input; /** * 1 - 5 message groups that contain start messages. Amazon Lex chooses one of the messages to play to the user. */ messageGroups: pulumi.Input[]>; } interface BotFulfillmentUpdateResponseSpecificationArgs { /** * Determines whether the user can interrupt an update message while it is playing. */ allowInterrupt?: pulumi.Input; /** * The frequency that a message is sent to the user. When the period ends, Amazon Lex chooses a message from the message groups and plays it to the user. If the fulfillment Lambda returns before the first period ends, an update message is not played to the user. */ frequencyInSeconds: pulumi.Input; /** * 1 - 5 message groups that contain update messages. Amazon Lex chooses one of the messages to play to the user. */ messageGroups: pulumi.Input[]>; } interface BotFulfillmentUpdatesSpecificationArgs { /** * Determines whether fulfillment updates are sent to the user. When this field is true, updates are sent. * * If the `active` field is set to true, the `startResponse` , `updateResponse` , and `timeoutInSeconds` fields are required. */ active: pulumi.Input; /** * Provides configuration information for the message sent to users when the fulfillment Lambda functions starts running. */ startResponse?: pulumi.Input; /** * The length of time that the fulfillment Lambda function should run before it times out. */ timeoutInSeconds?: pulumi.Input; /** * Provides configuration information for messages sent periodically to the user while the fulfillment Lambda function is running. */ updateResponse?: pulumi.Input; } interface BotGenerativeAiSettingsArgs { buildtimeSettings?: pulumi.Input; runtimeSettings?: pulumi.Input; } interface BotGenerativeAiSettingsBuildtimeSettingsPropertiesArgs { descriptiveBotBuilderSpecification?: pulumi.Input; sampleUtteranceGenerationSpecification?: pulumi.Input; } interface BotGenerativeAiSettingsBuildtimeSettingsPropertiesDescriptiveBotBuilderSpecificationPropertiesArgs { bedrockModelSpecification?: pulumi.Input; enabled: pulumi.Input; } interface BotGenerativeAiSettingsBuildtimeSettingsPropertiesSampleUtteranceGenerationSpecificationPropertiesArgs { bedrockModelSpecification?: pulumi.Input; enabled: pulumi.Input; } interface BotGenerativeAiSettingsRuntimeSettingsPropertiesArgs { nluImprovementSpecification?: pulumi.Input; slotResolutionImprovementSpecification?: pulumi.Input; } interface BotGenerativeAiSettingsRuntimeSettingsPropertiesNluImprovementSpecificationPropertiesArgs { assistedNluMode?: pulumi.Input; enabled: pulumi.Input; intentDisambiguationSettings?: pulumi.Input; } interface BotGenerativeAiSettingsRuntimeSettingsPropertiesSlotResolutionImprovementSpecificationPropertiesArgs { bedrockModelSpecification?: pulumi.Input; enabled: pulumi.Input; } interface BotGrammarSlotTypeSettingArgs { /** * The source of the grammar used to create the slot type. */ source?: pulumi.Input; } interface BotGrammarSlotTypeSourceArgs { /** * The AWS key required to decrypt the contents of the grammar, if any. */ kmsKeyArn?: pulumi.Input; /** * The name of the Amazon S3 bucket that contains the grammar source. */ s3BucketName: pulumi.Input; /** * The path to the grammar in the Amazon S3 bucket. */ s3ObjectKey: pulumi.Input; } interface BotImageResponseCardArgs { buttons?: pulumi.Input[]>; imageUrl?: pulumi.Input; subtitle?: pulumi.Input; title: pulumi.Input; } interface BotInitialResponseSettingArgs { /** * Settings that specify the dialog code hook that is called by Amazon Lex at a step of the conversation. */ codeHook?: pulumi.Input; /** * Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. */ conditional?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input. */ initialResponse?: pulumi.Input; /** * The next step in the conversation. */ nextStep?: pulumi.Input; } interface BotInputContextArgs { name: pulumi.Input; } interface BotIntentArgs { bedrockAgentIntentConfiguration?: pulumi.Input; /** * Resource Type definition for the intent. */ description?: pulumi.Input; /** * Specifies that Amazon Lex invokes the alias Lambda function for each user input. You can invoke this Lambda function to personalize user interaction. */ dialogCodeHook?: pulumi.Input; displayName?: pulumi.Input; /** * Specifies that Amazon Lex invokes the alias Lambda function when the intent is ready for fulfillment. You can invoke this function to complete the bot's transaction with the user. */ fulfillmentCodeHook?: pulumi.Input; /** * Configuration setting for a response sent to the user before Amazon Lex starts eliciting slots. */ initialResponseSetting?: pulumi.Input; /** * A list of contexts that must be active for this intent to be considered by Amazon Lex . */ inputContexts?: pulumi.Input[]>; /** * Sets the response that Amazon Lex sends to the user when the intent is closed. */ intentClosingSetting?: pulumi.Input; /** * Provides prompts that Amazon Lex sends to the user to confirm the completion of an intent. If the user answers "no," the settings contain a statement that is sent to the user to end the intent. */ intentConfirmationSetting?: pulumi.Input; /** * Provides configuration information for the `AMAZON.KendraSearchIntent` intent. When you use this intent, Amazon Lex searches the specified Amazon Kendra index and returns documents from the index that match the user's utterance. */ kendraConfiguration?: pulumi.Input; /** * The name of the intent. Intent names must be unique within the locale that contains the intent and can't match the name of any built-in intent. */ name: pulumi.Input; /** * A list of contexts that the intent activates when it is fulfilled. */ outputContexts?: pulumi.Input[]>; /** * A unique identifier for the built-in intent to base this intent on. */ parentIntentSignature?: pulumi.Input; qInConnectIntentConfiguration?: pulumi.Input; qnAIntentConfiguration?: pulumi.Input; /** * A list of utterances that a user might say to signal the intent. */ sampleUtterances?: pulumi.Input[]>; /** * Indicates the priority for slots. Amazon Lex prompts the user for slot values in priority order. */ slotPriorities?: pulumi.Input[]>; /** * A list of slots that the intent requires for fulfillment. */ slots?: pulumi.Input[]>; } interface BotIntentClosingSettingArgs { /** * The response that Amazon Lex sends to the user when the intent is complete. */ closingResponse?: pulumi.Input; /** * A list of conditional branches associated with the intent's closing response. These branches are executed when the `nextStep` attribute is set to `EvalutateConditional` . */ conditional?: pulumi.Input; /** * Specifies whether an intent's closing response is used. When this field is false, the closing response isn't sent to the user. If the `IsActive` field isn't specified, the default is true. */ isActive?: pulumi.Input; /** * Specifies the next step that the bot executes after playing the intent's closing response. */ nextStep?: pulumi.Input; } interface BotIntentConfirmationSettingArgs { /** * The `DialogCodeHookInvocationSetting` object associated with intent's confirmation step. The dialog code hook is triggered based on these invocation settings when the confirmation next step or declination next step or failure next step is `InvokeDialogCodeHook` . */ codeHook?: pulumi.Input; /** * A list of conditional branches to evaluate after the intent is closed. */ confirmationConditional?: pulumi.Input; /** * Specifies the next step that the bot executes when the customer confirms the intent. */ confirmationNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input. */ confirmationResponse?: pulumi.Input; /** * A list of conditional branches to evaluate after the intent is declined. */ declinationConditional?: pulumi.Input; /** * Specifies the next step that the bot executes when the customer declines the intent. */ declinationNextStep?: pulumi.Input; /** * When the user answers "no" to the question defined in `promptSpecification` , Amazon Lex responds with this response to acknowledge that the intent was canceled. */ declinationResponse?: pulumi.Input; /** * The `DialogCodeHookInvocationSetting` used when the code hook is invoked during confirmation prompt retries. */ elicitationCodeHook?: pulumi.Input; /** * Provides a list of conditional branches. Branches are evaluated in the order that they are entered in the list. The first branch with a condition that evaluates to true is executed. The last branch in the list is the default branch. The default branch should not have any condition expression. The default branch is executed if no other branch has a matching condition. */ failureConditional?: pulumi.Input; /** * The next step to take in the conversation if the confirmation step fails. */ failureNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input when the intent confirmation fails. */ failureResponse?: pulumi.Input; /** * Specifies whether the intent's confirmation is sent to the user. When this field is false, confirmation and declination responses aren't sent. If the `IsActive` field isn't specified, the default is true. */ isActive?: pulumi.Input; /** * Prompts the user to confirm the intent. This question should have a yes or no answer. * * Amazon Lex uses this prompt to ensure that the user acknowledges that the intent is ready for fulfillment. For example, with the `OrderPizza` intent, you might want to confirm that the order is correct before placing it. For other intents, such as intents that simply respond to user questions, you might not need to ask the user for confirmation before providing the information. */ promptSpecification: pulumi.Input; } interface BotIntentDisambiguationSettingsArgs { /** * Provides a custom message that will be displayed before presenting the disambiguation options to users. This message helps set the context for users and can be customized to match your bot's tone and brand. If not specified, a default message will be used. */ customDisambiguationMessage?: pulumi.Input; /** * Determines whether the Intent Disambiguation feature is enabled. When set to `true` , Amazon Lex will present disambiguation options to users when multiple intents could match their input, with the default being `false` . */ enabled: pulumi.Input; /** * Specifies the maximum number of intent options (2-5) to present to users when disambiguation is needed. This setting determines how many intent options will be shown to users when the system detects ambiguous input. The default value is 3. */ maxDisambiguationIntents?: pulumi.Input; } interface BotIntentOverrideArgs { /** * The name of the intent. Only required when you're switching intents. */ name?: pulumi.Input; /** * A map of all of the slot value overrides for the intent. The name of the slot maps to the value of the slot. Slots that are not included in the map aren't overridden. */ slots?: pulumi.Input[]>; } interface BotKendraConfigurationArgs { /** * The Amazon Resource Name (ARN) of the Amazon Kendra index that you want the `AMAZON.KendraSearchIntent` intent to search. The index must be in the same account and Region as the Amazon Lex bot. */ kendraIndex: pulumi.Input; /** * A query filter that Amazon Lex sends to Amazon Kendra to filter the response from a query. The filter is in the format defined by Amazon Kendra. For more information, see [Filtering queries](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html) . */ queryFilterString?: pulumi.Input; /** * Determines whether the `AMAZON.KendraSearchIntent` intent uses a custom query string to query the Amazon Kendra index. */ queryFilterStringEnabled?: pulumi.Input; } interface BotLocaleArgs { /** * Specifies a custom vocabulary to use with a specific locale. */ customVocabulary?: pulumi.Input; /** * A description of the bot locale. Use this to help identify the bot locale in lists. */ description?: pulumi.Input; generativeAiSettings?: pulumi.Input; /** * One or more intents defined for the locale. */ intents?: pulumi.Input[]>; /** * The identifier of the language and locale that the bot will be used in. The string must match one of the supported locales. */ localeId: pulumi.Input; /** * Determines the threshold where Amazon Lex will insert the `AMAZON.FallbackIntent` , `AMAZON.KendraSearchIntent` , or both when returning alternative intents. You must configure an `AMAZON.FallbackIntent` . `AMAZON.KendraSearchIntent` is only inserted if it is configured for the bot. */ nluConfidenceThreshold: pulumi.Input; /** * One or more slot types defined for the locale. */ slotTypes?: pulumi.Input[]>; speechDetectionSensitivity?: pulumi.Input; speechRecognitionSettings?: pulumi.Input; unifiedSpeechSettings?: pulumi.Input; /** * Defines settings for using an Amazon Polly voice to communicate with a user. * * Valid values include: * * - `standard` * - `neural` * - `long-form` * - `generative` */ voiceSettings?: pulumi.Input; } interface BotMessageArgs { customPayload?: pulumi.Input; imageResponseCard?: pulumi.Input; plainTextMessage?: pulumi.Input; ssmlMessage?: pulumi.Input; } interface BotMessageGroupArgs { message: pulumi.Input; variations?: pulumi.Input[]>; } interface BotMultipleValuesSettingArgs { /** * Indicates whether a slot can return multiple values. When `true` , the slot may return more than one value in a response. When `false` , the slot returns only a single value. * * Multi-value slots are only available in the en-US locale. If you set this value to `true` in any other locale, Amazon Lex throws a `ValidationException` . * * If the `allowMutlipleValues` is not set, the default value is `false` . */ allowMultipleValues?: pulumi.Input; } interface BotObfuscationSettingArgs { /** * Value that determines whether Amazon Lex obscures slot values in conversation logs. The default is to obscure the values. */ obfuscationSettingType: pulumi.Input; } interface BotOutputContextArgs { name: pulumi.Input; timeToLiveInSeconds: pulumi.Input; turnsToLive: pulumi.Input; } interface BotPlainTextMessageArgs { value: pulumi.Input; } interface BotPostDialogCodeHookInvocationSpecificationArgs { /** * A list of conditional branches to evaluate after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` . */ failureConditional?: pulumi.Input; /** * Specifies the next step the bot runs after the dialog code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` . */ failureNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input when the code hook fails. */ failureResponse?: pulumi.Input; /** * A list of conditional branches to evaluate after the dialog code hook finishes successfully. */ successConditional?: pulumi.Input; /** * Specifics the next step the bot runs after the dialog code hook finishes successfully. */ successNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond when the code hook succeeds. */ successResponse?: pulumi.Input; /** * A list of conditional branches to evaluate if the code hook times out. */ timeoutConditional?: pulumi.Input; /** * Specifies the next step that the bot runs when the code hook times out. */ timeoutNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond to the user input when the code hook times out. */ timeoutResponse?: pulumi.Input; } interface BotPostFulfillmentStatusSpecificationArgs { /** * A list of conditional branches to evaluate after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` . */ failureConditional?: pulumi.Input; /** * Specifies the next step the bot runs after the fulfillment code hook throws an exception or returns with the `State` field of the `Intent` object set to `Failed` . */ failureNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't successful. */ failureResponse?: pulumi.Input; /** * A list of conditional branches to evaluate after the fulfillment code hook finishes successfully. */ successConditional?: pulumi.Input; /** * Specifies the next step in the conversation that Amazon Lex invokes when the fulfillment code hook completes successfully. */ successNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond when the fulfillment is successful. */ successResponse?: pulumi.Input; /** * A list of conditional branches to evaluate if the fulfillment code hook times out. */ timeoutConditional?: pulumi.Input; /** * Specifies the next step that the bot runs when the fulfillment code hook times out. */ timeoutNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond when fulfillment isn't completed within the timeout period. */ timeoutResponse?: pulumi.Input; } interface BotPromptAttemptSpecificationArgs { allowInterrupt?: pulumi.Input; allowedInputTypes: pulumi.Input; audioAndDtmfInputSpecification?: pulumi.Input; textInputSpecification?: pulumi.Input; } interface BotPromptSpecificationArgs { /** * Indicates whether the user can interrupt a speech prompt from the bot. */ allowInterrupt?: pulumi.Input; /** * The maximum number of times the bot tries to elicit a response from the user using this prompt. */ maxRetries: pulumi.Input; /** * A collection of messages that Amazon Lex can send to the user. Amazon Lex chooses the actual message to send at runtime. */ messageGroupsList: pulumi.Input[]>; /** * Indicates how a message is selected from a message group among retries. */ messageSelectionStrategy?: pulumi.Input; /** * Specifies the advanced settings on each attempt of the prompt. */ promptAttemptsSpecification?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface BotQInConnectIntentConfigurationArgs { qInConnectAssistantConfiguration?: pulumi.Input; } interface BotQInConnectIntentConfigurationQInConnectAssistantConfigurationPropertiesArgs { assistantArn: pulumi.Input; } interface BotQnAIntentConfigurationArgs { bedrockModelConfiguration: pulumi.Input; /** * Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` . */ dataSourceConfiguration: pulumi.Input; } /** * Contains details about the configuration of the data source used for the `AMAZON.QnAIntent` . */ interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesArgs { bedrockKnowledgeStoreConfiguration?: pulumi.Input; kendraConfiguration?: pulumi.Input; opensearchConfiguration?: pulumi.Input; } interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationPropertiesArgs { bedrockKnowledgeBaseArn?: pulumi.Input; bkbExactResponseFields?: pulumi.Input; exactResponse?: pulumi.Input; } interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesBedrockKnowledgeStoreConfigurationPropertiesBkbExactResponseFieldsPropertiesArgs { answerField?: pulumi.Input; } interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationPropertiesArgs { domainEndpoint?: pulumi.Input; exactResponse?: pulumi.Input; exactResponseFields?: pulumi.Input; includeFields?: pulumi.Input[]>; indexName?: pulumi.Input; } interface BotQnAIntentConfigurationDataSourceConfigurationPropertiesOpensearchConfigurationPropertiesExactResponseFieldsPropertiesArgs { answerField?: pulumi.Input; questionField?: pulumi.Input; } interface BotQnAKendraConfigurationArgs { /** * Specifies whether to return an exact response from the Amazon Kendra index or to let the Amazon Bedrock model you select generate a response based on the results. To use this feature, you must first add FAQ questions to your index by following the steps at [Adding frequently asked questions (FAQs) to an index](https://docs.aws.amazon.com/kendra/latest/dg/in-creating-faq.html) . */ exactResponse: pulumi.Input; /** * The ARN of the Amazon Kendra index to use. */ kendraIndex: pulumi.Input; /** * Contains the Amazon Kendra filter string to use if enabled. For more information on the Amazon Kendra search filter JSON format, see [Using document attributes to filter search results](https://docs.aws.amazon.com/kendra/latest/dg/filtering.html#search-filtering) . */ queryFilterString?: pulumi.Input; /** * Specifies whether to enable an Amazon Kendra filter string or not. */ queryFilterStringEnabled: pulumi.Input; } interface BotReplicationArgs { replicaRegions: pulumi.Input[]>; } interface BotResponseSpecificationArgs { /** * Indicates whether the user can interrupt a speech response from Amazon Lex. */ allowInterrupt?: pulumi.Input; /** * A collection of responses that Amazon Lex can send to the user. Amazon Lex chooses the actual response to send at runtime. */ messageGroupsList: pulumi.Input[]>; } interface BotS3BucketLogDestinationArgs { kmsKeyArn?: pulumi.Input; logPrefix: pulumi.Input; s3BucketArn: pulumi.Input; } interface BotS3LocationArgs { /** * The S3 bucket name. */ s3Bucket: pulumi.Input; /** * The path and file name to the object in the S3 bucket. */ s3ObjectKey: pulumi.Input; /** * The version of the object in the S3 bucket. */ s3ObjectVersion?: pulumi.Input; } interface BotSampleUtteranceArgs { utterance: pulumi.Input; } interface BotSampleValueArgs { value: pulumi.Input; } interface BotSessionAttributeArgs { /** * The name of the session attribute. */ key: pulumi.Input; /** * The session-specific context information for the session attribute. */ value?: pulumi.Input; } interface BotSlotArgs { /** * The description of the slot. */ description?: pulumi.Input; /** * Indicates whether a slot can return multiple values. */ multipleValuesSetting?: pulumi.Input; /** * The name given to the slot. */ name: pulumi.Input; /** * Determines whether the contents of the slot are obfuscated in Amazon CloudWatch Logs logs. Use obfuscated slots to protect information such as personally identifiable information (PII) in logs. */ obfuscationSetting?: pulumi.Input; /** * The name of the slot type that this slot is based on. The slot type defines the acceptable values for the slot. */ slotTypeName: pulumi.Input; subSlotSetting?: pulumi.Input; /** * Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values: * * - ORIGINAL_VALUE - Returns the value entered by the user, if the user value is similar to a slot value. * - TOP_RESOLUTION - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned. * * If you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` . */ valueElicitationSetting: pulumi.Input; } interface BotSlotCaptureSettingArgs { /** * A list of conditional branches to evaluate after the slot value is captured. */ captureConditional?: pulumi.Input; /** * Specifies the next step that the bot runs when the slot value is captured before the code hook times out. */ captureNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input. */ captureResponse?: pulumi.Input; /** * Code hook called after Amazon Lex successfully captures a slot value. */ codeHook?: pulumi.Input; /** * Code hook called when Amazon Lex doesn't capture a slot value. */ elicitationCodeHook?: pulumi.Input; /** * A list of conditional branches to evaluate when the slot value isn't captured. */ failureConditional?: pulumi.Input; /** * Specifies the next step that the bot runs when the slot value code is not recognized. */ failureNextStep?: pulumi.Input; /** * Specifies a list of message groups that Amazon Lex uses to respond the user input when the slot fails to be captured. */ failureResponse?: pulumi.Input; } interface BotSlotDefaultValueArgs { /** * The default value to use when a user doesn't provide a value for a slot. */ defaultValue: pulumi.Input; } interface BotSlotDefaultValueSpecificationArgs { /** * A list of default values. Amazon Lex chooses the default value to use in the order that they are presented in the list. */ defaultValueList: pulumi.Input[]>; } interface BotSlotPriorityArgs { priority: pulumi.Input; slotName: pulumi.Input; } interface BotSlotTypeArgs { compositeSlotTypeSetting?: pulumi.Input; /** * A description of the slot type. Use the description to help identify the slot type in lists. */ description?: pulumi.Input; /** * Sets the type of external information used to create the slot type. */ externalSourceSetting?: pulumi.Input; /** * The name of the slot type. A slot type name must be unique withing the account. */ name: pulumi.Input; /** * The built-in slot type used as a parent of this slot type. When you define a parent slot type, the new slot type has the configuration of the parent lot type. * * Only `AMAZON.AlphaNumeric` is supported. */ parentSlotTypeSignature?: pulumi.Input; /** * A list of SlotTypeValue objects that defines the values that the slot type can take. Each value can have a list of synonyms, additional values that help train the machine learning model about the values that it resolves for the slot. */ slotTypeValues?: pulumi.Input[]>; /** * Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values: * * - `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value. * - `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned. * * If you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` . */ valueSelectionSetting?: pulumi.Input; } interface BotSlotTypeValueArgs { sampleValue: pulumi.Input; synonyms?: pulumi.Input[]>; } interface BotSlotValueArgs { /** * The value that Amazon Lex determines for the slot. The actual value depends on the setting of the value selection strategy for the bot. You can choose to use the value entered by the user, or you can have Amazon Lex choose the first value in the `resolvedValues` list. */ interpretedValue?: pulumi.Input; } interface BotSlotValueElicitationSettingArgs { /** * A list of default values for a slot. Default values are used when Amazon Lex hasn't determined a value for a slot. You can specify default values from context variables, session attributes, and defined values. */ defaultValueSpecification?: pulumi.Input; /** * The prompt that Amazon Lex uses to elicit the slot value from the user. */ promptSpecification?: pulumi.Input; /** * If you know a specific pattern that users might respond to an Amazon Lex request for a slot value, you can provide those utterances to improve accuracy. This is optional. In most cases, Amazon Lex is capable of understanding user utterances. */ sampleUtterances?: pulumi.Input[]>; /** * Specifies the settings that Amazon Lex uses when a slot value is successfully entered by a user. */ slotCaptureSetting?: pulumi.Input; /** * Specifies whether the slot is required or optional. */ slotConstraint: pulumi.Input; /** * Specifies the prompts that Amazon Lex uses while a bot is waiting for customer input. */ waitAndContinueSpecification?: pulumi.Input; } interface BotSlotValueOverrideArgs { /** * When the shape value is `List` , it indicates that the `values` field contains a list of slot values. When the value is `Scalar` , it indicates that the `value` field contains a single value. */ shape?: pulumi.Input; /** * The current value of the slot. */ value?: pulumi.Input; /** * A list of one or more values that the user provided for the slot. For example, for a slot that elicits pizza toppings, the values might be "pepperoni" and "pineapple." */ values?: pulumi.Input[]>; } interface BotSlotValueOverrideMapArgs { /** * The name of the slot. */ slotName?: pulumi.Input; /** * The SlotValueOverride object to which the slot name will be mapped. */ slotValueOverride?: pulumi.Input; } interface BotSlotValueRegexFilterArgs { /** * A regular expression used to validate the value of a slot. * * Use a standard regular expression. Amazon Lex supports the following characters in the regular expression: * * - A-Z, a-z * - 0-9 * - Unicode characters ("\⁠u") * * Represent Unicode characters with four digits, for example "\⁠u0041" or "\⁠u005A". * * The following regular expression operators are not supported: * * - Infinite repeaters: *, +, or {x,} with no upper bound. * - Wild card (.) */ pattern: pulumi.Input; } interface BotSlotValueSelectionSettingArgs { /** * Provides settings that enable advanced recognition settings for slot values. You can use this to enable using slot values as a custom vocabulary for recognizing user utterances. */ advancedRecognitionSetting?: pulumi.Input; /** * A regular expression used to validate the value of a slot. */ regexFilter?: pulumi.Input; /** * Determines the slot resolution strategy that Amazon Lex uses to return slot type values. The field can be set to one of the following values: * * - `ORIGINAL_VALUE` - Returns the value entered by the user, if the user value is similar to the slot value. * - `TOP_RESOLUTION` - If there is a resolution list for the slot, return the first value in the resolution list as the slot type value. If there is no resolution list, null is returned. * * If you don't specify the `valueSelectionStrategy` , the default is `ORIGINAL_VALUE` . */ resolutionStrategy: pulumi.Input; } interface BotSpecificationsArgs { slotTypeId?: pulumi.Input; slotTypeName?: pulumi.Input; valueElicitationSetting: pulumi.Input; } interface BotSpeechModelConfigArgs { deepgramConfig?: pulumi.Input; } interface BotSpeechRecognitionSettingsArgs { speechModelConfig?: pulumi.Input; speechModelPreference?: pulumi.Input; } interface BotSsmlMessageArgs { value: pulumi.Input; } interface BotStillWaitingResponseSpecificationArgs { /** * Indicates that the user can interrupt the response by speaking while the message is being played. */ allowInterrupt?: pulumi.Input; /** * How often a message should be sent to the user. Minimum of 1 second, maximum of 5 minutes. */ frequencyInSeconds: pulumi.Input; /** * One or more message groups, each containing one or more messages, that define the prompts that Amazon Lex sends to the user. */ messageGroupsList: pulumi.Input[]>; /** * If Amazon Lex waits longer than this length of time for a response, it will stop sending messages. */ timeoutInSeconds: pulumi.Input; } interface BotSubSlotSettingArgs { /** * The expression text for defining the constituent sub slots in the composite slot using logical AND and OR operators. */ expression?: pulumi.Input; /** * Specifications for the constituent sub slots of a composite slot. */ slotSpecifications?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface BotSubSlotTypeCompositionArgs { /** * Name of a constituent sub slot inside a composite slot. */ name: pulumi.Input; /** * The unique identifier assigned to a slot type. This refers to either a built-in slot type or the unique slotTypeId of a custom slot type. */ slotTypeId?: pulumi.Input; slotTypeName?: pulumi.Input; } interface BotSubSlotValueElicitationSettingArgs { defaultValueSpecification?: pulumi.Input; promptSpecification?: pulumi.Input; sampleUtterances?: pulumi.Input[]>; waitAndContinueSpecification?: pulumi.Input; } interface BotTagArgs { key: pulumi.Input; value: pulumi.Input; } interface BotTestBotAliasSettingsArgs { /** * Specifies settings that are unique to a locale. For example, you can use a different Lambda function depending on the bot's locale. */ botAliasLocaleSettings?: pulumi.Input[]>; /** * Specifies settings for conversation logs that save audio, text, and metadata information for conversations with your users. */ conversationLogSettings?: pulumi.Input; /** * Specifies a description for the test bot alias. */ description?: pulumi.Input; /** * Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances. */ sentimentAnalysisSettings?: pulumi.Input; } /** * Specifies whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances. */ interface BotTestBotAliasSettingsSentimentAnalysisSettingsPropertiesArgs { detectSentiment: pulumi.Input; } interface BotTextInputSpecificationArgs { startTimeoutMs: pulumi.Input; } interface BotTextLogDestinationArgs { cloudWatch: pulumi.Input; } interface BotTextLogSettingArgs { destination: pulumi.Input; enabled: pulumi.Input; } interface BotUnifiedSpeechSettingsArgs { /** * The foundation model configuration to use for unified speech processing capabilities. */ speechFoundationModel: pulumi.Input; } /** * The foundation model configuration to use for unified speech processing capabilities. */ interface BotUnifiedSpeechSettingsSpeechFoundationModelPropertiesArgs { modelArn: pulumi.Input; voiceId?: pulumi.Input; } /** * The version of a bot used for a bot locale. */ interface BotVersionLocaleDetailsArgs { sourceBotVersion: pulumi.Input; } interface BotVersionLocaleSpecificationArgs { botVersionLocaleDetails: pulumi.Input; localeId: pulumi.Input; } interface BotVoiceSettingsArgs { /** * Indicates the type of Amazon Polly voice that Amazon Lex should use for voice interaction with the user. For more information, see the [`engine` parameter of the `SynthesizeSpeech` operation](https://docs.aws.amazon.com/polly/latest/dg/API_SynthesizeSpeech.html#polly-SynthesizeSpeech-request-Engine) in the *Amazon Polly developer guide* . * * If you do not specify a value, the default is `standard` . */ engine?: pulumi.Input; /** * The identifier of the Amazon Polly voice to use. */ voiceId: pulumi.Input; } interface BotWaitAndContinueSpecificationArgs { /** * The response that Amazon Lex sends to indicate that the bot is ready to continue the conversation. */ continueResponse: pulumi.Input; /** * Specifies whether the bot will wait for a user to respond. When this field is false, wait and continue responses for a slot aren't used. If the `IsActive` field isn't specified, the default is true. */ isActive?: pulumi.Input; /** * A response that Amazon Lex sends periodically to the user to indicate that the bot is still waiting for input from the user. */ stillWaitingResponse?: pulumi.Input; /** * The response that Amazon Lex sends to indicate that the bot is waiting for the conversation to continue. */ waitingResponse: pulumi.Input; } /** * By default, data stored by Amazon Lex is encrypted. The `DataPrivacy` structure provides settings that determine how Amazon Lex handles special cases of securing the data for your bot. */ interface DataPrivacyPropertiesArgs { /** * For each Amazon Lex bot created with the Amazon Lex Model Building Service, you must specify whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to the Children's Online Privacy Protection Act (COPPA) by specifying `true` or `false` in the `childDirected` field. By specifying `true` in the `childDirected` field, you confirm that your use of Amazon Lex *is* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. By specifying `false` in the `childDirected` field, you confirm that your use of Amazon Lex *is not* related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. You may not specify a default value for the `childDirected` field that does not accurately reflect whether your use of Amazon Lex is related to a website, program, or other application that is directed or targeted, in whole or in part, to children under age 13 and subject to COPPA. If your use of Amazon Lex relates to a website, program, or other application that is directed in whole or in part, to children under age 13, you must obtain any required verifiable parental consent under COPPA. For information regarding the use of Amazon Lex in connection with websites, programs, or other applications that are directed or targeted, in whole or in part, to children under age 13, see the [Amazon Lex FAQ](https://docs.aws.amazon.com/lex/faqs#data-security) . */ childDirected: pulumi.Input; } interface ErrorLogSettingsPropertiesArgs { enabled: pulumi.Input; } /** * A resource policy to add to the resource. The policy is a JSON structure following the IAM syntax that contains one or more statements that define the policy. */ interface ResourcePolicyPolicyArgs { } /** * Determines whether Amazon Lex will use Amazon Comprehend to detect the sentiment of user utterances. */ interface SentimentAnalysisSettingsPropertiesArgs { /** * Enable to call Amazon Comprehend for Sentiment natively within Lex */ detectSentiment: pulumi.Input; } } export declare namespace licensemanager { interface LicenseBorrowConfigurationArgs { /** * Indicates whether early check-ins are allowed. */ allowEarlyCheckIn: pulumi.Input; /** * Maximum time for the borrow configuration, in minutes. */ maxTimeToLiveInMinutes: pulumi.Input; } interface LicenseConsumptionConfigurationArgs { /** * Details about a borrow configuration. */ borrowConfiguration?: pulumi.Input; /** * Details about a provisional configuration. */ provisionalConfiguration?: pulumi.Input; /** * Renewal frequency. */ renewType?: pulumi.Input; } interface LicenseEntitlementArgs { /** * Indicates whether check-ins are allowed. */ allowCheckIn?: pulumi.Input; /** * Maximum entitlement count. Use if the unit is not None. */ maxCount?: pulumi.Input; /** * Entitlement name. */ name: pulumi.Input; /** * Indicates whether overages are allowed. */ overage?: pulumi.Input; /** * Entitlement unit. */ unit: pulumi.Input; /** * Entitlement resource. Use only if the unit is None. */ value?: pulumi.Input; } interface LicenseIssuerDataArgs { /** * Issuer name. */ name: pulumi.Input; /** * Asymmetric KMS key from AWS Key Management Service . The KMS key must have a key usage of sign and verify, and support the RSASSA-PSS SHA-256 signing algorithm. */ signKey?: pulumi.Input; } interface LicenseMetadataArgs { /** * The key name. */ name: pulumi.Input; /** * The value. */ value: pulumi.Input; } interface LicenseProvisionalConfigurationArgs { /** * Maximum time for the provisional configuration, in minutes. */ maxTimeToLiveInMinutes: pulumi.Input; } interface LicenseValidityDateFormatArgs { /** * Validity begin date for the license. */ begin: pulumi.Input; /** * Validity begin date for the license. */ end: pulumi.Input; } } export declare namespace lightsail { /** * An object that sets the public accessibility of objects in the specified bucket. */ interface BucketAccessRulesArgs { /** * A Boolean value that indicates whether the access control list (ACL) permissions that are applied to individual objects override the getObject option that is currently specified. */ allowPublicOverrides?: pulumi.Input; /** * Specifies the anonymous access to all objects in a bucket. */ getObject?: pulumi.Input; } /** * Describes the settings of a container that will be launched, or that is launched, to an Amazon Lightsail container service. */ interface ContainerArgs { /** * The launch command for the container. */ command?: pulumi.Input[]>; /** * The name of the container. */ containerName?: pulumi.Input; /** * The environment variables of the container. */ environment?: pulumi.Input[]>; /** * The name of the image used for the container. */ image?: pulumi.Input; /** * The open firewall ports of the container. */ ports?: pulumi.Input[]>; } interface ContainerEnvironmentVariableArgs { /** * The environment variable value. */ value?: pulumi.Input; /** * The environment variable key. */ variable?: pulumi.Input; } /** * Describes the health check configuration of an Amazon Lightsail container service. */ interface ContainerHealthCheckConfigArgs { /** * The number of consecutive health checks successes required before moving the container to the Healthy state. The default value is 2. */ healthyThreshold?: pulumi.Input; /** * The approximate interval, in seconds, between health checks of an individual container. You can specify between 5 and 300 seconds. The default value is 5. */ intervalSeconds?: pulumi.Input; /** * The path on the container on which to perform the health check. The default value is /. */ path?: pulumi.Input; /** * The HTTP codes to use when checking for a successful response from a container. You can specify values between 200 and 499. You can specify multiple values (for example, 200,202) or a range of values (for example, 200-299). */ successCodes?: pulumi.Input; /** * The amount of time, in seconds, during which no response means a failed health check. You can specify between 2 and 60 seconds. The default value is 2. */ timeoutSeconds?: pulumi.Input; /** * The number of consecutive health check failures required before moving the container to the Unhealthy state. The default value is 2. */ unhealthyThreshold?: pulumi.Input; } interface ContainerPortInfoArgs { /** * The open firewall ports of the container. */ port?: pulumi.Input; /** * The protocol name for the open ports. * * *Allowed values* : `HTTP` | `HTTPS` | `TCP` | `UDP` */ protocol?: pulumi.Input; } /** * An object to describe the configuration for the container service to access private container image repositories, such as Amazon Elastic Container Registry (Amazon ECR) private repositories. */ interface ContainerPrivateRegistryAccessArgs { /** * An object to describe a request to activate or deactivate the role that you can use to grant an Amazon Lightsail container service access to Amazon Elastic Container Registry (Amazon ECR) private repositories. */ ecrImagePullerRole?: pulumi.Input; } /** * An object to describe a request to activate or deactivate the role that you can use to grant an Amazon Lightsail container service access to Amazon Elastic Container Registry (Amazon ECR) private repositories. */ interface ContainerPrivateRegistryAccessEcrImagePullerRolePropertiesArgs { /** * A Boolean value that indicates whether to activate the role. */ isActive?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the role, if it is activated. */ principalArn?: pulumi.Input; } /** * The public domain name to use with the container service, such as example.com and www.example.com. */ interface ContainerPublicDomainNameArgs { /** * The name of the certificate for the public domains. */ certificateName?: pulumi.Input; /** * An object that describes the configuration for the containers of the deployment. */ domainNames?: pulumi.Input[]>; } /** * Describes the settings of a public endpoint for an Amazon Lightsail container service. */ interface ContainerPublicEndpointArgs { /** * The name of the container for the endpoint. */ containerName?: pulumi.Input; /** * The port of the container to which traffic is forwarded to. */ containerPort?: pulumi.Input; /** * An object that describes the health check configuration of the container. */ healthCheckConfig?: pulumi.Input; } /** * Describes a container deployment configuration of an Amazon Lightsail container service. */ interface ContainerServiceDeploymentArgs { /** * An object that describes the configuration for the containers of the deployment. */ containers?: pulumi.Input[]>; /** * An object that describes the endpoint of the deployment. */ publicEndpoint?: pulumi.Input; } /** * Describes the parameters of the database. */ interface DatabaseRelationalDatabaseParameterArgs { /** * Specifies the valid range of values for the parameter. */ allowedValues?: pulumi.Input; /** * Indicates when parameter updates are applied. Can be immediate or pending-reboot. */ applyMethod?: pulumi.Input; /** * Specifies the engine-specific parameter type. */ applyType?: pulumi.Input; /** * Specifies the valid data type for the parameter. */ dataType?: pulumi.Input; /** * Provides a description of the parameter. */ description?: pulumi.Input; /** * A Boolean value indicating whether the parameter can be modified. */ isModifiable?: pulumi.Input; /** * Specifies the name of the parameter. */ parameterName?: pulumi.Input; /** * Specifies the value of the parameter. */ parameterValue?: pulumi.Input; } /** * A addon associate with a resource. */ interface DiskAddOnArgs { /** * The add-on type */ addOnType: pulumi.Input; /** * The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created. */ autoSnapshotAddOnRequest?: pulumi.Input; /** * Status of the Addon */ status?: pulumi.Input; } /** * An object that represents additional parameters when enabling or modifying the automatic snapshot add-on */ interface DiskAutoSnapshotAddOnArgs { /** * The daily time when an automatic snapshot will be created. */ snapshotTimeOfDay?: pulumi.Input; } /** * Location of a resource. */ interface DiskLocationArgs { /** * The Availability Zone in which to create your disk. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request. */ availabilityZone?: pulumi.Input; /** * The Region Name in which to create your disk. */ regionName?: pulumi.Input; } /** * A addon associate with a resource. */ interface InstanceAddOnArgs { /** * The add-on type */ addOnType: pulumi.Input; /** * The parameters for the automatic snapshot add-on, such as the daily time when an automatic snapshot will be created. */ autoSnapshotAddOnRequest?: pulumi.Input; /** * Status of the Addon */ status?: pulumi.Input; } /** * An object that represents additional parameters when enabling or modifying the automatic snapshot add-on */ interface InstanceAutoSnapshotAddOnArgs { /** * The daily time when an automatic snapshot will be created. */ snapshotTimeOfDay?: pulumi.Input; } /** * Disk associated with the Instance. */ interface InstanceDiskArgs { /** * Instance attached to the disk. */ attachedTo?: pulumi.Input; /** * Attachment state of the disk. */ attachmentState?: pulumi.Input; /** * The names to use for your new Lightsail disk. */ diskName: pulumi.Input; /** * IOPS of disk. */ iops?: pulumi.Input; /** * Is the Attached disk is the system disk of the Instance. */ isSystemDisk?: pulumi.Input; /** * Path of the disk attached to the instance. */ path: pulumi.Input; /** * Size of the disk attached to the Instance. */ sizeInGb?: pulumi.Input; } /** * Hardware of the Instance. */ interface InstanceHardwareArgs { /** * CPU count of the Instance. */ cpuCount?: pulumi.Input; /** * Disks attached to the Instance. */ disks?: pulumi.Input[]>; /** * RAM Size of the Instance. */ ramSizeInGb?: pulumi.Input; } /** * Location of a resource. */ interface InstanceLocationArgs { /** * The Availability Zone in which to create your instance. Use the following format: us-east-2a (case sensitive). Be sure to add the include Availability Zones parameter to your request. */ availabilityZone?: pulumi.Input; /** * The Region Name in which to create your instance. */ regionName?: pulumi.Input; } /** * Monthly Transfer of the Instance. */ interface InstanceMonthlyTransferArgs { /** * GbPerMonthAllocated of the Instance. */ gbPerMonthAllocated?: pulumi.Input; } /** * Networking of the Instance. */ interface InstanceNetworkingArgs { /** * The monthly amount of data transfer, in GB, allocated for the instance */ monthlyTransfer?: pulumi.Input; /** * Ports to the Instance. */ ports: pulumi.Input[]>; } /** * Port of the Instance. */ interface InstancePortArgs { /** * Access Direction for Protocol of the Instance(inbound/outbound). */ accessDirection?: pulumi.Input; /** * Access From Protocol of the Instance. */ accessFrom?: pulumi.Input; /** * Access Type Protocol of the Instance. */ accessType?: pulumi.Input; /** * An alias that defines access for a preconfigured range of IP addresses. * * The only alias currently supported is `lightsail-connect` , which allows IP addresses of the browser-based RDP/SSH client in the Lightsail console to connect to your instance. */ cidrListAliases?: pulumi.Input[]>; /** * The IPv4 address, or range of IPv4 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. * * > The `ipv6Cidrs` parameter lists the IPv6 addresses that are allowed to connect to an instance. * * Examples: * * - To allow the IP address `192.0.2.44` , specify `192.0.2.44` or `192.0.2.44/32` . * - To allow the IP addresses `192.0.2.0` to `192.0.2.255` , specify `192.0.2.0/24` . */ cidrs?: pulumi.Input[]>; /** * CommonName for Protocol of the Instance. */ commonName?: pulumi.Input; /** * From Port of the Instance. */ fromPort?: pulumi.Input; /** * The IPv6 address, or range of IPv6 addresses (in CIDR notation) that are allowed to connect to an instance through the ports, and the protocol. Only devices with an IPv6 address can connect to an instance through IPv6; otherwise, IPv4 should be used. * * > The `cidrs` parameter lists the IPv4 addresses that are allowed to connect to an instance. */ ipv6Cidrs?: pulumi.Input[]>; /** * Port Protocol of the Instance. */ protocol?: pulumi.Input; /** * To Port of the Instance. */ toPort?: pulumi.Input; } /** * Current State of the Instance. */ interface InstanceStateArgs { /** * Status code of the Instance. */ code?: pulumi.Input; /** * Status code of the Instance. */ name?: pulumi.Input; } } export declare namespace location { interface ApiKeyAndroidAppArgs { certificateFingerprint: pulumi.Input; package: pulumi.Input; } interface ApiKeyAppleAppArgs { bundleId: pulumi.Input; } interface ApiKeyRestrictionsArgs { /** * A list of allowed actions that an API key resource grants permissions to perform. You must have at least one action for each type of resource. For example, if you have a place resource, you must include at least one place action. * * The following are valid values for the actions. * * - *Map actions* * * - `geo:GetMap*` - Allows all actions needed for map rendering. * - *Enhanced Maps actions* * * - `geo-maps:GetTile` - Allows getting map tiles for rendering. * - `geo-maps:GetStaticMap` - Allows getting static map images. * - *Place actions* * * - `geo:SearchPlaceIndexForText` - Allows finding geo coordinates of a known place. * - `geo:SearchPlaceIndexForPosition` - Allows getting nearest address to geo coordinates. * - `geo:SearchPlaceIndexForSuggestions` - Allows suggestions based on an incomplete or misspelled query. * - `geo:GetPlace` - Allows getting details of a place. * - *Enhanced Places actions* * * - `geo-places:Autcomplete` - Allows auto-completion of search text. * - `geo-places:Geocode` - Allows finding geo coordinates of a known place. * - `geo-places:GetPlace` - Allows getting details of a place. * - `geo-places:ReverseGeocode` - Allows getting nearest address to geo coordinates. * - `geo-places:SearchNearby` - Allows category based places search around geo coordinates. * - `geo-places:SearchText` - Allows place or address search based on free-form text. * - `geo-places:Suggest` - Allows suggestions based on an incomplete or misspelled query. * - *Route actions* * * - `geo:CalculateRoute` - Allows point to point routing. * - `geo:CalculateRouteMatrix` - Allows matrix routing. * - *Enhanced Routes actions* * * - `geo-routes:CalculateIsolines` - Allows isoline calculation. * - `geo-routes:CalculateRoutes` - Allows point to point routing. * - `geo-routes:CalculateRouteMatrix` - Allows matrix routing. * - `geo-routes:OptimizeWaypoints` - Allows computing the best sequence of waypoints. * - `geo-routes:SnapToRoads` - Allows snapping GPS points to a likely route. * * > You must use these strings exactly. For example, to provide access to map rendering, the only valid action is `geo:GetMap*` as an input to the list. `["geo:GetMap*"]` is valid but `["geo:GetTile"]` is not. Similarly, you cannot use `["geo:SearchPlaceIndexFor*"]` - you must list each of the Place actions separately. */ allowActions: pulumi.Input[]>; allowAndroidApps?: pulumi.Input[]>; allowAppleApps?: pulumi.Input[]>; /** * An optional list of allowed HTTP referers for which requests must originate from. Requests using this API key from other domains will not be allowed. * * Requirements: * * - Contain only alphanumeric characters (A–Z, a–z, 0–9) or any symbols in this list `$\-._+!*`(),;/?:@=&` * - May contain a percent (%) if followed by 2 hexadecimal digits (A-F, a-f, 0-9); this is used for URL encoding purposes. * - May contain wildcard characters question mark (?) and asterisk (*). * * Question mark (?) will replace any single character (including hexadecimal digits). * * Asterisk (*) will replace any multiple characters (including multiple hexadecimal digits). * - No spaces allowed. For example, `https://example.com` . */ allowReferers?: pulumi.Input[]>; /** * A list of allowed resource ARNs that a API key bearer can perform actions on. * * - The ARN must be the correct ARN for a map, place, or route ARN. You may include wildcards in the resource-id to match multiple resources of the same type. * - The resources must be in the same `partition` , `region` , and `account-id` as the key that is being created. * - Other than wildcards, you must include the full ARN, including the `arn` , `partition` , `service` , `region` , `account-id` and `resource-id` delimited by colons (:). * - No spaces allowed, even with wildcards. For example, `arn:aws:geo:region: *account-id* :map/ExampleMap*` . * * For more information about ARN format, see [Amazon Resource Names (ARNs)](https://docs.aws.amazon.com/general/latest/gr/aws-arns-and-namespaces.html) . */ allowResources: pulumi.Input[]>; } interface MapConfigurationArgs { /** * Specifies the custom layers for the style. Leave unset to not enable any custom layer, or, for styles that support custom layers, you can enable layer(s), such as the `POI` layer for the VectorEsriNavigation style. * * > Currenlty only `VectorEsriNavigation` supports CustomLayers. For more information, see [Custom Layers](https://docs.aws.amazon.com//location/latest/developerguide/map-concepts.html#map-custom-layers) . */ customLayers?: pulumi.Input[]>; /** * Specifies the map political view selected from an available data provider. */ politicalView?: pulumi.Input; /** * Specifies the map style selected from an available data provider. * * Valid [Esri map styles](https://docs.aws.amazon.com/location/previous/developerguide/esri.html) : * * - `VectorEsriDarkGrayCanvas` – The Esri Dark Gray Canvas map style. A vector basemap with a dark gray, neutral background with minimal colors, labels, and features that's designed to draw attention to your thematic content. * - `RasterEsriImagery` – The Esri Imagery map style. A raster basemap that provides one meter or better satellite and aerial imagery in many parts of the world and lower resolution satellite imagery worldwide. * - `VectorEsriLightGrayCanvas` – The Esri Light Gray Canvas map style, which provides a detailed vector basemap with a light gray, neutral background style with minimal colors, labels, and features that's designed to draw attention to your thematic content. * - `VectorEsriTopographic` – The Esri Light map style, which provides a detailed vector basemap with a classic Esri map style. * - `VectorEsriStreets` – The Esri Street Map style, which provides a detailed vector basemap for the world symbolized with a classic Esri street map style. The vector tile layer is similar in content and style to the World Street Map raster map. * - `VectorEsriNavigation` – The Esri Navigation map style, which provides a detailed basemap for the world symbolized with a custom navigation map style that's designed for use during the day in mobile devices. * * Valid [HERE Technologies map styles](https://docs.aws.amazon.com/location/previous/developerguide/HERE.html) : * * - `VectorHereContrast` – The HERE Contrast (Berlin) map style is a high contrast detailed base map of the world that blends 3D and 2D rendering. * * > The `VectorHereContrast` style has been renamed from `VectorHereBerlin` . `VectorHereBerlin` has been deprecated, but will continue to work in applications that use it. * - `VectorHereExplore` – A default HERE map style containing a neutral, global map and its features including roads, buildings, landmarks, and water features. It also now includes a fully designed map of Japan. * - `VectorHereExploreTruck` – A global map containing truck restrictions and attributes (e.g. width / height / HAZMAT) symbolized with highlighted segments and icons on top of HERE Explore to support use cases within transport and logistics. * - `RasterHereExploreSatellite` – A global map containing high resolution satellite imagery. * - `HybridHereExploreSatellite` – A global map displaying the road network, street names, and city labels over satellite imagery. This style will automatically retrieve both raster and vector tiles, and your charges will be based on total tiles retrieved. * * > Hybrid styles use both vector and raster tiles when rendering the map that you see. This means that more tiles are retrieved than when using either vector or raster tiles alone. Your charges will include all tiles retrieved. * * Valid [GrabMaps map styles](https://docs.aws.amazon.com/location/previous/developerguide/grab.html) : * * - `VectorGrabStandardLight` – The Grab Standard Light map style provides a basemap with detailed land use coloring, area names, roads, landmarks, and points of interest covering Southeast Asia. * - `VectorGrabStandardDark` – The Grab Standard Dark map style provides a dark variation of the standard basemap covering Southeast Asia. * * > Grab provides maps only for countries in Southeast Asia, and is only available in the Asia Pacific (Singapore) Region ( `ap-southeast-1` ). For more information, see [GrabMaps countries and area covered](https://docs.aws.amazon.com/location/previous/developerguide/grab.html#grab-coverage-area) . * * Valid [Open Data map styles](https://docs.aws.amazon.com/location/previous/developerguide/open-data.html) : * * - `VectorOpenDataStandardLight` – The Open Data Standard Light map style provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries. * - `VectorOpenDataStandardDark` – Open Data Standard Dark is a dark-themed map style that provides a detailed basemap for the world suitable for website and mobile application use. The map includes highways major roads, minor roads, railways, water features, cities, parks, landmarks, building footprints, and administrative boundaries. * - `VectorOpenDataVisualizationLight` – The Open Data Visualization Light map style is a light-themed style with muted colors and fewer features that aids in understanding overlaid data. * - `VectorOpenDataVisualizationDark` – The Open Data Visualization Dark map style is a dark-themed style with muted colors and fewer features that aids in understanding overlaid data. */ style: pulumi.Input; } interface PlaceIndexDataSourceConfigurationArgs { /** * Specifies how the results of an operation will be stored by the caller. * * Valid values include: * * - `SingleUse` specifies that the results won't be stored. * - `Storage` specifies that the result can be cached or stored in a database. * * Default value: `SingleUse` */ intendedUse?: pulumi.Input; } } export declare namespace logs { interface DeliveryDestinationDestinationPolicyArgs { /** * The name of the delivery destination to assign this policy to */ deliveryDestinationName?: pulumi.Input; /** * The contents of the policy attached to the delivery destination */ deliveryDestinationPolicy?: any; } interface IntegrationOpenSearchResourceConfigArgs { /** * If you want to use an existing OpenSearch Service application for your integration with OpenSearch Service, specify it here. If you omit this, a new application will be created. */ applicationArn?: pulumi.Input; /** * Specify the ARNs of IAM roles and IAM users who you want to grant permission to for viewing the dashboards. * * > In addition to specifying these users here, you must also grant them the *CloudWatchOpenSearchDashboardAccess* IAM policy. For more information, see [IAM policies for users](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-UserRoles.html) . */ dashboardViewerPrincipals: pulumi.Input[]>; /** * Specify the ARN of an IAM role that CloudWatch Logs will use to create the integration. This role must have the permissions necessary to access the OpenSearch Service collection to be able to create the dashboards. For more information about the permissions needed, see [Permissions that the integration needs](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/OpenSearch-Dashboards-CreateRole.html) in the CloudWatch Logs User Guide. */ dataSourceRoleArn: pulumi.Input; /** * To have the vended dashboard data encrypted with AWS instead of the CloudWatch Logs default encryption method, specify the ARN of the AWS key that you want to use. */ kmsKeyArn?: pulumi.Input; /** * Specify how many days that you want the data derived by OpenSearch Service to be retained in the index that the dashboard refers to. This also sets the maximum time period that you can choose when viewing data in the dashboard. Choosing a longer time frame will incur additional costs. */ retentionDays?: pulumi.Input; } /** * Specifies the CW metric dimensions to publish with this metric. * Because dimensions are part of the unique identifier for a metric, whenever a unique dimension name/value pair is extracted from your logs, you are creating a new variation of that metric. * For more information about publishing dimensions with metrics created by metric filters, see [Publishing dimensions with metrics from values in JSON or space-delimited log events](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/FilterAndPatternSyntax.html#logs-metric-filters-dimensions). * Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as ``IPAddress`` or ``requestID`` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric. * To help prevent accidental high charges, Amazon disables a metric filter if it generates 1000 different name/value pairs for the dimensions that you have specified within a certain amount of time. * You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). */ interface MetricFilterDimensionArgs { /** * The name for the CW metric dimension that the metric filter creates. * Dimension names must contain only ASCII characters, must include at least one non-whitespace character, and cannot start with a colon (:). */ key: pulumi.Input; /** * The log event field that will contain the value for this dimension. This dimension will only be published for a metric if the value is found in the log event. For example, ``$.eventType`` for JSON log events, or ``$server`` for space-delimited log events. */ value: pulumi.Input; } /** * ``MetricTransformation`` is a property of the ``AWS::Logs::MetricFilter`` resource that describes how to transform log streams into a CloudWatch metric. */ interface MetricFilterMetricTransformationArgs { /** * (Optional) The value to emit when a filter pattern does not match a log event. This value can be null. */ defaultValue?: pulumi.Input; /** * The fields to use as dimensions for the metric. One metric filter can include as many as three dimensions. * Metrics extracted from log events are charged as custom metrics. To prevent unexpected high charges, do not specify high-cardinality fields such as ``IPAddress`` or ``requestID`` as dimensions. Each different value found for a dimension is treated as a separate metric and accrues charges as a separate custom metric. * CloudWatch Logs disables a metric filter if it generates 1000 different name/value pairs for your specified dimensions within a certain amount of time. This helps to prevent accidental high charges. * You can also set up a billing alarm to alert you if your charges are higher than expected. For more information, see [Creating a Billing Alarm to Monitor Your Estimated Charges](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/monitor_estimated_charges_with_cloudwatch.html). */ dimensions?: pulumi.Input[]>; /** * The name of the CloudWatch metric. */ metricName: pulumi.Input; /** * A custom namespace to contain your metric in CloudWatch. Use namespaces to group together metrics that are similar. For more information, see [Namespaces](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/cloudwatch_concepts.html#Namespace). */ metricNamespace: pulumi.Input; /** * The value that is published to the CloudWatch metric. For example, if you're counting the occurrences of a particular term like ``Error``, specify 1 for the metric value. If you're counting the number of bytes transferred, reference the value that is in the log event by using $. followed by the name of the field that you specified in the filter pattern, such as ``$.size``. */ metricValue: pulumi.Input; /** * The unit to assign to the metric. If you omit this, the unit is set as ``None``. */ unit?: pulumi.Input; } /** * This structure defines a query parameter for a saved CloudWatch Logs Insights query definition. Query parameters are supported only for Logs Insights QL queries. They are placeholder variables that you can reference in a query string using the {{parameterName}} syntax. Each parameter can include a default value and a description. */ interface QueryDefinitionQueryParameterArgs { /** * The default value to use for this query parameter if no value is supplied at execution time. */ defaultValue?: pulumi.Input; /** * A description of the query parameter that explains its purpose or expected values. */ description?: pulumi.Input; /** * The name of the query parameter. A query parameter name must start with a letter or underscore, and contain only letters, digits, and underscores. */ name: pulumi.Input; } /** * OpenSearchResourceConfig for the given Integration */ interface ResourceConfigPropertiesArgs { /** * This structure contains configuration details about an integration between CloudWatch Logs and OpenSearch Service. */ openSearchResourceConfig?: pulumi.Input; } interface ScheduledQueryDestinationConfigurationArgs { s3Configuration?: pulumi.Input; } interface ScheduledQueryS3ConfigurationArgs { destinationIdentifier: pulumi.Input; roleArn: pulumi.Input; } interface TransformerAddKeyEntryArgs { /** * The key of the new entry to be added to the log event */ key: pulumi.Input; /** * Specifies whether to overwrite the value if the key already exists in the log event. If you omit this, the default is `false` . */ overwriteIfExists?: pulumi.Input; /** * The value of the new entry to be added to the log event */ value: pulumi.Input; } interface TransformerCopyValueEntryArgs { overwriteIfExists?: pulumi.Input; source: pulumi.Input; target: pulumi.Input; } interface TransformerMoveKeyEntryArgs { overwriteIfExists?: pulumi.Input; source: pulumi.Input; target: pulumi.Input; } interface TransformerParseCloudfrontArgs { /** * Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` . */ source?: pulumi.Input; } interface TransformerParsePostgresArgs { /** * Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` . */ source?: pulumi.Input; } interface TransformerParseRoute53Args { /** * Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` . */ source?: pulumi.Input; } interface TransformerParseToOcsfArgs { /** * Specify the service or process that produces the log events that will be converted with this processor. */ eventSource: pulumi.Input; /** * The version of the OCSF mapping to use for parsing log data. */ mappingVersion?: pulumi.Input; /** * Specify which version of the OCSF schema to use for the transformed log events. */ ocsfVersion: pulumi.Input; /** * The path to the field in the log event that you want to parse. If you omit this value, the whole log message is parsed. */ source?: pulumi.Input; } interface TransformerParseVpcArgs { /** * Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` . */ source?: pulumi.Input; } interface TransformerParseWafArgs { /** * Omit this parameter and the whole log message will be processed by this processor. No other value than `@message` is allowed for `source` . */ source?: pulumi.Input; } /** * Individual processor configuration */ interface TransformerProcessorArgs { /** * Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer. */ addKeys?: pulumi.Input; /** * Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer. */ copyValue?: pulumi.Input; /** * Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer. */ csv?: pulumi.Input; /** * Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer. */ dateTimeConverter?: pulumi.Input; /** * Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer. */ deleteKeys?: pulumi.Input; /** * Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer. */ grok?: pulumi.Input; /** * Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer. */ listToMap?: pulumi.Input; /** * Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer. */ lowerCaseString?: pulumi.Input; /** * Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer. */ moveKeys?: pulumi.Input; /** * Use this parameter to include the [parseCloudfront](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseCloudfront) processor in your transformer. * * If you use this processor, it must be the first processor in your transformer. */ parseCloudfront?: pulumi.Input; /** * Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer. */ parseJson?: pulumi.Input; /** * Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer. */ parseKeyValue?: pulumi.Input; /** * Use this parameter to include the [parsePostGres](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parsePostGres) processor in your transformer. * * If you use this processor, it must be the first processor in your transformer. */ parsePostgres?: pulumi.Input; /** * Use this parameter to include the [parseRoute53](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseRoute53) processor in your transformer. * * If you use this processor, it must be the first processor in your transformer. */ parseRoute53?: pulumi.Input; /** * Use this parameter to convert logs into Open Cybersecurity Schema (OCSF) format. */ parseToOcsf?: pulumi.Input; /** * Use this parameter to include the [parseVPC](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseVPC) processor in your transformer. * * If you use this processor, it must be the first processor in your transformer. */ parseVpc?: pulumi.Input; /** * Use this parameter to include the [parseWAF](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-parseWAF) processor in your transformer. * * If you use this processor, it must be the first processor in your transformer. */ parseWaf?: pulumi.Input; /** * Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer. */ renameKeys?: pulumi.Input; /** * Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer. */ splitString?: pulumi.Input; /** * Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer. */ substituteString?: pulumi.Input; /** * Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer. */ trimString?: pulumi.Input; /** * Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer. */ typeConverter?: pulumi.Input; /** * Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer. */ upperCaseString?: pulumi.Input; } /** * Use this parameter to include the [addKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-addKeys) processor in your transformer. */ interface TransformerProcessorAddKeysPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [copyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-copyValue) processor in your transformer. */ interface TransformerProcessorCopyValuePropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [CSV](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-CSV) processor in your transformer. */ interface TransformerProcessorCsvPropertiesArgs { columns?: pulumi.Input[]>; delimiter?: pulumi.Input; quoteCharacter?: pulumi.Input; source?: pulumi.Input; } /** * Use this parameter to include the [datetimeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-datetimeConverter) processor in your transformer. */ interface TransformerProcessorDateTimeConverterPropertiesArgs { locale?: pulumi.Input; matchPatterns: pulumi.Input[]>; source: pulumi.Input; sourceTimezone?: pulumi.Input; target: pulumi.Input; targetFormat?: pulumi.Input; targetTimezone?: pulumi.Input; } /** * Use this parameter to include the [deleteKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-deleteKeys) processor in your transformer. */ interface TransformerProcessorDeleteKeysPropertiesArgs { withKeys: pulumi.Input[]>; } /** * Use this parameter to include the [grok](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-grok) processor in your transformer. */ interface TransformerProcessorGrokPropertiesArgs { match: pulumi.Input; source?: pulumi.Input; } /** * Use this parameter to include the [listToMap](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-listToMap) processor in your transformer. */ interface TransformerProcessorListToMapPropertiesArgs { flatten?: pulumi.Input; flattenedElement?: pulumi.Input; key: pulumi.Input; source: pulumi.Input; target?: pulumi.Input; valueKey?: pulumi.Input; } /** * Use this parameter to include the [lowerCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-lowerCaseString) processor in your transformer. */ interface TransformerProcessorLowerCaseStringPropertiesArgs { withKeys: pulumi.Input[]>; } /** * Use this parameter to include the [moveKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-moveKeys) processor in your transformer. */ interface TransformerProcessorMoveKeysPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [parseJSON](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseJSON) processor in your transformer. */ interface TransformerProcessorParseJsonPropertiesArgs { destination?: pulumi.Input; source?: pulumi.Input; } /** * Use this parameter to include the [parseKeyValue](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-parseKeyValue) processor in your transformer. */ interface TransformerProcessorParseKeyValuePropertiesArgs { destination?: pulumi.Input; fieldDelimiter?: pulumi.Input; keyPrefix?: pulumi.Input; keyValueDelimiter?: pulumi.Input; nonMatchValue?: pulumi.Input; overwriteIfExists?: pulumi.Input; source?: pulumi.Input; } /** * Use this parameter to include the [renameKeys](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation.html#CloudWatch-Logs-Transformation-renameKeys) processor in your transformer. */ interface TransformerProcessorRenameKeysPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [splitString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-splitString) processor in your transformer. */ interface TransformerProcessorSplitStringPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [substituteString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-substituteString) processor in your transformer. */ interface TransformerProcessorSubstituteStringPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [trimString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-trimString) processor in your transformer. */ interface TransformerProcessorTrimStringPropertiesArgs { withKeys: pulumi.Input[]>; } /** * Use this parameter to include the [typeConverter](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-typeConverter) processor in your transformer. */ interface TransformerProcessorTypeConverterPropertiesArgs { entries: pulumi.Input[]>; } /** * Use this parameter to include the [upperCaseString](https://docs.aws.amazon.com/AmazonCloudWatch/latest/logs/CloudWatch-Logs-Transformation-Processors.html#CloudWatch-Logs-Transformation-upperCaseString) processor in your transformer. */ interface TransformerProcessorUpperCaseStringPropertiesArgs { withKeys: pulumi.Input[]>; } interface TransformerRenameKeyEntryArgs { key: pulumi.Input; overwriteIfExists?: pulumi.Input; renameTo: pulumi.Input; } interface TransformerSplitStringEntryArgs { delimiter: pulumi.Input; source: pulumi.Input; } interface TransformerSubstituteStringEntryArgs { from: pulumi.Input; source: pulumi.Input; to: pulumi.Input; } interface TransformerTypeConverterEntryArgs { key: pulumi.Input; type: pulumi.Input; } } export declare namespace m2 { interface ApplicationDefinition0PropertiesArgs { s3Location: pulumi.Input; } interface ApplicationDefinition1PropertiesArgs { content: pulumi.Input; } /** * Defines the details of a high availability configuration. */ interface EnvironmentHighAvailabilityConfigArgs { /** * The number of instances in a high availability configuration. The minimum possible value is 1 and the maximum is 100. */ desiredCapacity: pulumi.Input; } /** * Defines the storage configuration for an environment. */ interface EnvironmentStorageConfigurationArgs { } } export declare namespace macie { /** * The regex or s3 object to use for the AllowList. */ interface AllowListCriteriaArgs { } interface FindingsFilterCriterionAdditionalPropertiesArgs { /** * The value for the specified property matches (equals) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values. */ eq?: pulumi.Input[]>; /** * The value for the specified property is greater than the specified value. */ gt?: pulumi.Input; /** * The value for the specified property is greater than or equal to the specified value. */ gte?: pulumi.Input; /** * The value for the specified property is less than the specified value. */ lt?: pulumi.Input; /** * The value for the specified property is less than or equal to the specified value. */ lte?: pulumi.Input; /** * The value for the specified property doesn't match (doesn't equal) the specified value. If you specify multiple values, Amazon Macie uses OR logic to join the values. */ neq?: pulumi.Input[]>; } interface FindingsFilterFindingCriteriaArgs { /** * Specifies a condition that defines the property, operator, and one or more values to use to filter the results. */ criterion?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } } export declare namespace mediaconnect { interface BridgeEgressGatewayBridgeArgs { /** * The maximum expected bitrate of the egress bridge. */ maxBitrate: pulumi.Input; } /** * The settings for source failover. */ interface BridgeFailoverConfigArgs { /** * The type of failover you choose for this flow. FAILOVER allows switching between different streams. */ failoverMode: pulumi.Input; /** * The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. */ sourcePriority?: pulumi.Input; /** * The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources. */ state?: pulumi.Input; } /** * The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow. */ interface BridgeFlowSourceArgs { /** * The ARN of the cloud flow used as a source of this bridge. */ flowArn: pulumi.Input; /** * The name of the VPC interface attachment to use for this source. */ flowVpcInterfaceAttachment?: pulumi.Input; /** * The name of the flow source. */ name: pulumi.Input; } interface BridgeIngressGatewayBridgeArgs { /** * The maximum expected bitrate of the ingress bridge. */ maxBitrate: pulumi.Input; /** * The maximum number of outputs on the ingress bridge. */ maxOutputs: pulumi.Input; } /** * The settings related to the multicast source. */ interface BridgeMulticastSourceSettingsArgs { /** * The IP address of the source for source-specific multicast (SSM). */ multicastSourceIp?: pulumi.Input; } /** * The output of the bridge. A network output is delivered to your premises. */ interface BridgeNetworkOutputArgs { /** * The network output IP Address. */ ipAddress: pulumi.Input; /** * The network output name. */ name: pulumi.Input; /** * The network output's gateway network name. */ networkName: pulumi.Input; /** * The network output port. */ port: pulumi.Input; /** * The network output protocol. */ protocol: pulumi.Input; /** * The network output TTL. */ ttl: pulumi.Input; } /** * The source of the bridge. A network source originates at your premises. */ interface BridgeNetworkSourceArgs { /** * The network source multicast IP. */ multicastIp: pulumi.Input; /** * The settings related to the multicast source. */ multicastSourceSettings?: pulumi.Input; /** * The name of the network source. */ name: pulumi.Input; /** * The network source's gateway network name. */ networkName: pulumi.Input; /** * The network source port. */ port: pulumi.Input; /** * The network source protocol. */ protocol: pulumi.Input; } /** * The output of the bridge. */ interface BridgeOutputArgs { /** * The output of the bridge. A network output is delivered to your premises. */ networkOutput?: pulumi.Input; } /** * The output of the bridge. A network output is delivered to your premises. */ interface BridgeOutputResourceBridgeNetworkOutputArgs { /** * The network output IP Address. */ ipAddress: pulumi.Input; /** * The network output's gateway network name. */ networkName: pulumi.Input; /** * The network output port. */ port: pulumi.Input; /** * The network output protocol. */ protocol: pulumi.Input; /** * The network output TTL. */ ttl: pulumi.Input; } /** * The bridge's source. */ interface BridgeSourceArgs { /** * The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow. */ flowSource?: pulumi.Input; /** * The source of the bridge. A network source originates at your premises. */ networkSource?: pulumi.Input; } /** * The source of the bridge. A flow source originates in MediaConnect as an existing cloud flow. */ interface BridgeSourceBridgeFlowSourceArgs { /** * The ARN of the cloud flow used as a source of this bridge. */ flowArn: pulumi.Input; /** * The name of the VPC interface attachment to use for this source. */ flowVpcInterfaceAttachment?: pulumi.Input; } /** * The source of the bridge. A network source originates at your premises. */ interface BridgeSourceBridgeNetworkSourceArgs { /** * The network source multicast IP. */ multicastIp: pulumi.Input; /** * The settings related to the multicast source. */ multicastSourceSettings?: pulumi.Input; /** * The network source's gateway network name. */ networkName: pulumi.Input; /** * The network source port. */ port: pulumi.Input; /** * The network source protocol. */ protocol: pulumi.Input; } /** * The settings related to the multicast source. */ interface BridgeSourceMulticastSourceSettingsArgs { /** * The IP address of the source for source-specific multicast (SSM). */ multicastSourceIp?: pulumi.Input; } /** * The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. */ interface BridgeSourcePriorityArgs { /** * The name of the source you choose as the primary source for this flow. */ primarySource?: pulumi.Input; } /** * The settings for attaching a VPC interface to an resource. */ interface BridgeSourceVpcInterfaceAttachmentArgs { /** * The name of the VPC interface to use for this resource. */ vpcInterfaceName?: pulumi.Input; } /** * The settings for attaching a VPC interface to an resource. */ interface BridgeVpcInterfaceAttachmentArgs { /** * The name of the VPC interface to use for this resource. */ vpcInterfaceName?: pulumi.Input; } /** * Specifies the configuration for audio stream metrics monitoring. */ interface FlowAudioMonitoringSettingArgs { /** * Detects periods of silence. */ silentAudio?: pulumi.Input; } /** * Configuration settings for automatic encryption key management, where MediaConnect handles key creation and rotation. */ interface FlowAutomaticEncryptionKeyConfigurationArgs { } /** * Configures settings for the BlackFrames metric. */ interface FlowBlackFramesArgs { /** * Indicates whether the BlackFrames metric is enabled or disabled. */ state?: pulumi.Input; /** * Specifies the number of consecutive seconds of black frames that triggers an event or alert. */ thresholdSeconds?: pulumi.Input; } interface FlowEncodingConfigArgs { encodingProfile?: pulumi.Input; /** * The maximum video bitrate to use when transcoding the NDI source to a Transport Stream. This parameter enables you to override the default video bitrate within the encoding profile's supported range. The supported range is 10,000,000 - 50,000,000 bits per second (bps). If you do not specify a value, MediaConnect uses the default value of 20,000,000 bps. */ videoMaxBitrate?: pulumi.Input; } /** * Information about the encryption of the flow. */ interface FlowEncryptionArgs { /** * The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256). */ algorithm?: pulumi.Input; /** * A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption. */ constantInitializationVector?: pulumi.Input; /** * The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ deviceId?: pulumi.Input; /** * The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key). */ keyType?: pulumi.Input; /** * The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ region?: pulumi.Input; /** * An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ resourceId?: pulumi.Input; /** * The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity). */ roleArn: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption. */ secretArn?: pulumi.Input; /** * The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ url?: pulumi.Input; } /** * Information about the encryption of the flow. */ interface FlowEntitlementEncryptionArgs { /** * The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256). */ algorithm: pulumi.Input; /** * A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption. */ constantInitializationVector?: pulumi.Input; /** * The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ deviceId?: pulumi.Input; /** * The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key). */ keyType?: pulumi.Input; /** * The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ region?: pulumi.Input; /** * An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ resourceId?: pulumi.Input; /** * The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity). */ roleArn: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption. */ secretArn?: pulumi.Input; /** * The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ url?: pulumi.Input; } /** * The settings for source failover */ interface FlowFailoverConfigArgs { /** * The type of failover you choose for this flow. MERGE combines the source streams into a single stream, allowing graceful recovery from any single-source loss. FAILOVER allows switching between different streams. */ failoverMode?: pulumi.Input; /** * Search window time to look for dash-7 packets */ recoveryWindow?: pulumi.Input; /** * The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. */ sourcePriority?: pulumi.Input; /** * The state of source failover on the flow. If the state is inactive, the flow can have only one source. If the state is active, the flow can have one or two sources. */ state?: pulumi.Input; } /** * The priority you want to assign to a source. You can have a primary stream and a backup stream or two equally prioritized streams. */ interface FlowFailoverConfigSourcePriorityPropertiesArgs { /** * The name of the source you choose as the primary source for this flow. */ primarySource: pulumi.Input; } /** * A set of parameters that define the media stream. */ interface FlowFmtpArgs { /** * The format of the audio channel. */ channelOrder?: pulumi.Input; /** * The format used for the representation of color. */ colorimetry?: pulumi.Input; /** * The frame rate for the video stream, in frames/second. For example: 60000/1001. */ exactFramerate?: pulumi.Input; /** * The pixel aspect ratio (PAR) of the video. */ par?: pulumi.Input; /** * The encoding range of the video. */ range?: pulumi.Input; /** * The type of compression that was used to smooth the video's appearance. */ scanMode?: pulumi.Input; /** * The transfer characteristic system (TCS) that is used in the video. */ tcs?: pulumi.Input; } /** * Configures settings for the FrozenFrames metric. */ interface FlowFrozenFramesArgs { /** * Indicates whether the FrozenFrames metric is enabled or disabled. */ state?: pulumi.Input; /** * Specifies the number of consecutive seconds of a static image that triggers an event or alert. */ thresholdSeconds?: pulumi.Input; } /** * The source configuration for cloud flows receiving a stream from a bridge. */ interface FlowGatewayBridgeSourceArgs { /** * The ARN of the bridge feeding this flow. */ bridgeArn: pulumi.Input; /** * The name of the VPC interface attachment to use for this bridge source. */ vpcInterfaceAttachment?: pulumi.Input; } /** * The transport parameters associated with an incoming media stream. */ interface FlowInputConfigurationArgs { /** * The port that the flow listens on for an incoming media stream. */ inputPort: pulumi.Input; /** * The VPC interface where the media stream comes in from. */ interface: pulumi.Input; } /** * The VPC interface that you want to use for the media stream associated with the output. */ interface FlowInterfaceArgs { /** * The name of the VPC interface that you want to use for the media stream associated with the output. */ name: pulumi.Input; } /** * The maintenance setting of a flow. */ interface FlowMaintenanceArgs { /** * A day of a week when the maintenance will happen. Use Monday/Tuesday/Wednesday/Thursday/Friday/Saturday/Sunday. */ maintenanceDay: pulumi.Input; /** * UTC time when the maintenance will happen. Use 24-hour HH:MM format. Minutes must be 00. Example: 13:00. The default value is 02:00. */ maintenanceStartHour: pulumi.Input; } /** * A single track or stream of media that contains video, audio, or ancillary data. After you add a media stream to a flow, you can associate it with sources and outputs on that flow, as long as they use the CDI protocol or the ST 2110 JPEG XS protocol. Each source or output can consist of one or many media streams. */ interface FlowMediaStreamArgs { /** * Attributes that are related to the media stream. */ attributes?: pulumi.Input; /** * The sample rate for the stream. This value in measured in kHz. */ clockRate?: pulumi.Input; /** * A description that can help you quickly identify what your media stream is used for. */ description?: pulumi.Input; /** * The format type number (sometimes referred to as RTP payload type) of the media stream. MediaConnect assigns this value to the media stream. For ST 2110 JPEG XS outputs, you need to provide this value to the receiver. */ fmt?: pulumi.Input; /** * A unique identifier for the media stream. */ mediaStreamId: pulumi.Input; /** * A name that helps you distinguish one media stream from another. */ mediaStreamName: pulumi.Input; /** * The type of media stream. */ mediaStreamType: pulumi.Input; /** * Key-value pairs that can be used to tag this media stream. */ tags?: pulumi.Input[]>; /** * The resolution of the video. */ videoFormat?: pulumi.Input; } /** * Attributes that are related to the media stream. */ interface FlowMediaStreamAttributesArgs { /** * A set of parameters that define the media stream. */ fmtp?: pulumi.Input; /** * The audio language, in a format that is recognized by the receiver. */ lang?: pulumi.Input; } /** * The media stream that is associated with the source, and the parameters for that association. */ interface FlowMediaStreamSourceConfigurationArgs { /** * The format that was used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video, 2110 streams, set the encoding name to raw. For video, JPEG XS streams, set the encoding name to jxsv. */ encodingName: pulumi.Input; /** * The media streams that you want to associate with the source. */ inputConfigurations?: pulumi.Input[]>; /** * A name that helps you distinguish one media stream from another. */ mediaStreamName: pulumi.Input; } /** * Specifies the configuration settings for NDI sources and outputs. Required when the flow includes NDI sources or outputs. */ interface FlowNdiConfigArgs { /** * A prefix for the names of the NDI sources that the flow creates. If a custom name isn't specified, MediaConnect generates a unique 12-character ID as the prefix. */ machineName?: pulumi.Input; /** * A list of up to three NDI discovery server configurations. While not required by the API, this configuration is necessary for NDI functionality to work properly. */ ndiDiscoveryServers?: pulumi.Input[]>; /** * A setting that controls whether NDI sources or outputs can be used in the flow. The default value is DISABLED. This value must be set as ENABLED for your flow to support NDI sources or outputs. */ ndiState?: pulumi.Input; } /** * Specifies the configuration settings for individual NDI discovery servers. A maximum of 3 servers is allowed. */ interface FlowNdiDiscoveryServerConfigArgs { /** * The unique network address of the NDI discovery server. */ discoveryServerAddress: pulumi.Input; /** * The port for the NDI discovery server. Defaults to 5959 if a custom port isn't specified. */ discoveryServerPort?: pulumi.Input; /** * The identifier for the Virtual Private Cloud (VPC) network interface used by the flow. */ vpcInterfaceAdapter: pulumi.Input; } interface FlowNdiSourceSettingsArgs { sourceName?: pulumi.Input; } /** * Configuration settings for automatic encryption key management, where MediaConnect handles key creation and rotation. */ interface FlowOutputAutomaticEncryptionKeyConfigurationArgs { } /** * The definition of a media stream that is associated with the output. */ interface FlowOutputDestinationConfigurationArgs { /** * The IP address where contents of the media stream will be sent. */ destinationIp: pulumi.Input; /** * The port to use when the content of the media stream is distributed to the output. */ destinationPort: pulumi.Input; /** * The VPC interface that is used for the media stream associated with the output. */ interface: pulumi.Input; } /** * A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source. */ interface FlowOutputEncodingParametersArgs { /** * A value that is used to calculate compression for an output. The bitrate of the output is calculated as follows: Output bitrate = (1 / compressionFactor) * (source bitrate) This property only applies to outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. Valid values are in the range of 3.0 to 10.0, inclusive. */ compressionFactor: pulumi.Input; /** * A setting on the encoder that drives compression settings. This property only applies to video media streams associated with outputs that use the ST 2110 JPEG XS protocol, with a flow source that uses the CDI protocol. */ encoderProfile?: pulumi.Input; } /** * Information about the encryption of the flow. */ interface FlowOutputEncryptionArgs { /** * The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256). */ algorithm?: pulumi.Input; /** * The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key). */ keyType?: pulumi.Input; /** * The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity). */ roleArn: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption. */ secretArn: pulumi.Input; } /** * The configuration that defines how content is encrypted during transit between the MediaConnect router and a MediaConnect flow. */ interface FlowOutputFlowTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface FlowOutputFlowTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface FlowOutputFlowTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * The VPC interface that you want to use for the media stream associated with the output. */ interface FlowOutputInterfaceArgs { /** * The name of the VPC interface that you want to use for the media stream associated with the output. */ name: pulumi.Input; } /** * The media stream that is associated with the output, and the parameters for that association. */ interface FlowOutputMediaStreamOutputConfigurationArgs { /** * The media streams that you want to associate with the output. */ destinationConfigurations?: pulumi.Input[]>; /** * The format that will be used to encode the data. For ancillary data streams, set the encoding name to smpte291. For audio streams, set the encoding name to pcm. For video streams on sources or outputs that use the CDI protocol, set the encoding name to raw. For video streams on sources or outputs that use the ST 2110 JPEG XS protocol, set the encoding name to jxsv. */ encodingName: pulumi.Input; /** * A collection of parameters that determine how MediaConnect will convert the content. These fields only apply to outputs on flows that have a CDI source. */ encodingParameters?: pulumi.Input; /** * A name that helps you distinguish one media stream from another. */ mediaStreamName: pulumi.Input; } /** * The configuration settings for transit encryption of a flow output using AWS Secrets Manager, including the secret ARN and role ARN. */ interface FlowOutputSecretsManagerEncryptionKeyConfigurationArgs { /** * The ARN of the IAM role used for transit encryption to the router input using AWS Secrets Manager. */ roleArn: pulumi.Input; /** * The ARN of the AWS Secrets Manager secret used for transit encryption to the router input. */ secretArn: pulumi.Input; } /** * The settings for attaching a VPC interface to an output. */ interface FlowOutputVpcInterfaceAttachmentArgs { /** * The name of the VPC interface to use for this output. */ vpcInterfaceName?: pulumi.Input; } /** * The configuration settings for transit encryption of a flow source using AWS Secrets Manager, including the secret ARN and role ARN. */ interface FlowSecretsManagerEncryptionKeyConfigurationArgs { /** * The ARN of the IAM role used for transit encryption from the router output using AWS Secrets Manager. */ roleArn: pulumi.Input; /** * The ARN of the AWS Secrets Manager secret used for transit encryption from the router output. */ secretArn: pulumi.Input; } /** * Configures settings for the SilentAudio metric. */ interface FlowSilentAudioArgs { /** * Indicates whether the SilentAudio metric is enabled or disabled. */ state?: pulumi.Input; /** * Specifies the number of consecutive seconds of silence that triggers an event or alert. */ thresholdSeconds?: pulumi.Input; } /** * The settings for the source of the flow. */ interface FlowSourceArgs { /** * The type of decryption that is used on the content ingested from this source. */ decryption?: pulumi.Input; /** * A description for the source. This value is not used or seen outside of the current AWS Elemental MediaConnect account. */ description?: pulumi.Input; /** * The ARN of the entitlement that allows you to subscribe to content that comes from another AWS account. The entitlement is set by the content originator and the ARN is generated as part of the originator's flow. */ entitlementArn?: pulumi.Input; /** * The source configuration for cloud flows receiving a stream from a bridge. */ gatewayBridgeSource?: pulumi.Input; /** * The IP address that the flow will be listening on for incoming content. */ ingestIp?: pulumi.Input; /** * The port that the flow will be listening on for incoming content. */ ingestPort?: pulumi.Input; /** * The smoothing max bitrate for RIST, RTP, and RTP-FEC streams. */ maxBitrate?: pulumi.Input; /** * The maximum latency in milliseconds. This parameter applies only to RIST-based and Zixi-based streams. */ maxLatency?: pulumi.Input; /** * The size of the buffer (in milliseconds) to use to sync incoming source data. */ maxSyncBuffer?: pulumi.Input; /** * The media stream that is associated with the source, and the parameters for that association. */ mediaStreamSourceConfigurations?: pulumi.Input[]>; /** * The minimum latency in milliseconds. */ minLatency?: pulumi.Input; /** * The name of the source. */ name?: pulumi.Input; /** * The settings for the NDI flow source. This includes the exact name of the upstream NDI sender that you want to connect to your flow source. */ ndiSourceSettings?: pulumi.Input; /** * The protocol that is used by the source. */ protocol?: pulumi.Input; /** * Indicates if router integration is enabled or disabled on the flow source. */ routerIntegrationState?: pulumi.Input; /** * The decryption configuration for the flow source when router integration is enabled. */ routerIntegrationTransitDecryption?: pulumi.Input; /** * The port that the flow uses to send outbound requests to initiate connection with the sender for fujitsu-qos protocol. */ senderControlPort?: pulumi.Input; /** * The IP address that the flow communicates with to initiate connection with the sender for fujitsu-qos protocol. */ senderIpAddress?: pulumi.Input; /** * The ARN of the source. */ sourceArn?: pulumi.Input; /** * The port that the flow will be listening on for incoming content.(ReadOnly) */ sourceIngestPort?: pulumi.Input; /** * Source IP or domain name for SRT-caller protocol. */ sourceListenerAddress?: pulumi.Input; /** * Source port for SRT-caller protocol. */ sourceListenerPort?: pulumi.Input; /** * The stream ID that you want to use for this transport. This parameter applies only to Zixi-based streams. */ streamId?: pulumi.Input; /** * Key-value pairs that can be used to tag this source. */ tags?: pulumi.Input[]>; /** * The name of the VPC Interface this Source is configured with. */ vpcInterfaceName?: pulumi.Input; /** * The range of IP addresses that should be allowed to contribute content to your source. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. */ whitelistCidr?: pulumi.Input; } /** * Information about the encryption of the flow. */ interface FlowSourceEncryptionArgs { /** * The type of algorithm that is used for the encryption (such as aes128, aes192, or aes256). */ algorithm?: pulumi.Input; /** * A 128-bit, 16-byte hex value represented by a 32-character string, to be used with the key for encrypting content. This parameter is not valid for static key encryption. */ constantInitializationVector?: pulumi.Input; /** * The value of one of the devices that you configured with your digital rights management (DRM) platform key provider. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ deviceId?: pulumi.Input; /** * The type of key that is used for the encryption. If no keyType is provided, the service will use the default setting (static-key). */ keyType?: pulumi.Input; /** * The AWS Region that the API Gateway proxy endpoint was created in. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ region?: pulumi.Input; /** * An identifier for the content. The service sends this value to the key server to identify the current endpoint. The resource ID is also known as the content ID. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ resourceId?: pulumi.Input; /** * The ARN of the role that you created during setup (when you set up AWS Elemental MediaConnect as a trusted entity). */ roleArn: pulumi.Input; /** * The ARN of the secret that you created in AWS Secrets Manager to store the encryption key. This parameter is required for static key encryption and is not valid for SPEKE encryption. */ secretArn?: pulumi.Input; /** * The URL from the API Gateway proxy that you set up to talk to your key server. This parameter is required for SPEKE encryption and is not valid for static key encryption. */ url?: pulumi.Input; } /** * The source configuration for cloud flows receiving a stream from a bridge. */ interface FlowSourceGatewayBridgeSourceArgs { /** * The ARN of the bridge feeding this flow. */ bridgeArn: pulumi.Input; /** * The name of the VPC interface attachment to use for this bridge source. */ vpcInterfaceAttachment?: pulumi.Input; } /** * The settings for source monitoring. */ interface FlowSourceMonitoringConfigArgs { /** * Contains the settings for audio stream metrics monitoring. */ audioMonitoringSettings?: pulumi.Input[]>; /** * Indicates whether content quality analysis is enabled or disabled. */ contentQualityAnalysisState?: pulumi.Input; /** * The state of thumbnail monitoring. */ thumbnailState?: pulumi.Input; /** * Contains the settings for video stream metrics monitoring. */ videoMonitoringSettings?: pulumi.Input[]>; } /** * The settings for attaching a VPC interface to an resource. */ interface FlowSourceVpcInterfaceAttachmentArgs { /** * The name of the VPC interface to use for this resource. */ vpcInterfaceName?: pulumi.Input; } interface FlowTagArgs { key: pulumi.Input; value: pulumi.Input; } /** * The configuration that defines how content is encrypted during transit between the MediaConnect router and a MediaConnect flow. */ interface FlowTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface FlowTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface FlowTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * Specifies the configuration for video stream metrics monitoring. */ interface FlowVideoMonitoringSettingArgs { /** * Detects video frames that are black. */ blackFrames?: pulumi.Input; /** * Detects video frames that have not changed. */ frozenFrames?: pulumi.Input; } /** * The details of a VPC interface. */ interface FlowVpcInterfaceArgs { /** * Immutable and has to be a unique against other VpcInterfaces in this Flow. */ name: pulumi.Input; /** * IDs of the network interfaces created in customer's account by MediaConnect. */ networkInterfaceIds?: pulumi.Input[]>; /** * The type of network adapter that you want MediaConnect to use on this interface. If you don't set this value, it defaults to ENA. */ networkInterfaceType?: pulumi.Input; /** * Role Arn MediaConnect can assume to create ENIs in customer's account. */ roleArn: pulumi.Input; /** * Security Group IDs to be used on ENI. */ securityGroupIds: pulumi.Input[]>; /** * Subnet must be in the AZ of the Flow */ subnetId: pulumi.Input; /** * Key-value pairs that can be used to tag this VPC interface. */ tags?: pulumi.Input[]>; } /** * The settings for attaching a VPC interface to an resource. */ interface FlowVpcInterfaceAttachmentArgs { /** * The name of the VPC interface to use for this resource. */ vpcInterfaceName?: pulumi.Input; } /** * The network settings for a gateway. */ interface GatewayNetworkArgs { /** * A unique IP address range to use for this network. These IP addresses should be in the form of a Classless Inter-Domain Routing (CIDR) block; for example, 10.0.0.0/16. */ cidrBlock: pulumi.Input; /** * The name of the network. This name is used to reference the network and must be unique among networks in this gateway. */ name: pulumi.Input; } /** * Configuration settings for automatic encryption key management, where MediaConnect handles key creation and rotation. */ interface RouterInputAutomaticEncryptionKeyConfigurationArgs { } /** * The configuration settings for a router input. */ interface RouterInputConfiguration0PropertiesArgs { standard: pulumi.Input; } /** * The configuration settings for a router input. */ interface RouterInputConfiguration1PropertiesArgs { failover: pulumi.Input; } /** * The configuration settings for a router input. */ interface RouterInputConfiguration2PropertiesArgs { merge: pulumi.Input; } /** * The configuration settings for a router input. */ interface RouterInputConfiguration3PropertiesArgs { mediaConnectFlow: pulumi.Input; } /** * Configuration settings for default maintenance scheduling. */ interface RouterInputDefaultMaintenanceConfigurationArgs { } /** * Configuration settings for a failover router input that allows switching between two input sources. */ interface RouterInputFailoverRouterInputConfigurationArgs { /** * The ARN of the network interface to use for this failover router input. */ networkInterfaceArn: pulumi.Input; /** * The index (0 or 1) that specifies which source in the protocol configurations list is currently active. Used to control which of the two failover sources is currently selected. This field is ignored when sourcePriorityMode is set to NO_PRIORITY */ primarySourceIndex?: pulumi.Input; /** * A list of exactly two protocol configurations for the failover input sources. Both must use the same protocol type. */ protocolConfigurations: pulumi.Input[]>; sourcePriorityMode: pulumi.Input; } /** * Protocol configuration settings for failover router inputs. */ interface RouterInputFailoverRouterInputProtocolConfiguration0PropertiesArgs { rtp: pulumi.Input; } /** * Protocol configuration settings for failover router inputs. */ interface RouterInputFailoverRouterInputProtocolConfiguration1PropertiesArgs { rist: pulumi.Input; } /** * Protocol configuration settings for failover router inputs. */ interface RouterInputFailoverRouterInputProtocolConfiguration2PropertiesArgs { srtListener: pulumi.Input; } /** * Protocol configuration settings for failover router inputs. */ interface RouterInputFailoverRouterInputProtocolConfiguration3PropertiesArgs { srtCaller: pulumi.Input; } /** * The configuration that defines how content is encrypted during transit between the MediaConnect router and a MediaConnect flow. */ interface RouterInputFlowTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface RouterInputFlowTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface RouterInputFlowTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * The configuration settings for maintenance operations, including preferred maintenance windows and schedules. */ interface RouterInputMaintenanceConfiguration0PropertiesArgs { preferredDayTime: pulumi.Input; } /** * The configuration settings for maintenance operations, including preferred maintenance windows and schedules. */ interface RouterInputMaintenanceConfiguration1PropertiesArgs { default: pulumi.Input; } /** * Configuration settings for connecting a router input to a flow output. */ interface RouterInputMediaConnectFlowRouterInputConfigurationArgs { /** * The ARN of the flow to connect to. */ flowArn?: pulumi.Input; /** * The ARN of the flow output to connect to this router input. */ flowOutputArn?: pulumi.Input; sourceTransitDecryption: pulumi.Input; } /** * Configuration settings for a merge router input that combines two input sources. */ interface RouterInputMergeRouterInputConfigurationArgs { /** * The time window in milliseconds for merging the two input sources. */ mergeRecoveryWindowMilliseconds: pulumi.Input; /** * The ARN of the network interface to use for this merge router input. */ networkInterfaceArn: pulumi.Input; /** * A list of exactly two protocol configurations for the merge input sources. Both must use the same protocol type. */ protocolConfigurations: pulumi.Input[]>; } /** * Protocol configuration settings for merge router inputs. */ interface RouterInputMergeRouterInputProtocolConfiguration0PropertiesArgs { rtp: pulumi.Input; } /** * Protocol configuration settings for merge router inputs. */ interface RouterInputMergeRouterInputProtocolConfiguration1PropertiesArgs { rist: pulumi.Input; } /** * Configuration for preferred day and time maintenance settings. */ interface RouterInputPreferredDayTimeMaintenanceConfigurationArgs { day: pulumi.Input; /** * The preferred time for maintenance operations. */ time: pulumi.Input; } /** * The protocol configuration settings for a router input. */ interface RouterInputProtocolConfiguration0PropertiesArgs { rtp: pulumi.Input; } /** * The protocol configuration settings for a router input. */ interface RouterInputProtocolConfiguration1PropertiesArgs { rist: pulumi.Input; } /** * The protocol configuration settings for a router input. */ interface RouterInputProtocolConfiguration2PropertiesArgs { srtListener: pulumi.Input; } /** * The protocol configuration settings for a router input. */ interface RouterInputProtocolConfiguration3PropertiesArgs { srtCaller: pulumi.Input; } /** * The configuration settings for a router input using the RIST (Reliable Internet Stream Transport) protocol, including the port and recovery latency. */ interface RouterInputRistRouterInputConfigurationArgs { /** * The port number used for the RIST protocol in the router input configuration. */ port: pulumi.Input; /** * The recovery latency in milliseconds for the RIST protocol in the router input configuration. */ recoveryLatencyMilliseconds: pulumi.Input; } /** * The configuration settings for a Router Input using the RTP (Real-Time Transport Protocol) protocol, including the port and forward error correction state. */ interface RouterInputRtpRouterInputConfigurationArgs { forwardErrorCorrection?: pulumi.Input; /** * The port number used for the RTP protocol in the router input configuration. */ port: pulumi.Input; } /** * The configuration settings for transit encryption using AWS Secrets Manager, including the secret ARN and role ARN. */ interface RouterInputSecretsManagerEncryptionKeyConfigurationArgs { /** * The ARN of the IAM role assumed by MediaConnect to access the AWS Secrets Manager secret. */ roleArn: pulumi.Input; /** * The ARN of the AWS Secrets Manager secret used for transit encryption. */ secretArn: pulumi.Input; } /** * The configuration settings for a router input using the SRT (Secure Reliable Transport) protocol in caller mode, including the source address and port, minimum latency, stream ID, and decryption key configuration. */ interface RouterInputSrtCallerRouterInputConfigurationArgs { decryptionConfiguration?: pulumi.Input; /** * The minimum latency in milliseconds for the SRT protocol in caller mode. */ minimumLatencyMilliseconds: pulumi.Input; /** * The source IP address for the SRT protocol in caller mode. */ sourceAddress: pulumi.Input; /** * The source port number for the SRT protocol in caller mode. */ sourcePort: pulumi.Input; /** * The stream ID for the SRT protocol in caller mode. */ streamId?: pulumi.Input; } /** * Contains the configuration settings for decrypting SRT streams, including the encryption key details and decryption parameters. */ interface RouterInputSrtDecryptionConfigurationArgs { encryptionKey: pulumi.Input; } /** * The configuration settings for a router input using the SRT (Secure Reliable Transport) protocol in listener mode, including the port, minimum latency, and decryption key configuration. */ interface RouterInputSrtListenerRouterInputConfigurationArgs { decryptionConfiguration?: pulumi.Input; /** * The minimum latency in milliseconds for the SRT protocol in listener mode. */ minimumLatencyMilliseconds: pulumi.Input; /** * The port number for the SRT protocol in listener mode. */ port: pulumi.Input; } /** * The configuration settings for a standard router input, including the protocol, protocol-specific configuration, network interface, and availability zone. */ interface RouterInputStandardRouterInputConfigurationArgs { /** * The Amazon Resource Name (ARN) of the network interface associated with the standard router input. */ networkInterfaceArn: pulumi.Input; protocol?: pulumi.Input; protocolConfiguration: pulumi.Input; } /** * The transit encryption settings for a router input. */ interface RouterInputTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Defines the configuration settings for transit encryption keys. */ interface RouterInputTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Defines the configuration settings for transit encryption keys. */ interface RouterInputTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * The configuration settings for a router network interface. */ interface RouterNetworkInterfaceConfiguration0PropertiesArgs { public: pulumi.Input; } /** * The configuration settings for a router network interface. */ interface RouterNetworkInterfaceConfiguration1PropertiesArgs { vpc: pulumi.Input; } /** * The configuration settings for a public router network interface, including the list of allowed CIDR blocks. */ interface RouterNetworkInterfacePublicRouterNetworkInterfaceConfigurationArgs { /** * The list of allowed CIDR blocks for the public router network interface. */ allowRules: pulumi.Input[]>; } /** * A rule that allows a specific CIDR block to access the public router network interface. */ interface RouterNetworkInterfacePublicRouterNetworkInterfaceRuleArgs { /** * The CIDR block that is allowed to access the public router network interface. */ cidr: pulumi.Input; } /** * The configuration settings for a router network interface within a VPC, including the security group IDs and subnet ID. */ interface RouterNetworkInterfaceVpcRouterNetworkInterfaceConfigurationArgs { /** * The IDs of the security groups to associate with the router network interface within the VPC. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnet within the VPC to associate the router network interface with. */ subnetId: pulumi.Input; } /** * Configuration settings for automatic encryption key management, where MediaConnect handles key creation and rotation. */ interface RouterOutputResourceAutomaticEncryptionKeyConfigurationArgs { } /** * Configuration settings for default maintenance scheduling. */ interface RouterOutputResourceDefaultMaintenanceConfigurationArgs { } /** * The configuration that defines how content is encrypted during transit between the MediaConnect router and a MediaConnect flow. */ interface RouterOutputResourceFlowTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface RouterOutputResourceFlowTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Configuration settings for flow transit encryption keys. */ interface RouterOutputResourceFlowTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * The configuration settings for maintenance operations, including preferred maintenance windows and schedules. */ interface RouterOutputResourceMaintenanceConfiguration0PropertiesArgs { preferredDayTime: pulumi.Input; } /** * The configuration settings for maintenance operations, including preferred maintenance windows and schedules. */ interface RouterOutputResourceMaintenanceConfiguration1PropertiesArgs { default: pulumi.Input; } /** * Configuration settings for connecting a router output to a MediaConnect flow source. */ interface RouterOutputResourceMediaConnectFlowRouterOutputConfigurationArgs { destinationTransitEncryption: pulumi.Input; /** * The ARN of the flow to connect to this router output. */ flowArn?: pulumi.Input; /** * The ARN of the flow source to connect to this router output. */ flowSourceArn?: pulumi.Input; } /** * Configuration settings for connecting a router output to a MediaLive input. */ interface RouterOutputResourceMediaLiveInputRouterOutputConfigurationArgs { destinationTransitEncryption: pulumi.Input; /** * The ARN of the MediaLive input to connect to this router output. */ mediaLiveInputArn?: pulumi.Input; mediaLivePipelineId?: pulumi.Input; } /** * The encryption configuration that defines how content is encrypted during transit between MediaConnect Router and MediaLive. This configuration determines whether encryption keys are automatically managed by the service or manually managed through AWS Secrets Manager. */ interface RouterOutputResourceMediaLiveTransitEncryptionArgs { encryptionKeyConfiguration: pulumi.Input; encryptionKeyType?: pulumi.Input; } /** * Configuration settings for the MediaLive transit encryption key. */ interface RouterOutputResourceMediaLiveTransitEncryptionKeyConfiguration0PropertiesArgs { secretsManager: pulumi.Input; } /** * Configuration settings for the MediaLive transit encryption key. */ interface RouterOutputResourceMediaLiveTransitEncryptionKeyConfiguration1PropertiesArgs { automatic: pulumi.Input; } /** * Configuration for preferred day and time maintenance settings. */ interface RouterOutputResourcePreferredDayTimeMaintenanceConfigurationArgs { day: pulumi.Input; /** * The preferred time for maintenance operations. */ time: pulumi.Input; } /** * The configuration settings for a router output using the RIST (Reliable Internet Stream Transport) protocol, including the destination address and port. */ interface RouterOutputResourceRistRouterOutputConfigurationArgs { /** * The destination IP address for the RIST protocol in the router output configuration. */ destinationAddress: pulumi.Input; /** * The destination port number for the RIST protocol in the router output configuration. */ destinationPort: pulumi.Input; } /** * The configuration settings for a router output. */ interface RouterOutputResourceRouterOutputConfiguration0PropertiesArgs { standard: pulumi.Input; } /** * The configuration settings for a router output. */ interface RouterOutputResourceRouterOutputConfiguration1PropertiesArgs { mediaConnectFlow: pulumi.Input; } /** * The configuration settings for a router output. */ interface RouterOutputResourceRouterOutputConfiguration2PropertiesArgs { mediaLiveInput: pulumi.Input; } /** * The protocol configuration settings for a router output. */ interface RouterOutputResourceRouterOutputProtocolConfiguration0PropertiesArgs { rtp: pulumi.Input; } /** * The protocol configuration settings for a router output. */ interface RouterOutputResourceRouterOutputProtocolConfiguration1PropertiesArgs { rist: pulumi.Input; } /** * The protocol configuration settings for a router output. */ interface RouterOutputResourceRouterOutputProtocolConfiguration2PropertiesArgs { srtListener: pulumi.Input; } /** * The protocol configuration settings for a router output. */ interface RouterOutputResourceRouterOutputProtocolConfiguration3PropertiesArgs { srtCaller: pulumi.Input; } /** * The configuration settings for a router output using the RTP (Real-Time Transport Protocol) protocol, including the destination address and port, and forward error correction state. */ interface RouterOutputResourceRtpRouterOutputConfigurationArgs { /** * The destination IP address for the RTP protocol in the router output configuration. */ destinationAddress: pulumi.Input; /** * The destination port number for the RTP protocol in the router output configuration. */ destinationPort: pulumi.Input; forwardErrorCorrection?: pulumi.Input; } /** * The configuration settings for transit encryption using AWS Secrets Manager, including the secret ARN and role ARN. */ interface RouterOutputResourceSecretsManagerEncryptionKeyConfigurationArgs { /** * The ARN of the IAM role assumed by MediaConnect to access the AWS Secrets Manager secret. */ roleArn: pulumi.Input; /** * The ARN of the AWS Secrets Manager secret used for transit encryption. */ secretArn: pulumi.Input; } /** * The configuration settings for a router output using the SRT (Secure Reliable Transport) protocol in caller mode, including the destination address and port, minimum latency, stream ID, and encryption key configuration. */ interface RouterOutputResourceSrtCallerRouterOutputConfigurationArgs { /** * The destination IP address for the SRT protocol in caller mode. */ destinationAddress: pulumi.Input; /** * The destination port number for the SRT protocol in caller mode. */ destinationPort: pulumi.Input; encryptionConfiguration?: pulumi.Input; /** * The minimum latency in milliseconds for the SRT protocol in caller mode. */ minimumLatencyMilliseconds: pulumi.Input; /** * The stream ID for the SRT protocol in caller mode. */ streamId?: pulumi.Input; } /** * Contains the configuration settings for encrypting SRT streams, including the encryption key details and encryption parameters. */ interface RouterOutputResourceSrtEncryptionConfigurationArgs { encryptionKey: pulumi.Input; } /** * The configuration settings for a router output using the SRT (Secure Reliable Transport) protocol in listener mode, including the port, minimum latency, and encryption key configuration. */ interface RouterOutputResourceSrtListenerRouterOutputConfigurationArgs { encryptionConfiguration?: pulumi.Input; /** * The minimum latency in milliseconds for the SRT protocol in listener mode. */ minimumLatencyMilliseconds: pulumi.Input; /** * The port number for the SRT protocol in listener mode. */ port: pulumi.Input; } /** * The configuration settings for a standard router output, including the protocol, protocol-specific configuration, network interface, and availability zone. */ interface RouterOutputResourceStandardRouterOutputConfigurationArgs { /** * The Amazon Resource Name (ARN) of the network interface associated with the standard router output. */ networkInterfaceArn: pulumi.Input; protocol?: pulumi.Input; protocolConfiguration: pulumi.Input; } } export declare namespace medialive { /** * Network mappings for the cluster */ interface ClusterInterfaceMappingArgs { /** * logical interface name, unique in the list */ logicalInterfaceName?: pulumi.Input; /** * Network Id to be associated with the logical interface name, can be duplicated in list */ networkId?: pulumi.Input; } /** * On premises settings which will have the interface network mappings and default Output logical interface */ interface ClusterNetworkSettingsArgs { /** * Default value if the customer does not define it in channel Output API */ defaultRoute?: pulumi.Input; /** * Network mappings for the cluster */ interfaceMappings?: pulumi.Input[]>; } /** * The target to which to send matching events. */ interface EventBridgeRuleTemplateTargetArgs { /** * Target ARNs must be either an SNS topic or CloudWatch log group. */ arn: pulumi.Input; } /** * Multiplex MediaConnect output destination settings. */ interface MultiplexOutputDestinationArgs { /** * Multiplex MediaConnect output destination settings. */ multiplexMediaConnectOutputDestinationSettings?: pulumi.Input; } /** * Multiplex MediaConnect output destination settings. */ interface MultiplexOutputDestinationMultiplexMediaConnectOutputDestinationSettingsPropertiesArgs { /** * The MediaConnect entitlement ARN available as a Flow source. */ entitlementArn?: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface MultiplexSettingsArgs { /** * Maximum video buffer delay in milliseconds. */ maximumVideoBufferDelayMilliseconds?: pulumi.Input; /** * Transport stream bit rate. */ transportStreamBitrate: pulumi.Input; /** * Transport stream ID. */ transportStreamId: pulumi.Input; /** * Transport stream reserved bit rate. */ transportStreamReservedBitrate?: pulumi.Input; } /** * Packet identifiers map for a given Multiplex program. */ interface MultiplexprogramMultiplexProgramPacketIdentifiersMapArgs { audioPids?: pulumi.Input[]>; dvbSubPids?: pulumi.Input[]>; dvbTeletextPid?: pulumi.Input; etvPlatformPid?: pulumi.Input; etvSignalPid?: pulumi.Input; klvDataPids?: pulumi.Input[]>; pcrPid?: pulumi.Input; pmtPid?: pulumi.Input; privateMetadataPid?: pulumi.Input; scte27Pids?: pulumi.Input[]>; scte35Pid?: pulumi.Input; timedMetadataPid?: pulumi.Input; videoPid?: pulumi.Input; } /** * The current source for one of the pipelines in the multiplex. */ interface MultiplexprogramMultiplexProgramPipelineDetailArgs { /** * Identifies the channel pipeline that is currently active for the pipeline (identified by PipelineId) in the multiplex. */ activeChannelPipeline?: pulumi.Input; /** * Identifies a specific pipeline in the multiplex. */ pipelineId?: pulumi.Input; } /** * Transport stream service descriptor configuration for the Multiplex program. */ interface MultiplexprogramMultiplexProgramServiceDescriptorArgs { /** * Name of the provider. */ providerName: pulumi.Input; /** * Name of the service. */ serviceName: pulumi.Input; } /** * Multiplex Program settings configuration. */ interface MultiplexprogramMultiplexProgramSettingsArgs { /** * Indicates which pipeline is preferred by the multiplex for program ingest. */ preferredChannelPipeline?: pulumi.Input; /** * Unique program number. */ programNumber: pulumi.Input; /** * Transport stream service descriptor configuration for the Multiplex program. */ serviceDescriptor?: pulumi.Input; /** * Program video settings configuration. */ videoSettings?: pulumi.Input; } /** * The video configuration for each program in a multiplex. */ interface MultiplexprogramMultiplexVideoSettingsArgs { } /** * IP address cidr pool */ interface NetworkIpPoolArgs { /** * IP address cidr pool */ cidr?: pulumi.Input; } interface NetworkRouteArgs { /** * Ip address cidr */ cidr?: pulumi.Input; /** * IP address for the route packet paths */ gateway?: pulumi.Input; } } export declare namespace mediapackage { /** * The endpoint URL used to access an Asset using one PackagingConfiguration. */ interface AssetEgressEndpointArgs { /** * The ID of the PackagingConfiguration being applied to the Asset. */ packagingConfigurationId: pulumi.Input; /** * The URL of the parent manifest for the repackaged Asset. */ url: pulumi.Input; } /** * An HTTP Live Streaming (HLS) ingest resource configuration. */ interface ChannelHlsIngestArgs { /** * A list of endpoints to which the source stream should be sent. */ ingestEndpoints?: pulumi.Input[]>; } /** * An endpoint for ingesting source content for a Channel. */ interface ChannelIngestEndpointArgs { /** * The system generated unique identifier for the IngestEndpoint */ id?: pulumi.Input; /** * The system generated password for ingest authentication. */ password?: pulumi.Input; /** * The ingest URL to which the source stream should be sent. */ url?: pulumi.Input; /** * The system generated username for ingest authentication. */ username?: pulumi.Input; } interface ChannelLogConfigurationArgs { /** * Sets a custom AWS CloudWatch log group name for access logs. If a log group name isn't specified, the defaults are used: /aws/MediaPackage/EgressAccessLogs for egress access logs and /aws/MediaPackage/IngressAccessLogs for ingress access logs. */ logGroupName?: pulumi.Input; } /** * CDN Authorization credentials */ interface OriginEndpointAuthorizationArgs { /** * The Amazon Resource Name (ARN) for the secret in Secrets Manager that your Content Distribution Network (CDN) uses for authorization to access your endpoint. */ cdnIdentifierSecret: pulumi.Input; /** * The Amazon Resource Name (ARN) for the IAM role that allows MediaPackage to communicate with AWS Secrets Manager. */ secretsRoleArn: pulumi.Input; } /** * A Common Media Application Format (CMAF) encryption configuration. */ interface OriginEndpointCmafEncryptionArgs { /** * An optional 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting blocks. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV). */ constantInitializationVector?: pulumi.Input; /** * The encryption method used */ encryptionMethod?: pulumi.Input; /** * Time (in seconds) between each encryption key rotation. */ keyRotationIntervalSeconds?: pulumi.Input; /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A Common Media Application Format (CMAF) packaging configuration. */ interface OriginEndpointCmafPackageArgs { /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * A list of HLS manifest configurations */ hlsManifests?: pulumi.Input[]>; /** * Duration (in seconds) of each segment. Actual segments will be rounded to the nearest multiple of the source segment duration. */ segmentDurationSeconds?: pulumi.Input; /** * An optional custom string that is prepended to the name of each segment. If not specified, it defaults to the ChannelId. */ segmentPrefix?: pulumi.Input; /** * Limitations for outputs from the endpoint, based on the video bitrate. */ streamSelection?: pulumi.Input; } /** * A Dynamic Adaptive Streaming over HTTP (DASH) encryption configuration. */ interface OriginEndpointDashEncryptionArgs { /** * Time (in seconds) between each encryption key rotation. */ keyRotationIntervalSeconds?: pulumi.Input; /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration. */ interface OriginEndpointDashPackageArgs { /** * A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types. */ adTriggers?: pulumi.Input[]>; /** * The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) . */ adsOnDeliveryRestrictions?: pulumi.Input; /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * When enabled, an I-Frame only stream will be included in the output. */ includeIframeOnlyStream?: pulumi.Input; /** * Determines the position of some tags in the Media Presentation Description (MPD). When set to FULL, elements like SegmentTemplate and ContentProtection are included in each Representation. When set to COMPACT, duplicate elements are combined and presented at the AdaptationSet level. */ manifestLayout?: pulumi.Input; /** * Time window (in seconds) contained in each manifest. */ manifestWindowSeconds?: pulumi.Input; /** * Minimum duration (in seconds) that a player will buffer media before starting the presentation. */ minBufferTimeSeconds?: pulumi.Input; /** * Minimum duration (in seconds) between potential changes to the Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD). */ minUpdatePeriodSeconds?: pulumi.Input; /** * A list of triggers that controls when the outgoing Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD) will be partitioned into multiple periods. If empty, the content will not be partitioned into more than one period. If the list contains "ADS", new periods will be created where the Channel source contains SCTE-35 ad markers. */ periodTriggers?: pulumi.Input[]>; /** * The Dynamic Adaptive Streaming over HTTP (DASH) profile type. When set to "HBBTV_1_5", HbbTV 1.5 compliant output is enabled. */ profile?: pulumi.Input; /** * Duration (in seconds) of each segment. Actual segments will be rounded to the nearest multiple of the source segment duration. */ segmentDurationSeconds?: pulumi.Input; /** * Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to NUMBER_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to TIME_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to NUMBER_WITH_DURATION, only a duration is included in each SegmentTemplate, with $Number$ media URLs. */ segmentTemplateFormat?: pulumi.Input; /** * Limitations for outputs from the endpoint, based on the video bitrate. */ streamSelection?: pulumi.Input; /** * Duration (in seconds) to delay live content before presentation. */ suggestedPresentationDelaySeconds?: pulumi.Input; /** * Determines the type of UTCTiming included in the Media Presentation Description (MPD) */ utcTiming?: pulumi.Input; /** * Specifies the value attribute of the UTCTiming field when utcTiming is set to HTTP-ISO, HTTP-HEAD or HTTP-XSDATE */ utcTimingUri?: pulumi.Input; } /** * The configuration to use for encrypting one or more content tracks separately for endpoints that use SPEKE 2.0. */ interface OriginEndpointEncryptionContractConfigurationArgs { /** * A collection of audio encryption presets. */ presetSpeke20Audio: pulumi.Input; /** * A collection of video encryption presets. */ presetSpeke20Video: pulumi.Input; } /** * An HTTP Live Streaming (HLS) encryption configuration. */ interface OriginEndpointHlsEncryptionArgs { /** * A constant initialization vector for encryption (optional). When not specified the initialization vector will be periodically rotated. */ constantInitializationVector?: pulumi.Input; /** * The encryption method to use. */ encryptionMethod?: pulumi.Input; /** * Interval (in seconds) between each encryption key rotation. */ keyRotationIntervalSeconds?: pulumi.Input; /** * When enabled, the EXT-X-KEY tag will be repeated in output manifests. */ repeatExtXKey?: pulumi.Input; /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A HTTP Live Streaming (HLS) manifest configuration. */ interface OriginEndpointHlsManifestArgs { /** * This setting controls how ad markers are included in the packaged OriginEndpoint. "NONE" will omit all SCTE-35 ad markers from the output. "PASSTHROUGH" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. "SCTE35_ENHANCED" generates ad markers and blackout tags based on SCTE-35 messages in the input source. "DATERANGE" inserts EXT-X-DATERANGE tags to signal ad and program transition events in HLS and CMAF manifests. For this option, you must set a programDateTimeIntervalSeconds value that is greater than 0. */ adMarkers?: pulumi.Input; /** * A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types. */ adTriggers?: pulumi.Input[]>; /** * The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) . */ adsOnDeliveryRestrictions?: pulumi.Input; /** * The ID of the manifest. The ID must be unique within the OriginEndpoint and it cannot be changed after it is created. */ id: pulumi.Input; /** * When enabled, an I-Frame only stream will be included in the output. */ includeIframeOnlyStream?: pulumi.Input; /** * An optional short string appended to the end of the OriginEndpoint URL. If not specified, defaults to the manifestName for the OriginEndpoint. */ manifestName?: pulumi.Input; /** * The HTTP Live Streaming (HLS) playlist type. When either "EVENT" or "VOD" is specified, a corresponding EXT-X-PLAYLIST-TYPE entry will be included in the media playlist. */ playlistType?: pulumi.Input; /** * Time window (in seconds) contained in each parent manifest. */ playlistWindowSeconds?: pulumi.Input; /** * The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output. */ programDateTimeIntervalSeconds?: pulumi.Input; /** * The URL of the packaged OriginEndpoint for consumption. */ url?: pulumi.Input; } /** * An HTTP Live Streaming (HLS) packaging configuration. */ interface OriginEndpointHlsPackageArgs { /** * This setting controls how ad markers are included in the packaged OriginEndpoint. "NONE" will omit all SCTE-35 ad markers from the output. "PASSTHROUGH" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. "SCTE35_ENHANCED" generates ad markers and blackout tags based on SCTE-35 messages in the input source. "DATERANGE" inserts EXT-X-DATERANGE tags to signal ad and program transition events in HLS and CMAF manifests. For this option, you must set a programDateTimeIntervalSeconds value that is greater than 0. */ adMarkers?: pulumi.Input; /** * A list of SCTE-35 message types that are treated as ad markers in the output. If empty, no ad markers are output. Specify multiple items to create ad markers for all of the included message types. */ adTriggers?: pulumi.Input[]>; /** * The flags on SCTE-35 segmentation descriptors that have to be present for AWS Elemental MediaPackage to insert ad markers in the output manifest. For information about SCTE-35 in AWS Elemental MediaPackage , see [SCTE-35 Message Options in AWS Elemental MediaPackage](https://docs.aws.amazon.com/mediapackage/latest/ug/scte.html) . */ adsOnDeliveryRestrictions?: pulumi.Input; /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output. */ includeDvbSubtitles?: pulumi.Input; /** * When enabled, an I-Frame only stream will be included in the output. */ includeIframeOnlyStream?: pulumi.Input; /** * The HTTP Live Streaming (HLS) playlist type. When either "EVENT" or "VOD" is specified, a corresponding EXT-X-PLAYLIST-TYPE entry will be included in the media playlist. */ playlistType?: pulumi.Input; /** * Time window (in seconds) contained in each parent manifest. */ playlistWindowSeconds?: pulumi.Input; /** * The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output. */ programDateTimeIntervalSeconds?: pulumi.Input; /** * Duration (in seconds) of each fragment. Actual fragments will be rounded to the nearest multiple of the source fragment duration. */ segmentDurationSeconds?: pulumi.Input; /** * Limitations for outputs from the endpoint, based on the video bitrate. */ streamSelection?: pulumi.Input; /** * When enabled, audio streams will be placed in rendition groups in the output. */ useAudioRenditionGroup?: pulumi.Input; } /** * A Microsoft Smooth Streaming (MSS) encryption configuration. */ interface OriginEndpointMssEncryptionArgs { /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A Microsoft Smooth Streaming (MSS) packaging configuration. */ interface OriginEndpointMssPackageArgs { /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * The time window (in seconds) contained in each manifest. */ manifestWindowSeconds?: pulumi.Input; /** * The duration (in seconds) of each segment. */ segmentDurationSeconds?: pulumi.Input; /** * Limitations for outputs from the endpoint, based on the video bitrate. */ streamSelection?: pulumi.Input; } /** * A configuration for accessing an external Secure Packager and Encoder Key Exchange (SPEKE) service that will provide encryption keys. */ interface OriginEndpointSpekeKeyProviderArgs { /** * An Amazon Resource Name (ARN) of a Certificate Manager certificate that MediaPackage will use for enforcing secure end-to-end data transfer with the key provider service. */ certificateArn?: pulumi.Input; /** * Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use. */ encryptionContractConfiguration?: pulumi.Input; /** * The resource ID to include in key requests. */ resourceId: pulumi.Input; /** * An Amazon Resource Name (ARN) of an IAM role that AWS Elemental MediaPackage will assume when accessing the key provider service. */ roleArn: pulumi.Input; /** * The system IDs to include in key requests. */ systemIds: pulumi.Input[]>; /** * The URL of the external key provider service. */ url: pulumi.Input; } /** * A StreamSelection configuration. */ interface OriginEndpointStreamSelectionArgs { /** * The maximum video bitrate (bps) to include in output. */ maxVideoBitsPerSecond?: pulumi.Input; /** * The minimum video bitrate (bps) to include in output. */ minVideoBitsPerSecond?: pulumi.Input; /** * A directive that determines the order of streams in the output. */ streamOrder?: pulumi.Input; } /** * A CMAF encryption configuration. */ interface PackagingConfigurationCmafEncryptionArgs { /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A CMAF packaging configuration. */ interface PackagingConfigurationCmafPackageArgs { /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * A list of HLS manifest configurations. */ hlsManifests: pulumi.Input[]>; /** * When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback. */ includeEncoderConfigurationInSegments?: pulumi.Input; /** * Duration (in seconds) of each segment. Actual segments are rounded to the nearest multiple of the source fragment duration. */ segmentDurationSeconds?: pulumi.Input; } /** * A Dynamic Adaptive Streaming over HTTP (DASH) encryption configuration. */ interface PackagingConfigurationDashEncryptionArgs { /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A DASH manifest configuration. */ interface PackagingConfigurationDashManifestArgs { /** * Determines the position of some tags in the Media Presentation Description (MPD). When set to FULL, elements like SegmentTemplate and ContentProtection are included in each Representation. When set to COMPACT, duplicate elements are combined and presented at the AdaptationSet level. */ manifestLayout?: pulumi.Input; /** * A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration. */ manifestName?: pulumi.Input; /** * Minimum duration (in seconds) that a player will buffer media before starting the presentation. */ minBufferTimeSeconds?: pulumi.Input; /** * The Dynamic Adaptive Streaming over HTTP (DASH) profile type. When set to "HBBTV_1_5", HbbTV 1.5 compliant output is enabled. */ profile?: pulumi.Input; /** * The source of scte markers used. When set to SEGMENTS, the scte markers are sourced from the segments of the ingested content. When set to MANIFEST, the scte markers are sourced from the manifest of the ingested content. */ scteMarkersSource?: pulumi.Input; /** * Limitations for outputs from the endpoint, based on the video bitrate. */ streamSelection?: pulumi.Input; } /** * A Dynamic Adaptive Streaming over HTTP (DASH) packaging configuration. */ interface PackagingConfigurationDashPackageArgs { /** * A list of DASH manifest configurations. */ dashManifests: pulumi.Input[]>; /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * When includeEncoderConfigurationInSegments is set to true, MediaPackage places your encoder's Sequence Parameter Set (SPS), Picture Parameter Set (PPS), and Video Parameter Set (VPS) metadata in every video segment instead of in the init fragment. This lets you use different SPS/PPS/VPS settings for your assets during content playback. */ includeEncoderConfigurationInSegments?: pulumi.Input; /** * When enabled, an I-Frame only stream will be included in the output. */ includeIframeOnlyStream?: pulumi.Input; /** * A list of triggers that controls when the outgoing Dynamic Adaptive Streaming over HTTP (DASH) Media Presentation Description (MPD) will be partitioned into multiple periods. If empty, the content will not be partitioned into more than one period. If the list contains "ADS", new periods will be created where the Asset contains SCTE-35 ad markers. */ periodTriggers?: pulumi.Input[]>; /** * Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source segment duration. */ segmentDurationSeconds?: pulumi.Input; /** * Determines the type of SegmentTemplate included in the Media Presentation Description (MPD). When set to NUMBER_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Number$ media URLs. When set to TIME_WITH_TIMELINE, a full timeline is presented in each SegmentTemplate, with $Time$ media URLs. When set to NUMBER_WITH_DURATION, only a duration is included in each SegmentTemplate, with $Number$ media URLs. */ segmentTemplateFormat?: pulumi.Input; } /** * The configuration to use for encrypting one or more content tracks separately for endpoints that use SPEKE 2.0. */ interface PackagingConfigurationEncryptionContractConfigurationArgs { /** * A collection of audio encryption presets. */ presetSpeke20Audio: pulumi.Input; /** * A collection of video encryption presets. */ presetSpeke20Video: pulumi.Input; } /** * An HTTP Live Streaming (HLS) encryption configuration. */ interface PackagingConfigurationHlsEncryptionArgs { /** * An HTTP Live Streaming (HLS) encryption configuration. */ constantInitializationVector?: pulumi.Input; /** * The encryption method to use. */ encryptionMethod?: pulumi.Input; /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * An HTTP Live Streaming (HLS) manifest configuration. */ interface PackagingConfigurationHlsManifestArgs { /** * This setting controls how ad markers are included in the packaged OriginEndpoint. "NONE" will omit all SCTE-35 ad markers from the output. "PASSTHROUGH" causes the manifest to contain a copy of the SCTE-35 ad markers (comments) taken directly from the input HTTP Live Streaming (HLS) manifest. "SCTE35_ENHANCED" generates ad markers and blackout tags based on SCTE-35 messages in the input source. */ adMarkers?: pulumi.Input; /** * When enabled, an I-Frame only stream will be included in the output. */ includeIframeOnlyStream?: pulumi.Input; /** * A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration. */ manifestName?: pulumi.Input; /** * The interval (in seconds) between each EXT-X-PROGRAM-DATE-TIME tag inserted into manifests. Additionally, when an interval is specified ID3Timed Metadata messages will be generated every 5 seconds using the ingest time of the content. If the interval is not specified, or set to 0, then no EXT-X-PROGRAM-DATE-TIME tags will be inserted into manifests and no ID3Timed Metadata messages will be generated. Note that irrespective of this parameter, if any ID3 Timed Metadata is found in HTTP Live Streaming (HLS) input, it will be passed through to HLS output. */ programDateTimeIntervalSeconds?: pulumi.Input; /** * When enabled, the EXT-X-KEY tag will be repeated in output manifests. */ repeatExtXKey?: pulumi.Input; /** * Video bitrate limitations for outputs from this packaging configuration. */ streamSelection?: pulumi.Input; } /** * An HTTP Live Streaming (HLS) packaging configuration. */ interface PackagingConfigurationHlsPackageArgs { /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * A list of HLS manifest configurations. */ hlsManifests: pulumi.Input[]>; /** * When enabled, MediaPackage passes through digital video broadcasting (DVB) subtitles into the output. */ includeDvbSubtitles?: pulumi.Input; /** * Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration. */ segmentDurationSeconds?: pulumi.Input; /** * When enabled, audio streams will be placed in rendition groups in the output. */ useAudioRenditionGroup?: pulumi.Input; } /** * A CMAF encryption configuration. */ interface PackagingConfigurationMssEncryptionArgs { /** * Parameters for the SPEKE key provider. */ spekeKeyProvider: pulumi.Input; } /** * A Microsoft Smooth Streaming (MSS) manifest configuration. */ interface PackagingConfigurationMssManifestArgs { /** * A short string that's appended to the end of the endpoint URL to create a unique path to this packaging configuration. */ manifestName?: pulumi.Input; /** * Video bitrate limitations for outputs from this packaging configuration. */ streamSelection?: pulumi.Input; } /** * A Microsoft Smooth Streaming (MSS) PackagingConfiguration. */ interface PackagingConfigurationMssPackageArgs { /** * Parameters for encrypting content. */ encryption?: pulumi.Input; /** * A list of MSS manifest configurations. */ mssManifests: pulumi.Input[]>; /** * Duration (in seconds) of each fragment. Actual fragments are rounded to the nearest multiple of the source fragment duration. */ segmentDurationSeconds?: pulumi.Input; } /** * A configuration for accessing an external Secure Packager and Encoder Key Exchange (SPEKE) service that will provide encryption keys. */ interface PackagingConfigurationSpekeKeyProviderArgs { /** * Use `encryptionContractConfiguration` to configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use. */ encryptionContractConfiguration?: pulumi.Input; /** * The ARN for the IAM role that's granted by the key provider to provide access to the key provider API. Valid format: arn:aws:iam::{accountID}:role/{name} */ roleArn: pulumi.Input; /** * The system IDs to include in key requests. */ systemIds: pulumi.Input[]>; /** * The URL of the external key provider service. */ url: pulumi.Input; } /** * A StreamSelection configuration. */ interface PackagingConfigurationStreamSelectionArgs { /** * The maximum video bitrate (bps) to include in output. */ maxVideoBitsPerSecond?: pulumi.Input; /** * The minimum video bitrate (bps) to include in output. */ minVideoBitsPerSecond?: pulumi.Input; /** * A directive that determines the order of streams in the output. */ streamOrder?: pulumi.Input; } interface PackagingGroupAuthorizationArgs { /** * The Amazon Resource Name (ARN) for the secret in AWS Secrets Manager that is used for CDN authorization. */ cdnIdentifierSecret: pulumi.Input; /** * The Amazon Resource Name (ARN) for the IAM role that allows MediaPackage to communicate with AWS Secrets Manager. */ secretsRoleArn: pulumi.Input; } interface PackagingGroupLogConfigurationArgs { /** * Sets a custom AWS CloudWatch log group name for egress logs. If a log group name isn't specified, the default name is used: /aws/MediaPackage/VodEgressAccessLogs. */ logGroupName?: pulumi.Input; } } export declare namespace mediapackagev2 { /** *

The configuration for input switching based on the media quality confidence score (MQCS) as provided from AWS Elemental MediaLive.

*/ interface ChannelInputSwitchConfigurationArgs { /** *

When true, AWS Elemental MediaPackage performs input switching based on the MQCS. Default is true. This setting is valid only when InputType is CMAF.

*/ mqcsInputSwitching?: pulumi.Input; /** * For CMAF inputs, indicates which input MediaPackage should prefer when both inputs have equal MQCS scores. Select `1` to prefer the first ingest endpoint, or `2` to prefer the second ingest endpoint. If you don't specify a preferred input, MediaPackage uses its default switching behavior when MQCS scores are equal. */ preferredInput?: pulumi.Input; } /** *

The settings for what common media server data (CMSD) headers AWS Elemental MediaPackage includes in responses to the CDN.

*/ interface ChannelOutputHeaderConfigurationArgs { /** *

When true, AWS Elemental MediaPackage includes the MQCS in responses to the CDN. This setting is valid only when InputType is CMAF.

*/ publishMqcs?: pulumi.Input; } /** *

The base URLs to use for retrieving segments. You can specify multiple locations and indicate the priority and weight for when each should be used, for use in mutli-CDN workflows.

*/ interface OriginEndpointDashBaseUrlArgs { /** *

For use with DVB-DASH profiles only. The priority of this location for servings segments. The lower the number, the higher the priority.

*/ dvbPriority?: pulumi.Input; /** *

For use with DVB-DASH profiles only. The weighting for source locations that have the same priority.

*/ dvbWeight?: pulumi.Input; /** *

The name of the source location.

*/ serviceLocation?: pulumi.Input; /** *

A source location for segments.

*/ url: pulumi.Input; } /** *

For use with DVB-DASH profiles only. The settings for font downloads that you want Elemental MediaPackage to pass through to the manifest.

*/ interface OriginEndpointDashDvbFontDownloadArgs { /** *

The fontFamily name for subtitles, as described in EBU-TT-D Subtitling Distribution Format.

*/ fontFamily?: pulumi.Input; /** *

The mimeType of the resource that's at the font download URL.

For information about font MIME types, see the MPEG-DASH Profile for Transport of ISO BMFF Based DVB Services over IP Based Networks document.

*/ mimeType?: pulumi.Input; /** *

The URL for downloading fonts for subtitles.

*/ url?: pulumi.Input; } /** *

For use with DVB-DASH profiles only. The settings for error reporting from the playback device that you want Elemental MediaPackage to pass through to the manifest.

*/ interface OriginEndpointDashDvbMetricsReportingArgs { /** *

The number of playback devices per 1000 that will send error reports to the reporting URL. This represents the probability that a playback device will be a reporting player for this session.

*/ probability?: pulumi.Input; /** *

The URL where playback devices send error reports.

*/ reportingUrl: pulumi.Input; } /** *

For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest.

*/ interface OriginEndpointDashDvbSettingsArgs { /** *

Playback device error reporting settings.

*/ errorMetrics?: pulumi.Input[]>; /** * Subtitle font settings. */ fontDownload?: pulumi.Input; } /** *

Retrieve the DASH manifest configuration.

*/ interface OriginEndpointDashManifestConfigurationArgs { /** *

The base URL to use for retrieving segments.

*/ baseUrls?: pulumi.Input[]>; /** * The layout of the DASH manifest that MediaPackage produces. `STANDARD` indicates a default manifest, which is compacted. `NONE` indicates a full manifest. * * For information about compactness, see [DASH manifest compactness](https://docs.aws.amazon.com/mediapackage/latest/userguide/compacted.html) in the *AWS Elemental MediaPackage v2 User Guide* . */ compactness?: pulumi.Input; /** * Determines how the DASH manifest signals the DRM content. */ drmSignaling?: pulumi.Input; /** * For endpoints that use the DVB-DASH profile only. The font download and error reporting information that you want MediaPackage to pass through to the manifest. */ dvbSettings?: pulumi.Input; /** * Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest. */ filterConfiguration?: pulumi.Input; /** *

A short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index.

*/ manifestName: pulumi.Input; /** *

The total duration (in seconds) of the manifest's content.

*/ manifestWindowSeconds?: pulumi.Input; /** *

Minimum amount of content (in seconds) that a player must keep available in the buffer.

*/ minBufferTimeSeconds?: pulumi.Input; /** *

Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest.

*/ minUpdatePeriodSeconds?: pulumi.Input; /** *

A list of triggers that controls when AWS Elemental MediaPackage separates the MPEG-DASH manifest into multiple periods. Leave this value empty to indicate that the manifest is contained all in one period. For more information about periods in the DASH manifest, see Multi-period DASH in AWS Elemental MediaPackage.

*/ periodTriggers?: pulumi.Input[]>; /** *

The profile that the output is compliant with.

*/ profiles?: pulumi.Input[]>; /** * Details about the content that you want MediaPackage to pass through in the manifest to the playback device. */ programInformation?: pulumi.Input; /** * The SCTE configuration. */ scteDash?: pulumi.Input; /** * Determines the type of variable used in the `media` URL of the `SegmentTemplate` tag in the manifest. Also specifies if segment timeline information is included in `SegmentTimeline` or `SegmentTemplate` . * * Value description: * * - `NUMBER_WITH_TIMELINE` - The `$Number$` variable is used in the `media` URL. The value of this variable is the sequential number of the segment. A full `SegmentTimeline` object is presented in each `SegmentTemplate` . */ segmentTemplateFormat?: pulumi.Input; /** * The configuration for DASH subtitles. */ subtitleConfiguration?: pulumi.Input; /** *

The amount of time (in seconds) that the player should be from the end of the manifest.

*/ suggestedPresentationDelaySeconds?: pulumi.Input; /** * Determines the type of UTC timing included in the DASH Media Presentation Description (MPD). */ utcTiming?: pulumi.Input; } /** *

Details about the content that you want MediaPackage to pass through in the manifest to the playback device.

*/ interface OriginEndpointDashProgramInformationArgs { /** *

A copyright statement about the content.

*/ copyright?: pulumi.Input; /** *

The language code for this manifest.

*/ languageCode?: pulumi.Input; /** *

An absolute URL that contains more information about this content.

*/ moreInformationUrl?: pulumi.Input; /** *

Information about the content provider.

*/ source?: pulumi.Input; /** *

The title for the manifest.

*/ title?: pulumi.Input; } /** *

The configuration for DASH subtitles.

*/ interface OriginEndpointDashSubtitleConfigurationArgs { /** * Settings for TTML subtitles. */ ttmlConfiguration?: pulumi.Input; } /** *

The settings for TTML subtitles.

*/ interface OriginEndpointDashTtmlConfigurationArgs { /** * The profile that MediaPackage uses when signaling subtitles in the manifest. `IMSC` is the default profile. `EBU-TT-D` produces subtitles that are compliant with the EBU-TT-D TTML profile. MediaPackage passes through subtitle styles to the manifest. For more information about EBU-TT-D subtitles, see [EBU-TT-D Subtitling Distribution Format](https://docs.aws.amazon.com/https://tech.ebu.ch/publications/tech3380) . */ ttmlProfile: pulumi.Input; } /** *

Determines the type of UTC timing included in the DASH Media Presentation Description (MPD).

*/ interface OriginEndpointDashUtcTimingArgs { /** * The UTC timing mode. */ timingMode?: pulumi.Input; /** *

The the method that the player uses to synchronize to coordinated universal time (UTC) wall clock time.

*/ timingSource?: pulumi.Input; } /** *

The parameters for encrypting content.

*/ interface OriginEndpointEncryptionArgs { /** *

Excludes SEIG and SGPD boxes from segment metadata in CMAF containers.

When set to true, MediaPackage omits these DRM metadata boxes from CMAF segments, which can improve compatibility with certain devices and players that don't support these boxes.

Important considerations:

  • This setting only affects CMAF container formats

  • Key rotation can still be handled through media playlist signaling

  • PSSH and TENC boxes remain unaffected

  • Default behavior is preserved when this setting is disabled

Valid values: true | false

Default: false

*/ cmafExcludeSegmentDrmMetadata?: pulumi.Input; /** *

A 128-bit, 16-byte hex value represented by a 32-character string, used in conjunction with the key for encrypting content. If you don't specify a value, then MediaPackage creates the constant initialization vector (IV).

*/ constantInitializationVector?: pulumi.Input; /** * The encryption method to use. */ encryptionMethod: pulumi.Input; /** *

The frequency (in seconds) of key changes for live workflows, in which content is streamed real time. The service retrieves content keys before the live content begins streaming, and then retrieves them as needed over the lifetime of the workflow. By default, key rotation is set to 300 seconds (5 minutes), the minimum rotation interval, which is equivalent to setting it to 300. If you don't enter an interval, content keys aren't rotated.

The following example setting causes the service to rotate keys every thirty minutes: 1800

*/ keyRotationIntervalSeconds?: pulumi.Input; /** * The SPEKE key provider to use for encryption. */ spekeKeyProvider: pulumi.Input; } /** *

Configure one or more content encryption keys for your endpoints that use SPEKE Version 2.0. The encryption contract defines which content keys are used to encrypt the audio and video tracks in your stream. To configure the encryption contract, specify which audio and video encryption presets to use.

*/ interface OriginEndpointEncryptionContractConfigurationArgs { /** * A collection of audio encryption presets. * * Value description: * * - `PRESET-AUDIO-1` - Use one content key to encrypt all of the audio tracks in your stream. * - `PRESET-AUDIO-2` - Use one content key to encrypt all of the stereo audio tracks and one content key to encrypt all of the multichannel audio tracks. * - `PRESET-AUDIO-3` - Use one content key to encrypt all of the stereo audio tracks, one content key to encrypt all of the multichannel audio tracks with 3 to 6 channels, and one content key to encrypt all of the multichannel audio tracks with more than 6 channels. * - `SHARED` - Use the same content key for all of the audio and video tracks in your stream. * - `UNENCRYPTED` - Don't encrypt any of the audio tracks in your stream. */ presetSpeke20Audio: pulumi.Input; /** * The SPEKE Version 2.0 preset video associated with the encryption contract configuration of the origin endpoint. * * A collection of video encryption presets. * * Value description: * * - `PRESET-VIDEO-1` - Use one content key to encrypt all of the video tracks in your stream. * - `PRESET-VIDEO-2` - Use one content key to encrypt all of the SD video tracks and one content key for all HD and higher resolutions video tracks. * - `PRESET-VIDEO-3` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks and one content key for all UHD video tracks. * - `PRESET-VIDEO-4` - Use one content key to encrypt all of the SD video tracks, one content key for HD video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks. * - `PRESET-VIDEO-5` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks. * - `PRESET-VIDEO-6` - Use one content key to encrypt all of the SD video tracks, one content key for HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks. * - `PRESET-VIDEO-7` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks and one content key for all UHD video tracks. * - `PRESET-VIDEO-8` - Use one content key to encrypt all of the SD+HD1 video tracks, one content key for HD2 video tracks, one content key for all UHD1 video tracks and one content key for all UHD2 video tracks. * - `SHARED` - Use the same content key for all of the video and audio tracks in your stream. * - `UNENCRYPTED` - Don't encrypt any of the video tracks in your stream. */ presetSpeke20Video: pulumi.Input; } /** *

The encryption type.

*/ interface OriginEndpointEncryptionMethodArgs { /** * The encryption method to use. */ cmafEncryptionMethod?: pulumi.Input; /** * The encryption method used for Microsoft Smooth Streaming (MSS) content. This specifies how the MSS segments are encrypted to protect the content during delivery to client players. */ ismEncryptionMethod?: pulumi.Input; /** * The encryption method to use. */ tsEncryptionMethod?: pulumi.Input; } /** *

Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest.

*/ interface OriginEndpointFilterConfigurationArgs { /** *

Optionally specify the clip start time for all of your manifest egress requests. When you include clip start time, note that you cannot use clip start time query parameters for this manifest's endpoint URL.

*/ clipStartTime?: pulumi.Input; /** *

Optionally specify one or more DRM settings for all of your manifest egress requests. When you include a DRM setting, note that you cannot use an identical DRM setting query parameter for this manifest's endpoint URL.

*/ drmSettings?: pulumi.Input; /** *

Optionally specify the end time for all of your manifest egress requests. When you include end time, note that you cannot use end time query parameters for this manifest's endpoint URL.

*/ end?: pulumi.Input; /** *

Optionally specify one or more manifest filters for all of your manifest egress requests. When you include a manifest filter, note that you cannot use an identical manifest filter query parameter for this manifest's endpoint URL.

*/ manifestFilter?: pulumi.Input; /** *

Optionally specify the start time for all of your manifest egress requests. When you include start time, note that you cannot use start time query parameters for this manifest's endpoint URL.

*/ start?: pulumi.Input; /** *

Optionally specify the time delay for all of your manifest egress requests. Enter a value that is smaller than your endpoint's startover window. When you include time delay, note that you cannot use time delay query parameters for this manifest's endpoint URL.

*/ timeDelaySeconds?: pulumi.Input; } /** *

The failover settings for the endpoint.

*/ interface OriginEndpointForceEndpointErrorConfigurationArgs { /** *

The failover conditions for the endpoint. The options are:

  • STALE_MANIFEST - The manifest stalled and there are no new segments or parts.

  • INCOMPLETE_MANIFEST - There is a gap in the manifest.

  • MISSING_DRM_KEY - Key rotation is enabled but we're unable to fetch the key for the current key period.

  • SLATE_INPUT - The segments which contain slate content are considered to be missing content.

*/ endpointErrorConditions?: pulumi.Input[]>; } /** *

Retrieve the HTTP live streaming (HLS) manifest configuration.

*/ interface OriginEndpointHlsManifestConfigurationArgs { /** *

A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

*/ childManifestName?: pulumi.Input; /** * Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest. */ filterConfiguration?: pulumi.Input; /** *

A short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

*/ manifestName: pulumi.Input; /** *

The total duration (in seconds) of the manifest's content.

*/ manifestWindowSeconds?: pulumi.Input; /** *

Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.

Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.

*/ programDateTimeIntervalSeconds?: pulumi.Input; /** * THE SCTE-35 HLS configuration associated with the HLS manifest configuration. */ scteHls?: pulumi.Input; /** * To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag. */ startTag?: pulumi.Input; /** *

The egress domain URL for stream delivery from MediaPackage.

*/ url?: pulumi.Input; /** *

When enabled, MediaPackage URL-encodes the query string for API requests for HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol. For more information, see Amazon Web Services Signature Version 4 for API requests in Identity and Access Management User Guide.

*/ urlEncodeChildManifest?: pulumi.Input; } /** *

Retrieve the low-latency HTTP live streaming (HLS) manifest configuration.

*/ interface OriginEndpointLowLatencyHlsManifestConfigurationArgs { /** *

A short string that's appended to the endpoint URL. The child manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default child manifest name, index_1. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

*/ childManifestName?: pulumi.Input; /** * Filter configuration includes settings for manifest filtering, start and end times, and time delay that apply to all of your egress requests for this manifest. */ filterConfiguration?: pulumi.Input; /** *

A short short string that's appended to the endpoint URL. The manifest name creates a unique path to this endpoint. If you don't enter a value, MediaPackage uses the default manifest name, index. MediaPackage automatically inserts the format extension, such as .m3u8. You can't use the same manifest name if you use HLS manifest and low-latency HLS manifest. The manifestName on the HLSManifest object overrides the manifestName you provided on the originEndpoint object.

*/ manifestName: pulumi.Input; /** *

The total duration (in seconds) of the manifest's content.

*/ manifestWindowSeconds?: pulumi.Input; /** *

Inserts EXT-X-PROGRAM-DATE-TIME tags in the output manifest at the interval that you specify. If you don't enter an interval, EXT-X-PROGRAM-DATE-TIME tags aren't included in the manifest. The tags sync the stream to the wall clock so that viewers can seek to a specific time in the playback timeline on the player.

Irrespective of this parameter, if any ID3Timed metadata is in the HLS input, it is passed through to the HLS output.

*/ programDateTimeIntervalSeconds?: pulumi.Input; /** * The SCTE-35 HLS configuration associated with the low-latency HLS (LL-HLS) manifest configuration of the origin endpoint. */ scteHls?: pulumi.Input; /** * To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag. */ startTag?: pulumi.Input; /** *

The egress domain URL for stream delivery from MediaPackage.

*/ url?: pulumi.Input; /** *

When enabled, MediaPackage URL-encodes the query string for API requests for LL-HLS child manifests to comply with Amazon Web Services Signature Version 4 (SigV4) signature signing protocol. For more information, see Amazon Web Services Signature Version 4 for API requests in Identity and Access Management User Guide.

*/ urlEncodeChildManifest?: pulumi.Input; } /** *

Configuration details for a Microsoft Smooth Streaming (MSS) manifest associated with an origin endpoint. This includes all the settings and properties that define how the MSS content is packaged and delivered.

*/ interface OriginEndpointMssManifestConfigurationArgs { filterConfiguration?: pulumi.Input; manifestLayout?: pulumi.Input; /** *

The name of the MSS manifest. This name is appended to the origin endpoint URL to create the unique path for accessing this specific MSS manifest.

*/ manifestName: pulumi.Input; /** *

The duration (in seconds) of the manifest window. This represents the total amount of content available in the manifest at any given time.

*/ manifestWindowSeconds?: pulumi.Input; } interface OriginEndpointPolicyCdnAuthConfigurationArgs { /** * The ARN for the secret in Secrets Manager that your CDN uses for authorization to access the endpoint. */ cdnIdentifierSecretArns: pulumi.Input[]>; /** * The ARN for the IAM role that gives MediaPackage read access to Secrets Manager and AWS for CDN authorization. */ secretsRoleArn: pulumi.Input; } /** *

The SCTE configuration.

*/ interface OriginEndpointScteArgs { /** *

The SCTE-35 message types that you want to be treated as ad markers in the output.

*/ scteFilter?: pulumi.Input[]>; /** * Controls whether SCTE-35 messages are included in segment files. * * - None – SCTE-35 messages are not included in segments (default) * - All – SCTE-35 messages are embedded in segment data * * For DASH manifests, when set to `All` , an `InbandEventStream` tag signals that SCTE messages are present in segments. This setting works independently of manifest ad markers. */ scteInSegments?: pulumi.Input; } /** *

The SCTE configuration.

*/ interface OriginEndpointScteDashArgs { /** * Choose how ad markers are included in the packaged content. If you include ad markers in the content stream in your upstream encoders, then you need to inform MediaPackage what to do with the ad markers in the output. * * Value description: * * - `Binary` - The SCTE-35 marker is expressed as a hex-string (Base64 string) rather than full XML. * - `XML` - The SCTE marker is expressed fully in XML. */ adMarkerDash?: pulumi.Input; } /** *

The SCTE configuration.

*/ interface OriginEndpointScteHlsArgs { /** * The SCTE-35 HLS ad-marker configuration. */ adMarkerHls?: pulumi.Input; } /** *

The segment configuration, including the segment name, duration, and other configuration values.

*/ interface OriginEndpointSegmentArgs { /** * Whether to use encryption for the segment. */ encryption?: pulumi.Input; /** *

When selected, the stream set includes an additional I-frame only stream, along with the other tracks. If false, this extra stream is not included. MediaPackage generates an I-frame only stream from the first rendition in the manifest. The service inserts EXT-I-FRAMES-ONLY tags in the output manifest, and then generates and includes an I-frames only playlist in the stream. This playlist permits player functionality like fast forward and rewind.

*/ includeIframeOnlyStreams?: pulumi.Input; /** * The SCTE-35 configuration associated with the segment. */ scte?: pulumi.Input; /** *

The duration (in seconds) of each segment. Enter a value equal to, or a multiple of, the input segment duration. If the value that you enter is different from the input segment duration, MediaPackage rounds segments to the nearest multiple of the input segment duration.

*/ segmentDurationSeconds?: pulumi.Input; /** *

The name that describes the segment. The name is the base name of the segment used in all content manifests inside of the endpoint. You can't use spaces in the name.

*/ segmentName?: pulumi.Input; /** *

By default, MediaPackage excludes all digital video broadcasting (DVB) subtitles from the output. When selected, MediaPackage passes through DVB subtitles into the output.

*/ tsIncludeDvbSubtitles?: pulumi.Input; /** *

When selected, MediaPackage bundles all audio tracks in a rendition group. All other tracks in the stream can be used with any audio rendition from the group.

*/ tsUseAudioRenditionGroup?: pulumi.Input; } /** *

The parameters for the SPEKE key provider.

*/ interface OriginEndpointSpekeKeyProviderArgs { /** *

The ARN for the certificate that you imported to AWS Certificate Manager to add content key encryption to this endpoint. For this feature to work, your DRM key provider must support content key encryption.

*/ certificateArn?: pulumi.Input; /** *

The DRM solution provider you're using to protect your content during distribution.

*/ drmSystems: pulumi.Input[]>; /** * The encryption contract configuration associated with the SPEKE key provider. */ encryptionContractConfiguration: pulumi.Input; /** *

The unique identifier for the content. The service sends this to the key server to identify the current endpoint. How unique you make this depends on how fine-grained you want access controls to be. The service does not permit you to use the same ID for two simultaneous encryption processes. The resource ID is also known as the content ID.

The following example shows a resource ID: MovieNight20171126093045

*/ resourceId: pulumi.Input; /** *

The ARN for the IAM role granted by the key provider that provides access to the key provider API. This role must have a trust policy that allows MediaPackage to assume the role, and it must have a sufficient permissions policy to allow access to the specific key retrieval URL. Get this from your DRM solution provider.

Valid format: arn:aws:iam::{accountID}:role/{name}. The following example shows a role ARN: arn:aws:iam::444455556666:role/SpekeAccess

*/ roleArn: pulumi.Input; /** *

The URL of the API Gateway proxy that you set up to talk to your key server. The API Gateway proxy must reside in the same AWS Region as MediaPackage and must start with https://.

The following example shows a URL: https://1wm2dx1f33.execute-api.us-west-2.amazonaws.com/SpekeSample/copyProtection

*/ url: pulumi.Input; } /** *

To insert an EXT-X-START tag in your HLS playlist, specify a StartTag configuration object with a valid TimeOffset. When you do, you can also optionally specify whether to include a PRECISE value in the EXT-X-START tag.

*/ interface OriginEndpointStartTagArgs { /** *

Specify the value for PRECISE within your EXT-X-START tag. Leave blank, or choose false, to use the default value NO. Choose yes to use the value YES.

*/ precise?: pulumi.Input; /** *

Specify the value for TIME-OFFSET within your EXT-X-START tag. Enter a signed floating point value which, if positive, must be less than the configured manifest duration minus three times the configured segment target duration. If negative, the absolute value must be larger than three times the configured segment target duration, and the absolute value must be smaller than the configured manifest duration.

*/ timeOffset: pulumi.Input; } } export declare namespace mediatailor { /** *

Dash manifest configuration parameters.

*/ interface ChannelDashPlaylistSettingsArgs { /** *

The total duration (in seconds) of each manifest. Minimum value: 30 seconds. Maximum value: 3600 seconds.

*/ manifestWindowSeconds?: pulumi.Input; /** *

Minimum amount of content (measured in seconds) that a player must keep available in the buffer. Minimum value: 2 seconds. Maximum value: 60 seconds.

*/ minBufferTimeSeconds?: pulumi.Input; /** *

Minimum amount of time (in seconds) that the player should wait before requesting updates to the manifest. Minimum value: 2 seconds. Maximum value: 60 seconds.

*/ minUpdatePeriodSeconds?: pulumi.Input; /** *

Amount of time (in seconds) that the player should be from the live point at the end of the manifest. Minimum value: 2 seconds. Maximum value: 60 seconds.

*/ suggestedPresentationDelaySeconds?: pulumi.Input; } /** *

HLS playlist configuration parameters.

*/ interface ChannelHlsPlaylistSettingsArgs { /** *

Determines the type of SCTE 35 tags to use in ad markup. Specify DATERANGE to use DATERANGE tags (for live or VOD content). Specify SCTE35_ENHANCED to use EXT-X-CUE-OUT and EXT-X-CUE-IN tags (for VOD content only).

*/ adMarkupType?: pulumi.Input[]>; /** *

The total duration (in seconds) of each manifest. Minimum value: 30 seconds. Maximum value: 3600 seconds.

*/ manifestWindowSeconds?: pulumi.Input; } /** *

The log configuration for the channel.

*/ interface ChannelLogConfigurationForChannelArgs { /** *

The log types.

*/ logTypes?: pulumi.Input[]>; } /** *

The output configuration for this channel.

*/ interface ChannelRequestOutputItemArgs { /** * DASH manifest configuration parameters. */ dashPlaylistSettings?: pulumi.Input; /** * HLS playlist configuration parameters. */ hlsPlaylistSettings?: pulumi.Input; /** *

The name of the manifest for the channel. The name appears in the PlaybackUrl.

*/ manifestName: pulumi.Input; /** *

A string used to match which HttpPackageConfiguration is used for each VodSource.

*/ sourceGroup: pulumi.Input; } /** *

Slate VOD source configuration.

*/ interface ChannelSlateSourceArgs { /** *

The name of the source location where the slate VOD source is stored.

*/ sourceLocationName?: pulumi.Input; /** *

The slate VOD source name. The VOD source must already exist in a source location before it can be used for slate.

*/ vodSourceName?: pulumi.Input; } /** *

The configuration for time-shifted viewing.

*/ interface ChannelTimeShiftConfigurationArgs { /** *

The maximum time delay for time-shifted viewing. The minimum allowed maximum time delay is 0 seconds, and the maximum allowed maximum time delay is 21600 seconds (6 hours).

*/ maxTimeDelaySeconds: pulumi.Input; } /** *

The HTTP package configuration properties for the requested VOD source.

*/ interface LiveSourceHttpPackageConfigurationArgs { /** *

The relative path to the URL for this VOD source. This is combined with SourceLocation::HttpConfiguration::BaseUrl to form a valid URL.

*/ path: pulumi.Input; /** *

The name of the source group. This has to match one of the Channel::Outputs::SourceGroup.

*/ sourceGroup: pulumi.Input; /** * The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` . */ type: pulumi.Input; } /** *

The setting that indicates what conditioning MediaTailor will perform on ads that the ad decision server (ADS) returns.

*/ interface PlaybackConfigurationAdConditioningConfigurationArgs { /** * For ads that have media files with streaming delivery and supported file extensions, indicates what transcoding action MediaTailor takes when it first receives these ads from the ADS. `TRANSCODE` indicates that MediaTailor must transcode the ads. `NONE` indicates that you have already transcoded the ads outside of MediaTailor and don't need them transcoded as part of the ad insertion workflow. For more information about ad conditioning see [Using preconditioned ads](https://docs.aws.amazon.com/mediatailor/latest/ug/precondition-ads.html) in the AWS Elemental MediaTailor user guide. */ streamingMediaFileConditioning: pulumi.Input; } /** * The configuration for the request to the specified Ad Decision Server URL. */ interface PlaybackConfigurationAdDecisionServerConfigurationArgs { httpRequest: pulumi.Input; } /** * For HLS, when set to true, MediaTailor passes through EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 ad markers from the origin manifest to the MediaTailor personalized manifest. No logic is applied to these ad markers. For example, if EXT-X-CUE-OUT has a value of 60, but no ads are filled for that ad break, MediaTailor will not set the value to 0. */ interface PlaybackConfigurationAdMarkerPassthroughArgs { /** * Enables ad marker passthrough for your configuration. */ enabled?: pulumi.Input; } interface PlaybackConfigurationAdsInteractionLogArgs { /** * Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration. */ excludeEventTypes?: pulumi.Input[]>; /** * Indicates that MediaTailor emits RAW_ADS_RESPONSE logs for playback sessions that are initialized with this configuration. */ publishOptInEventTypes?: pulumi.Input[]>; } /** * The configuration for avail suppression, also known as ad suppression. For more information about ad suppression, see Ad Suppression (https://docs.aws.amazon.com/mediatailor/latest/ug/ad-behavior.html). */ interface PlaybackConfigurationAvailSuppressionArgs { /** * Defines the policy to apply to the avail suppression mode. BEHIND_LIVE_EDGE will always use the full avail suppression policy. AFTER_LIVE_EDGE mode can be used to invoke partial ad break fills when a session starts mid-break. Valid values are FULL_AVAIL_ONLY and PARTIAL_AVAIL */ fillPolicy?: pulumi.Input; /** * Sets the ad suppression mode. By default, ad suppression is off and all ad breaks are filled with ads or slate. When Mode is set to BEHIND_LIVE_EDGE, ad suppression is active and MediaTailor won't fill ad breaks on or behind the ad suppression Value time in the manifest lookback window. When Mode is set to AFTER_LIVE_EDGE, ad suppression is active and MediaTailor won't fill ad breaks that are within the live edge plus the avail suppression value. */ mode?: pulumi.Input; /** * A live edge offset time in HH:MM:SS. MediaTailor won't fill ad breaks on or behind this time in the manifest lookback window. If Value is set to 00:00:00, it is in sync with the live edge, and MediaTailor won't fill any ad breaks on or behind the live edge. If you set a Value time, MediaTailor won't fill any ad breaks on or behind this time in the manifest lookback window. For example, if you set 00:45:00, then MediaTailor will fill ad breaks that occur within 45 minutes behind the live edge, but won't fill ad breaks on or behind 45 minutes behind the live edge. */ value?: pulumi.Input; } /** * The configuration for bumpers. Bumpers are short audio or video clips that play at the start or before the end of an ad break. To learn more about bumpers, see Bumpers (https://docs.aws.amazon.com/mediatailor/latest/ug/bumpers.html). */ interface PlaybackConfigurationBumperArgs { /** * The URL for the end bumper asset. */ endUrl?: pulumi.Input; /** * The URL for the start bumper asset. */ startUrl?: pulumi.Input; } /** * The configuration for using a content delivery network (CDN), like Amazon CloudFront, for content and ad segment management. */ interface PlaybackConfigurationCdnConfigurationArgs { /** * A non-default content delivery network (CDN) to serve ad segments. By default, AWS Elemental MediaTailor uses Amazon CloudFront with default cache settings as its CDN for ad segments. To set up an alternate CDN, create a rule in your CDN for the origin ads.mediatailor.<region>.amazonaws.com. Then specify the rule's name in this AdSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for ad segments. */ adSegmentUrlPrefix?: pulumi.Input; /** * A content delivery network (CDN) to cache content segments, so that content requests don't always have to go to the origin server. First, create a rule in your CDN for the content segment origin server. Then specify the rule's name in this ContentSegmentUrlPrefix. When AWS Elemental MediaTailor serves a manifest, it reports your CDN as the source for content segments. */ contentSegmentUrlPrefix?: pulumi.Input; } /** * The configuration for DASH PUT operations. */ interface PlaybackConfigurationDashConfigurationArgs { /** * The URL generated by MediaTailor to initiate a DASH playback session. The session uses server-side reporting. */ manifestEndpointPrefix?: pulumi.Input; /** * The setting that controls whether MediaTailor includes the Location tag in DASH manifests. MediaTailor populates the Location tag with the URL for manifest update requests, to be used by players that don't support sticky redirects. Disable this if you have CDN routing rules set up for accessing MediaTailor manifests, and you are either using client-side reporting or your players support sticky HTTP redirects. Valid values are DISABLED and EMT_DEFAULT. The EMT_DEFAULT setting enables the inclusion of the tag and is the default value. */ mpdLocation?: pulumi.Input; /** * The setting that controls whether MediaTailor handles manifests from the origin server as multi-period manifests or single-period manifests. If your origin server produces single-period manifests, set this to SINGLE_PERIOD. The default setting is MULTI_PERIOD. For multi-period manifests, omit this setting or set it to MULTI_PERIOD. */ originManifestType?: pulumi.Input; } interface PlaybackConfigurationHlsConfigurationArgs { /** * The URL that is used to initiate a playback session for devices that support Apple HLS. The session uses server-side reporting. */ manifestEndpointPrefix?: pulumi.Input; } /** * The configuration for the request to the Ad Decision Server URL. */ interface PlaybackConfigurationHttpRequestArgs { /** * The body of the request to the Ad Decision Server URL. The maximum length is 100,000 characters. */ body?: pulumi.Input; /** * The compression type of the request sent to the Ad Decision Server URL. Only the POST HTTP Method permits compression other than NONE. */ compressRequest?: pulumi.Input; headers?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Supported HTTP Methods for the request to the Ad Decision Server URL. */ httpMethod?: pulumi.Input; } /** * The configuration for pre-roll ad insertion. */ interface PlaybackConfigurationLivePreRollConfigurationArgs { /** * The URL for the ad decision server (ADS) for pre-roll ads. This includes the specification of static parameters and placeholders for dynamic parameters. AWS Elemental MediaTailor substitutes player-specific and session-specific parameters as needed when calling the ADS. Alternately, for testing, you can provide a static VAST URL. The maximum length is 25,000 characters. */ adDecisionServerUrl?: pulumi.Input; /** * The maximum allowed duration for the pre-roll ad avail. AWS Elemental MediaTailor won't play pre-roll ads to exceed this duration, regardless of the total duration of ads that the ADS returns. */ maxDurationSeconds?: pulumi.Input; } interface PlaybackConfigurationLogConfigurationArgs { /** * The event types that MediaTailor emits in logs for interactions with the ADS. */ adsInteractionLog?: pulumi.Input; /** * The method used for collecting logs from AWS Elemental MediaTailor. To configure MediaTailor to send logs directly to Amazon CloudWatch Logs, choose LEGACY_CLOUDWATCH. To configure MediaTailor to send logs to CloudWatch, which then vends the logs to your destination of choice, choose VENDED_LOGS. Supported destinations are CloudWatch Logs log group, Amazon S3 bucket, and Amazon Data Firehose stream. To use vended logs, you must configure the delivery destination in Amazon CloudWatch */ enabledLoggingStrategies?: pulumi.Input[]>; /** * The event types that MediaTailor emits in logs for interactions with the origin server. */ manifestServiceInteractionLog?: pulumi.Input; /** * The percentage of session logs that MediaTailor sends to your CloudWatch Logs account. For example, if your playback configuration has 1000 sessions and percentEnabled is set to 60, MediaTailor sends logs for 600 of the sessions to CloudWatch Logs. MediaTailor decides at random which of the playback configuration sessions to send logs for. If you want to view logs for a specific session, you can use the debug log mode. */ percentEnabled: pulumi.Input; } /** * The configuration for manifest processing rules. Manifest processing rules enable customization of the personalized manifests created by MediaTailor. */ interface PlaybackConfigurationManifestProcessingRulesArgs { /** * For HLS, when set to true, MediaTailor passes through EXT-X-CUE-IN, EXT-X-CUE-OUT, and EXT-X-SPLICEPOINT-SCTE35 ad markers from the origin manifest to the MediaTailor personalized manifest. No logic is applied to these ad markers. For example, if EXT-X-CUE-OUT has a value of 60, but no ads are filled for that ad break, MediaTailor will not set the value to 0. */ adMarkerPassthrough?: pulumi.Input; } interface PlaybackConfigurationManifestServiceInteractionLogArgs { /** * Indicates that MediaTailor won't emit the selected events in the logs for playback sessions that are initialized with this configuration. */ excludeEventTypes?: pulumi.Input[]>; } /** *

Access configuration parameters.

*/ interface SourceLocationAccessConfigurationArgs { /** * The type of authentication used to access content from `HttpConfiguration::BaseUrl` on your source location. Accepted value: `S3_SIGV4` . * * `S3_SIGV4` - AWS Signature Version 4 authentication for Amazon S3 hosted virtual-style access. If your source location base URL is an Amazon S3 bucket, MediaTailor can use AWS Signature Version 4 (SigV4) authentication to access the bucket where your source content is stored. Your MediaTailor source location baseURL must follow the S3 virtual hosted-style request URL format. For example, https://bucket-name.s3.Region.amazonaws.com/key-name. * * Before you can use `S3_SIGV4` , you must meet these requirements: * * • You must allow MediaTailor to access your S3 bucket by granting mediatailor.amazonaws.com principal access in IAM. For information about configuring access in IAM, see Access management in the IAM User Guide. * * • The mediatailor.amazonaws.com service principal must have permissions to read all top level manifests referenced by the VodSource packaging configurations. * * • The caller of the API must have s3:GetObject IAM permissions to read all top level manifests referenced by your MediaTailor VodSource packaging configurations. */ accessType?: pulumi.Input; /** * AWS Secrets Manager access token configuration parameters. */ secretsManagerAccessTokenConfiguration?: pulumi.Input; } /** *

The optional configuration for a server that serves segments. Use this if you want the segment delivery server to be different from the source location server. For example, you can configure your source location server to be an origination server, such as MediaPackage, and the segment delivery server to be a content delivery network (CDN), such as CloudFront. If you don't specify a segment delivery server, then the source location server is used.

*/ interface SourceLocationDefaultSegmentDeliveryConfigurationArgs { /** *

The hostname of the server that will be used to serve segments. This string must include the protocol, such as https://.

*/ baseUrl?: pulumi.Input; } /** *

The HTTP configuration for the source location.

*/ interface SourceLocationHttpConfigurationArgs { /** *

The base URL for the source location host server. This string must include the protocol, such as https://.

*/ baseUrl: pulumi.Input; } /** *

AWS Secrets Manager access token configuration parameters. For information about Secrets Manager access token authentication, see Working with AWS Secrets Manager access token authentication.

*/ interface SourceLocationSecretsManagerAccessTokenConfigurationArgs { /** *

The name of the HTTP header used to supply the access token in requests to the source location.

*/ headerName?: pulumi.Input; /** *

The Amazon Resource Name (ARN) of the AWS Secrets Manager secret that contains the access token.

*/ secretArn?: pulumi.Input; /** *

The AWS Secrets Manager SecretString key associated with the access token. MediaTailor uses the key to look up SecretString key and value pair containing the access token.

*/ secretStringKey?: pulumi.Input; } /** *

The segment delivery configuration settings.

*/ interface SourceLocationSegmentDeliveryConfigurationArgs { /** *

The base URL of the host or path of the segment delivery server that you're using to serve segments. This is typically a content delivery network (CDN). The URL can be absolute or relative. To use an absolute URL include the protocol, such as https://example.com/some/path. To use a relative URL specify the relative path, such as /some/path*.

*/ baseUrl?: pulumi.Input; /** *

A unique identifier used to distinguish between multiple segment delivery configurations in a source location.

*/ name?: pulumi.Input; } /** *

The HTTP package configuration properties for the requested VOD source.

*/ interface VodSourceHttpPackageConfigurationArgs { /** *

The relative path to the URL for this VOD source. This is combined with SourceLocation::HttpConfiguration::BaseUrl to form a valid URL.

*/ path: pulumi.Input; /** *

The name of the source group. This has to match one of the Channel::Outputs::SourceGroup.

*/ sourceGroup: pulumi.Input; /** * The streaming protocol for this package configuration. Supported values are `HLS` and `DASH` . */ type: pulumi.Input; } } export declare namespace memorydb { /** * Denotes whether the user requires a password to authenticate. * * *Example:* * * `mynewdbuser: Type: AWS::MemoryDB::User Properties: AccessString: on ~* &* +@all AuthenticationMode: Passwords: '1234567890123456' Type: password UserName: mynewdbuser AuthenticationMode: { "Passwords": ["1234567890123456"], "Type": "Password" }` */ interface AuthenticationModePropertiesArgs { /** * Passwords used for this user account. You can create up to two passwords for each user. */ passwords?: pulumi.Input[]>; /** * Type of authentication strategy for this user. */ type?: pulumi.Input; } interface ClusterEndpointArgs { /** * The DNS address of the primary read-write node. */ address?: pulumi.Input; /** * The port number that the engine is listening on. */ port?: pulumi.Input; } } export declare namespace msk { interface ClusterBrokerLogsArgs { cloudWatchLogs?: pulumi.Input; /** * Details of the Kinesis Data Firehose delivery stream that is the destination for broker logs. */ firehose?: pulumi.Input; /** * Details of the Amazon S3 destination for broker logs. */ s3?: pulumi.Input; } interface ClusterBrokerNodeGroupInfoArgs { /** * This parameter is currently not in use. */ brokerAzDistribution?: pulumi.Input; /** * The list of subnets to connect to in the client virtual private cloud (VPC). Amazon creates elastic network interfaces (ENIs) inside these subnets. Client applications use ENIs to produce and consume data. * * If you use the US West (N. California) Region, specify exactly two subnets. For other Regions where Amazon MSK is available, you can specify either two or three subnets. The subnets that you specify must be in distinct Availability Zones. When you create a cluster, Amazon MSK distributes the broker nodes evenly across the subnets that you specify. * * Client subnets can't occupy the Availability Zone with ID `use1-az3` . */ clientSubnets: pulumi.Input[]>; /** * Information about the cluster's connectivity setting. */ connectivityInfo?: pulumi.Input; /** * The type of Amazon EC2 instances to use for brokers. Depending on the [broker type](https://docs.aws.amazon.com/msk/latest/developerguide/broker-instance-types.html) , Amazon MSK supports the following broker sizes: * * *Standard broker sizes* * * - kafka.t3.small * * > You can't select the kafka.t3.small instance type when the metadata mode is KRaft. * - kafka.m5.large, kafka.m5.xlarge, kafka.m5.2xlarge, kafka.m5.4xlarge, kafka.m5.8xlarge, kafka.m5.12xlarge, kafka.m5.16xlarge, kafka.m5.24xlarge * - kafka.m7g.large, kafka.m7g.xlarge, kafka.m7g.2xlarge, kafka.m7g.4xlarge, kafka.m7g.8xlarge, kafka.m7g.12xlarge, kafka.m7g.16xlarge * * *Express broker sizes* * * - express.m7g.large, express.m7g.xlarge, express.m7g.2xlarge, express.m7g.4xlarge, express.m7g.8xlarge, express.m7g.12xlarge, express.m7g.16xlarge * * > Some broker sizes might not be available in certian AWS Regions. See the updated [Pricing tools](https://docs.aws.amazon.com/msk/pricing/) section on the Amazon MSK pricing page for the latest list of available instances by Region. */ instanceType: pulumi.Input; /** * The security groups to associate with the ENIs in order to specify who can connect to and communicate with the Amazon MSK cluster. If you don't specify a security group, Amazon MSK uses the default security group associated with the VPC. If you specify security groups that were shared with you, you must ensure that you have permissions to them. Specifically, you need the `ec2:DescribeSecurityGroups` permission. */ securityGroups?: pulumi.Input[]>; /** * Contains information about storage volumes attached to Amazon MSK broker nodes. */ storageInfo?: pulumi.Input; } interface ClusterClientAuthenticationArgs { /** * Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true. */ sasl?: pulumi.Input; /** * Details for ClientAuthentication using TLS. To turn on TLS access control, you must also turn on `EncryptionInTransit` by setting `inCluster` to true and `clientBroker` to `TLS` . */ tls?: pulumi.Input; /** * Details for ClientAuthentication using no authentication. */ unauthenticated?: pulumi.Input; } interface ClusterCloudWatchLogsArgs { /** * Specifies whether broker logs get sent to the specified CloudWatch Logs destination. */ enabled: pulumi.Input; /** * The CloudWatch log group that is the destination for broker logs. */ logGroup?: pulumi.Input; } interface ClusterConfigurationInfoArgs { /** * ARN of the configuration to use. */ arn: pulumi.Input; /** * The revision of the configuration to use. */ revision: pulumi.Input; } interface ClusterConnectivityInfoArgs { networkType?: pulumi.Input; /** * Access control settings for the cluster's brokers. */ publicAccess?: pulumi.Input; /** * VPC connection control settings for brokers. */ vpcConnectivity?: pulumi.Input; } interface ClusterEbsStorageInfoArgs { /** * EBS volume provisioned throughput information. */ provisionedThroughput?: pulumi.Input; /** * The size in GiB of the EBS volume for the data drive on each broker node. */ volumeSize?: pulumi.Input; } interface ClusterEncryptionAtRestArgs { /** * The ARN of the Amazon KMS key for encrypting data at rest. If you don't specify a KMS key, MSK creates one for you and uses it. */ dataVolumeKmsKeyId: pulumi.Input; } interface ClusterEncryptionInTransitArgs { /** * Indicates the encryption setting for data in transit between clients and brokers. You must set it to one of the following values. * * - `TLS` : Indicates that client-broker communication is enabled with TLS only. * - `TLS_PLAINTEXT` : Indicates that client-broker communication is enabled for both TLS-encrypted, as well as plaintext data. * - `PLAINTEXT` : Indicates that client-broker communication is enabled in plaintext only. * * The default value is `TLS` . */ clientBroker?: pulumi.Input; /** * When set to true, it indicates that data communication among the broker nodes of the cluster is encrypted. When set to false, the communication happens in plaintext. * * The default value is true. */ inCluster?: pulumi.Input; } interface ClusterEncryptionInfoArgs { /** * The data-volume encryption details. */ encryptionAtRest?: pulumi.Input; /** * The details for encryption in transit. */ encryptionInTransit?: pulumi.Input; } interface ClusterFirehoseArgs { /** * The Kinesis Data Firehose delivery stream that is the destination for broker logs. */ deliveryStream?: pulumi.Input; /** * Specifies whether broker logs get send to the specified Kinesis Data Firehose delivery stream. */ enabled: pulumi.Input; } interface ClusterIamArgs { /** * SASL/IAM authentication is enabled or not. */ enabled: pulumi.Input; } interface ClusterJmxExporterArgs { /** * Indicates whether you want to enable or disable the JMX Exporter. */ enabledInBroker: pulumi.Input; } interface ClusterLoggingInfoArgs { /** * You can configure your MSK cluster to send broker logs to different destination types. This configuration specifies the details of these destinations. */ brokerLogs: pulumi.Input; } interface ClusterNodeExporterArgs { /** * Indicates whether you want to enable or disable the Node Exporter. */ enabledInBroker: pulumi.Input; } interface ClusterOpenMonitoringArgs { /** * Prometheus exporter settings. */ prometheus: pulumi.Input; } interface ClusterPrometheusArgs { /** * Indicates whether you want to enable or disable the JMX Exporter. */ jmxExporter?: pulumi.Input; /** * Indicates whether you want to enable or disable the Node Exporter. */ nodeExporter?: pulumi.Input; } interface ClusterProvisionedThroughputArgs { /** * Provisioned throughput is on or off. */ enabled?: pulumi.Input; /** * Throughput value of the EBS volumes for the data drive on each kafka broker node in MiB per second. */ volumeThroughput?: pulumi.Input; } interface ClusterPublicAccessArgs { /** * DISABLED means that public access is turned off. SERVICE_PROVIDED_EIPS means that public access is turned on. */ type?: pulumi.Input; } interface ClusterRebalancingArgs { status: pulumi.Input; } interface ClusterS3Args { /** * The name of the S3 bucket that is the destination for broker logs. */ bucket?: pulumi.Input; /** * Specifies whether broker logs get sent to the specified Amazon S3 destination. */ enabled: pulumi.Input; /** * The S3 prefix that is the destination for broker logs. */ prefix?: pulumi.Input; } interface ClusterSaslArgs { /** * Details for ClientAuthentication using IAM. */ iam?: pulumi.Input; /** * Details for SASL/SCRAM client authentication. */ scram?: pulumi.Input; } interface ClusterScramArgs { /** * SASL/SCRAM authentication is enabled or not. */ enabled: pulumi.Input; } interface ClusterStorageInfoArgs { /** * EBS volume information. */ ebsStorageInfo?: pulumi.Input; } interface ClusterTlsArgs { /** * List of AWS Private CA ARNs. */ certificateAuthorityArnList?: pulumi.Input[]>; /** * TLS authentication is enabled or not. */ enabled?: pulumi.Input; } interface ClusterUnauthenticatedArgs { /** * Unauthenticated is enabled or not. */ enabled: pulumi.Input; } interface ClusterVpcConnectivityArgs { /** * VPC connection control settings for brokers. */ clientAuthentication?: pulumi.Input; } interface ClusterVpcConnectivityClientAuthenticationArgs { /** * Details for VpcConnectivity ClientAuthentication using SASL. */ sasl?: pulumi.Input; /** * Details for VpcConnectivity ClientAuthentication using TLS. */ tls?: pulumi.Input; } interface ClusterVpcConnectivityIamArgs { /** * SASL/IAM authentication is enabled or not. */ enabled: pulumi.Input; } interface ClusterVpcConnectivitySaslArgs { /** * Details for ClientAuthentication using IAM for VpcConnectivity. */ iam?: pulumi.Input; /** * Details for SASL/SCRAM client authentication for VpcConnectivity. */ scram?: pulumi.Input; } interface ClusterVpcConnectivityScramArgs { /** * SASL/SCRAM authentication is enabled or not. */ enabled: pulumi.Input; } interface ClusterVpcConnectivityTlsArgs { /** * TLS authentication is enabled or not. */ enabled: pulumi.Input; } interface ConfigurationLatestRevisionArgs { /** * The time when the configuration revision was created. */ creationTime?: pulumi.Input; /** * The description of the configuration revision. */ description?: pulumi.Input; /** * The revision number. */ revision?: pulumi.Input; } /** * Configuration for log delivery for the replicator. */ interface LogDeliveryArgs { /** * The replicator logs configuration. */ replicatorLogDelivery?: pulumi.Input; } /** * Details of an Amazon MSK cluster. */ interface ReplicatorAmazonMskClusterArgs { /** * The ARN of an Amazon MSK cluster. */ mskClusterArn: pulumi.Input; } /** * Details of an Apache Kafka cluster. */ interface ReplicatorApacheKafkaClusterArgs { /** * The ID of the Apache Kafka cluster. */ apacheKafkaClusterId: pulumi.Input; /** * The bootstrap broker string of the Apache Kafka cluster. */ bootstrapBrokerString: pulumi.Input; } /** * Details about delivering logs to CloudWatch Logs. */ interface ReplicatorCloudWatchLogsArgs { /** * Whether log delivery to CloudWatch Logs is enabled. */ enabled: pulumi.Input; /** * The CloudWatch log group that is the destination for log delivery. */ logGroup?: pulumi.Input; } /** * Configuration relating to consumer group replication. */ interface ReplicatorConsumerGroupReplicationArgs { /** * The consumer group offset synchronization mode. */ consumerGroupOffsetSyncMode?: pulumi.Input; /** * List of regular expression patterns indicating the consumer groups that should not be replicated. */ consumerGroupsToExclude?: pulumi.Input[]>; /** * List of regular expression patterns indicating the consumer groups to copy. */ consumerGroupsToReplicate: pulumi.Input[]>; /** * Whether to periodically check for new consumer groups. */ detectAndCopyNewConsumerGroups?: pulumi.Input; /** * Whether to periodically write the translated offsets to __consumer_offsets topic in target cluster. */ synchroniseConsumerGroupOffsets?: pulumi.Input; } /** * Details about delivering logs to Firehose. */ interface ReplicatorFirehoseArgs { /** * The Firehose delivery stream that is the destination for log delivery. */ deliveryStream?: pulumi.Input; /** * Whether log delivery to Firehose is enabled. */ enabled: pulumi.Input; } /** * Details of a Kafka cluster for replication. */ interface ReplicatorKafkaClusterArgs { /** * Details of an Amazon MSK cluster. */ amazonMskCluster?: pulumi.Input; /** * Details of an Apache Kafka cluster. */ apacheKafkaCluster?: pulumi.Input; /** * Details of the client authentication used by the Apache Kafka cluster. */ clientAuthentication?: pulumi.Input; /** * Details of encryption in transit to the Apache Kafka cluster. */ encryptionInTransit?: pulumi.Input; /** * Details of an Amazon VPC which has network connectivity to the Apache Kafka cluster. */ vpcConfig?: pulumi.Input; } /** * Details of the client authentication used by the Apache Kafka cluster. */ interface ReplicatorKafkaClusterClientAuthenticationArgs { /** * Details for SASL/SCRAM client authentication. */ saslScram: pulumi.Input; } /** * Details of an Amazon VPC which has network connectivity to the Kafka cluster. */ interface ReplicatorKafkaClusterClientVpcConfigArgs { /** * The AWS security groups to associate with the elastic network interfaces in order to specify what the replicator has access to. If a security group is not specified, the default security group associated with the VPC is used. */ securityGroupIds?: pulumi.Input[]>; /** * The list of subnets to connect to in the virtual private cloud (VPC). AWS creates elastic network interfaces inside these subnets. */ subnetIds: pulumi.Input[]>; } /** * Details of encryption in transit to the Apache Kafka cluster. */ interface ReplicatorKafkaClusterEncryptionInTransitArgs { /** * The type of encryption in transit to the Apache Kafka cluster. */ encryptionType: pulumi.Input; /** * The root CA certificate. */ rootCaCertificate?: pulumi.Input; } /** * Details for SASL/SCRAM client authentication. */ interface ReplicatorKafkaClusterSaslScramAuthenticationArgs { /** * The SASL/SCRAM authentication mechanism. */ mechanism: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Secrets Manager secret. */ secretArn: pulumi.Input; } /** * Details of the log delivery for the replicator. */ interface ReplicatorLogDeliveryArgs { /** * Details of the CloudWatch Logs destination for replicator logs. */ cloudWatchLogs?: pulumi.Input; /** * Details of the Kinesis Data Firehose delivery stream that is the destination for replicator logs. */ firehose?: pulumi.Input; /** * Details of the Amazon S3 destination for replicator logs. */ s3?: pulumi.Input; } /** * Specifies configuration for replication between a source and target Kafka cluster. */ interface ReplicatorReplicationInfoArgs { /** * Configuration relating to consumer group replication. */ consumerGroupReplication: pulumi.Input; /** * Amazon Resource Name of the source Kafka cluster. */ sourceKafkaClusterArn?: pulumi.Input; /** * The ID of the source Kafka cluster. */ sourceKafkaClusterId?: pulumi.Input; /** * The type of compression to use writing records to target Kafka cluster. */ targetCompressionType: pulumi.Input; /** * Amazon Resource Name of the target Kafka cluster. */ targetKafkaClusterArn?: pulumi.Input; /** * The ID of the target Kafka cluster. */ targetKafkaClusterId?: pulumi.Input; /** * Configuration relating to topic replication. */ topicReplication: pulumi.Input; } /** * Configuration for specifying the position in the topics to start replicating from. */ interface ReplicatorReplicationStartingPositionArgs { /** * The type of replication starting position. */ type?: pulumi.Input; } /** * Configuration for specifying replicated topic names should be the same as their corresponding upstream topics or prefixed with source cluster alias. */ interface ReplicatorReplicationTopicNameConfigurationArgs { /** * The type of replication topic name configuration, identical to upstream topic name or prefixed with source cluster alias. */ type?: pulumi.Input; } /** * Details about delivering logs to S3. */ interface ReplicatorS3Args { /** * The S3 bucket that is the destination for log delivery. */ bucket?: pulumi.Input; /** * Whether log delivery to S3 is enabled. */ enabled: pulumi.Input; /** * The S3 prefix that is the destination for log delivery. */ prefix?: pulumi.Input; } interface ReplicatorTopicReplicationArgs { /** * Whether to periodically configure remote topic ACLs to match their corresponding upstream topics. */ copyAccessControlListsForTopics?: pulumi.Input; /** * Whether to periodically configure remote topics to match their corresponding upstream topics. */ copyTopicConfigurations?: pulumi.Input; /** * Whether to periodically check for new topics and partitions. */ detectAndCopyNewTopics?: pulumi.Input; /** * Configuration for specifying the position in the topics to start replicating from. */ startingPosition?: pulumi.Input; /** * Configuration for specifying replicated topic names should be the same as their corresponding upstream topics or prefixed with source cluster alias. */ topicNameConfiguration?: pulumi.Input; /** * List of regular expression patterns indicating the topics that should not be replicated. */ topicsToExclude?: pulumi.Input[]>; /** * List of regular expression patterns indicating the topics to copy. */ topicsToReplicate: pulumi.Input[]>; } interface ServerlessClusterClientAuthenticationArgs { /** * Details for client authentication using SASL. To turn on SASL, you must also turn on `EncryptionInTransit` by setting `inCluster` to true. You must set `clientBroker` to either `TLS` or `TLS_PLAINTEXT` . If you choose `TLS_PLAINTEXT` , then you must also set `unauthenticated` to true. */ sasl: pulumi.Input; } interface ServerlessClusterIamArgs { /** * SASL/IAM authentication is enabled or not. */ enabled: pulumi.Input; } interface ServerlessClusterSaslArgs { /** * Details for ClientAuthentication using IAM. */ iam: pulumi.Input; } interface ServerlessClusterVpcConfigArgs { securityGroups?: pulumi.Input[]>; subnetIds: pulumi.Input[]>; } } export declare namespace mwaa { /** * Logging configuration for the environment. */ interface EnvironmentLoggingConfigurationArgs { /** * Defines the processing logs sent to CloudWatch Logs and the logging level to send. */ dagProcessingLogs?: pulumi.Input; /** * Defines the scheduler logs sent to CloudWatch Logs and the logging level to send. */ schedulerLogs?: pulumi.Input; /** * Defines the task logs sent to CloudWatch Logs and the logging level to send. */ taskLogs?: pulumi.Input; /** * Defines the web server logs sent to CloudWatch Logs and the logging level to send. */ webserverLogs?: pulumi.Input; /** * Defines the worker logs sent to CloudWatch Logs and the logging level to send. */ workerLogs?: pulumi.Input; } /** * Logging configuration for a specific airflow component. */ interface EnvironmentModuleLoggingConfigurationArgs { /** * The ARN of the CloudWatch Logs log group for each type of Apache Airflow log type that you have enabled. * * > `CloudWatchLogGroupArn` is available only as a return value, accessible when specified as an attribute in the [`Fn:GetAtt`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-mwaa-environment.html#aws-resource-mwaa-environment-return-values) intrinsic function. Any value you provide for `CloudWatchLogGroupArn` is discarded by Amazon MWAA. */ cloudWatchLogGroupArn?: pulumi.Input; /** * Indicates whether to enable the Apache Airflow log type (e.g. `DagProcessingLogs` ) in CloudWatch Logs. */ enabled?: pulumi.Input; /** * Defines the Apache Airflow logs to send for the log type (e.g. `DagProcessingLogs` ) to CloudWatch Logs. */ logLevel?: pulumi.Input; } /** * Configures the network resources of the environment. */ interface EnvironmentNetworkConfigurationArgs { /** * A list of security groups to use for the environment. */ securityGroupIds?: pulumi.Input[]>; /** * A list of subnets to use for the environment. These must be private subnets, in the same VPC, in two different availability zones. */ subnetIds?: pulumi.Input[]>; } } export declare namespace mwaaserverless { interface WorkflowEncryptionConfigurationArgs { kmsKeyId?: pulumi.Input; type: pulumi.Input; } interface WorkflowLoggingConfigurationArgs { logGroupName: pulumi.Input; } interface WorkflowNetworkConfigurationArgs { securityGroupIds?: pulumi.Input[]>; subnetIds?: pulumi.Input[]>; } interface WorkflowS3LocationArgs { bucket: pulumi.Input; objectKey: pulumi.Input; versionId?: pulumi.Input; } } export declare namespace neptune { /** * Describes an AWS Identity and Access Management (IAM) role that is associated with a DB cluster. */ interface DbClusterDbClusterRoleArgs { /** * The name of the feature associated with the AWS Identity and Access Management (IAM) role. For the list of supported feature names, see DBEngineVersion in the Amazon Neptune API Reference. */ featureName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster. */ roleArn: pulumi.Input; } /** * Contains the scaling configuration of an Neptune Serverless DB cluster. */ interface DbClusterServerlessScalingConfigurationArgs { /** * The maximum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 40, 40.5, 41, and so on. The smallest value you can use is 2.5, whereas the largest is 128. */ maxCapacity: pulumi.Input; /** * The minimum number of Neptune capacity units (NCUs) for a DB instance in an Neptune Serverless cluster. You can specify NCU values in half-step increments, such as 8, 8.5, 9, and so on. The smallest value you can use is 1, whereas the largest is 128. */ minCapacity: pulumi.Input; } } export declare namespace neptunegraph { /** * The vector search configuration. */ interface GraphVectorSearchConfigurationArgs { /** * The vector search dimension */ vectorSearchDimension: pulumi.Input; } } export declare namespace networkfirewall { interface FirewallAvailabilityZoneMappingArgs { /** * A AvailabilityZone */ availabilityZone: pulumi.Input; } interface FirewallPolicyArgs { /** * When true, prevents TCP and TLS packets from reaching destination servers until TLS Inspection has evaluated Server Name Indication (SNI) rules. Requires an associated TLS Inspection configuration. */ enableTlsSessionHolding?: pulumi.Input; /** * Contains variables that you can use to override default Suricata settings in your firewall policy. */ policyVariables?: pulumi.Input; /** * The default actions to take on a packet that doesn't match any stateful rules. The stateful default action is optional, and is only valid when using the strict rule order. * * Valid values of the stateful default action: * * - aws:drop_strict * - aws:drop_established * - aws:alert_strict * - aws:alert_established * * For more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html#suricata-strict-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* . */ statefulDefaultActions?: pulumi.Input[]>; /** * Additional options governing how Network Firewall handles stateful rules. The stateful rule groups that you use in your policy must have stateful rule options settings that are compatible with these settings. */ statefulEngineOptions?: pulumi.Input; /** * References to the stateful rule groups that are used in the policy. These define the inspection criteria in stateful rules. */ statefulRuleGroupReferences?: pulumi.Input[]>; /** * The custom action definitions that are available for use in the firewall policy's `StatelessDefaultActions` setting. You name each custom action that you define, and then you can use it by name in your default actions specifications. */ statelessCustomActions?: pulumi.Input[]>; /** * The actions to take on a packet if it doesn't match any of the stateless rules in the policy. If you want non-matching packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` . * * You must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice. * * For example, you could specify `["aws:pass"]` or you could specify `["aws:pass", "customActionName"]` . For information about compatibility, see the custom action descriptions. */ statelessDefaultActions: pulumi.Input[]>; /** * The actions to take on a fragmented packet if it doesn't match any of the stateless rules in the policy. If you want non-matching fragmented packets to be forwarded for stateful inspection, specify `aws:forward_to_sfe` . * * You must specify one of the standard actions: `aws:pass` , `aws:drop` , or `aws:forward_to_sfe` . In addition, you can specify custom actions that are compatible with your standard section choice. * * For example, you could specify `["aws:pass"]` or you could specify `["aws:pass", "customActionName"]` . For information about compatibility, see the custom action descriptions. */ statelessFragmentDefaultActions: pulumi.Input[]>; /** * References to the stateless rule groups that are used in the policy. These define the matching criteria in stateless rules. */ statelessRuleGroupReferences?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the TLS inspection configuration. */ tlsInspectionConfigurationArn?: pulumi.Input; } interface FirewallPolicyActionDefinitionArgs { /** * Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published. * * You can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it. */ publishMetricAction?: pulumi.Input; } interface FirewallPolicyCustomActionArgs { /** * The custom action associated with the action name. */ actionDefinition: pulumi.Input; /** * The descriptive name of the custom action. You can't change the name of a custom action after you create it. */ actionName: pulumi.Input; } interface FirewallPolicyDimensionArgs { /** * The value to use in the custom metric dimension. */ value: pulumi.Input; } interface FirewallPolicyIpSetArgs { /** * The list of IP addresses and address ranges, in CIDR notation. */ definition?: pulumi.Input[]>; } /** * Contains variables that you can use to override default Suricata settings in your firewall policy. */ interface FirewallPolicyPolicyVariablesPropertiesArgs { ruleVariables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface FirewallPolicyPublishMetricActionArgs { dimensions: pulumi.Input[]>; } interface FirewallPolicyStatefulEngineOptionsArgs { /** * Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle. */ flowTimeouts?: pulumi.Input; /** * Indicates how to manage the order of stateful rule evaluation for the policy. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* . */ ruleOrder?: pulumi.Input; /** * Configures how Network Firewall processes traffic when a network connection breaks midstream. Network connections can break due to disruptions in external networks or within the firewall itself. * * - `DROP` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. This is the default behavior. * - `CONTINUE` - Network Firewall continues to apply rules to the subsequent traffic without context from traffic before the break. This impacts the behavior of rules that depend on this context. For example, if you have a stateful rule to `drop http` traffic, Network Firewall won't match the traffic for this rule because the service won't have the context from session initialization defining the application layer protocol as HTTP. However, this behavior is rule dependent—a TCP-layer rule using a `flow:stateless` rule would still match, as would the `aws:drop_strict` default action. * - `REJECT` - Network Firewall fails closed and drops all subsequent traffic going to the firewall. Network Firewall also sends a TCP reject packet back to your client so that the client can immediately establish a new session. Network Firewall will have context about the new session and will apply rules to the subsequent traffic. */ streamExceptionPolicy?: pulumi.Input; } /** * Configures the amount of time that can pass without any traffic sent through the firewall before the firewall determines that the connection is idle. */ interface FirewallPolicyStatefulEngineOptionsFlowTimeoutsPropertiesArgs { tcpIdleTimeoutSeconds?: pulumi.Input; } interface FirewallPolicyStatefulRuleGroupOverrideArgs { /** * The action that changes the rule group from `DROP` to `ALERT` . This only applies to managed rule groups. */ action?: pulumi.Input; } interface FirewallPolicyStatefulRuleGroupReferenceArgs { /** * AWS Network Firewall plans to augment the active threat defense managed rule group with an additional deep threat inspection capability. When this capability is released, AWS will analyze service logs of network traffic processed by these rule groups to identify threat indicators across customers. AWS will use these threat indicators to improve the active threat defense managed rule groups and protect the security of AWS customers and services. * * > Customers can opt-out of deep threat inspection at any time through the AWS Network Firewall console or API. When customers opt out, AWS Network Firewall will not use the network traffic processed by those customers' active threat defense rule groups for rule group improvement. */ deepThreatInspection?: pulumi.Input; /** * The action that allows the policy owner to override the behavior of the rule group within a policy. */ override?: pulumi.Input; /** * An integer setting that indicates the order in which to run the stateful rule groups in a single firewall policy. This setting only applies to firewall policies that specify the `STRICT_ORDER` rule order in the stateful engine options settings. * * Network Firewall evalutes each stateful rule group against a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy. * * You can change the priority settings of your rule groups at any time. To make it easier to insert rule groups later, number them so there's a wide range in between, for example use 100, 200, and so on. */ priority?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the stateful rule group. */ resourceArn: pulumi.Input; } interface FirewallPolicyStatelessRuleGroupReferenceArgs { /** * An integer setting that indicates the order in which to run the stateless rule groups in a single firewall policy. Network Firewall applies each stateless rule group to a packet starting with the group that has the lowest priority setting. You must ensure that the priority settings are unique within each policy. */ priority: pulumi.Input; /** * The Amazon Resource Name (ARN) of the stateless rule group. */ resourceArn: pulumi.Input; } interface FirewallSubnetMappingArgs { /** * A IPAddressType */ ipAddressType?: pulumi.Input; /** * A SubnetId. */ subnetId: pulumi.Input; } interface LoggingConfigurationArgs { /** * Defines the logging destinations for the logs for a firewall. Network Firewall generates logs for stateful rule groups. */ logDestinationConfigs: pulumi.Input[]>; } interface LoggingConfigurationLogDestinationConfigArgs { /** * A key-value pair to configure the logDestinations. */ logDestination: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The type of storage destination to send these logs to. You can send logs to an Amazon S3 bucket, a CloudWatch log group, or a Firehose delivery stream. */ logDestinationType: pulumi.Input; /** * The type of log to record. You can record the following types of logs from your Network Firewall stateful engine. * * - `ALERT` - Logs for traffic that matches your stateful rules and that have an action that sends an alert. A stateful rule sends alerts for the rule actions DROP, ALERT, and REJECT. For more information, see the `StatefulRule` property. * - `FLOW` - Standard network traffic flow logs. The stateful rules engine records flow logs for all network traffic that it receives. Each flow log record captures the network flow for a specific standard stateless rule group. * - `TLS` - Logs for events that are related to TLS inspection. For more information, see [Inspecting SSL/TLS traffic with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-configurations.html) in the *Network Firewall Developer Guide* . */ logType: pulumi.Input; } interface RuleGroupArgs { /** * The reference sets for the stateful rule group. */ referenceSets?: pulumi.Input; /** * Settings that are available for use in the rules in the rule group. You can only use these for stateful rule groups. */ ruleVariables?: pulumi.Input; /** * The stateful rules or stateless rules for the rule group. */ rulesSource: pulumi.Input; /** * Additional options governing how Network Firewall handles stateful rules. The policies where you use your stateful rule group must have stateful rule options settings that are compatible with these settings. Some limitations apply; for more information, see [Strict evaluation order](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-limitations-caveats.html) in the *AWS Network Firewall Developer Guide* . */ statefulRuleOptions?: pulumi.Input; } interface RuleGroupActionDefinitionArgs { /** * Stateless inspection criteria that publishes the specified metrics to Amazon CloudWatch for the matching packet. This setting defines a CloudWatch dimension value to be published. * * You can pair this custom action with any of the standard stateless rule actions. For example, you could pair this in a rule action with the standard action that forwards the packet for stateful inspection. Then, when a packet matches the rule, Network Firewall publishes metrics for the packet and forwards it. */ publishMetricAction?: pulumi.Input; } interface RuleGroupAddressArgs { /** * Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6. * * Examples: * * - To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` . * - To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` . * - To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` . * - To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` . * * For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) . */ addressDefinition: pulumi.Input; } interface RuleGroupCustomActionArgs { /** * The custom action associated with the action name. */ actionDefinition: pulumi.Input; /** * The descriptive name of the custom action. You can't change the name of a custom action after you create it. */ actionName: pulumi.Input; } interface RuleGroupDimensionArgs { /** * The value to use in the custom metric dimension. */ value: pulumi.Input; } interface RuleGroupHeaderArgs { /** * The destination IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` . * * Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6. * * Examples: * * - To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` . * - To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` . * - To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` . * - To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` . * * For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) . */ destination: pulumi.Input; /** * The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` . */ destinationPort: pulumi.Input; /** * The direction of traffic flow to inspect. If set to `ANY` , the inspection matches bidirectional traffic, both from the source to the destination and from the destination to the source. If set to `FORWARD` , the inspection only matches traffic going from the source to the destination. */ direction: pulumi.Input; /** * The protocol to inspect for. To specify all, you can use `IP` , because all traffic on AWS and on the internet is IP. */ protocol: pulumi.Input; /** * The source IP address or address range to inspect for, in CIDR notation. To match with any address, specify `ANY` . * * Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6. * * Examples: * * - To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` . * - To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` . * - To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` . * - To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` . * * For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) . */ source: pulumi.Input; /** * The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` . */ sourcePort: pulumi.Input; } interface RuleGroupIpSetArgs { definition?: pulumi.Input[]>; } interface RuleGroupIpSetReferenceArgs { referenceArn?: pulumi.Input; } interface RuleGroupMatchAttributesArgs { /** * The destination port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` . * * This setting is only used for protocols 6 (TCP) and 17 (UDP). */ destinationPorts?: pulumi.Input[]>; /** * The destination IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any destination address. */ destinations?: pulumi.Input[]>; /** * The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol. */ protocols?: pulumi.Input[]>; /** * The source port to inspect for. You can specify an individual port, for example `1994` and you can specify a port range, for example `1990:1994` . To match with any port, specify `ANY` . * * If not specified, this matches with any source port. * * This setting is only used for protocols 6 (TCP) and 17 (UDP). */ sourcePorts?: pulumi.Input[]>; /** * The source IP addresses and address ranges to inspect for, in CIDR notation. If not specified, this matches with any source address. */ sources?: pulumi.Input[]>; /** * The TCP flags and masks to inspect for. If not specified, this matches with any settings. This setting is only used for protocol 6 (TCP). */ tcpFlags?: pulumi.Input[]>; } interface RuleGroupPortRangeArgs { /** * The lower limit of the port range. This must be less than or equal to the `ToPort` specification. */ fromPort: pulumi.Input; /** * The upper limit of the port range. This must be greater than or equal to the `FromPort` specification. */ toPort: pulumi.Input; } interface RuleGroupPortSetArgs { definition?: pulumi.Input[]>; } interface RuleGroupPublishMetricActionArgs { dimensions: pulumi.Input[]>; } interface RuleGroupReferenceSetsArgs { /** * The IP set references to use in the stateful rule group. */ ipSetReferences?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface RuleGroupRuleDefinitionArgs { /** * The actions to take on a packet that matches one of the stateless rule definition's match attributes. You must specify a standard action and you can add custom actions. * * > Network Firewall only forwards a packet for stateful rule inspection if you specify `aws:forward_to_sfe` for a rule that the packet matches, or if the packet doesn't match any stateless rule and you specify `aws:forward_to_sfe` for the `StatelessDefaultActions` setting for the firewall policy. * * For every rule, you must specify exactly one of the following standard actions. * * - *aws:pass* - Discontinues all inspection of the packet and permits it to go to its intended destination. * - *aws:drop* - Discontinues all inspection of the packet and blocks it from going to its intended destination. * - *aws:forward_to_sfe* - Discontinues stateless inspection of the packet and forwards it to the stateful rule engine for inspection. * * Additionally, you can specify a custom action. To do this, you define a custom action by name and type, then provide the name you've assigned to the action in this `Actions` setting. * * To provide more than one action in this setting, separate the settings with a comma. For example, if you have a publish metrics custom action that you've named `MyMetricsAction` , then you could specify the standard action `aws:pass` combined with the custom action using `["aws:pass", "MyMetricsAction"]` . */ actions: pulumi.Input[]>; /** * Criteria for Network Firewall to use to inspect an individual packet in stateless rule inspection. Each match attributes set can include one or more items such as IP address, CIDR range, port number, protocol, and TCP flags. */ matchAttributes: pulumi.Input; } interface RuleGroupRuleOptionArgs { /** * The Suricata rule option keywords. For Network Firewall , the keyword signature ID (sid) is required in the format `sid:112233` . The sid must be unique within the rule group. For information about Suricata rule option keywords, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) . */ keyword: pulumi.Input; /** * The Suricata rule option settings. Settings have zero or more values, and the number of possible settings and required settings depends on the keyword. The format for Settings is `number` . For information about Suricata rule option settings, see [Rule options](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-6.0.9/rules/intro.html#rule-options) . */ settings?: pulumi.Input[]>; } interface RuleGroupRuleVariablesArgs { /** * A list of IP addresses and address ranges, in CIDR notation. */ ipSets?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A list of port ranges. */ portSets?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface RuleGroupRulesSourceArgs { /** * Stateful inspection criteria for a domain list rule group. */ rulesSourceList?: pulumi.Input; /** * Stateful inspection criteria, provided in Suricata compatible rules. Suricata is an open-source threat detection framework that includes a standard rule-based language for network traffic inspection. * * These rules contain the inspection criteria and the action to take for traffic that matches the criteria, so this type of rule group doesn't have a separate action setting. * * > You can't use the `priority` keyword if the `RuleOrder` option in StatefulRuleOptions is set to `STRICT_ORDER` . */ rulesString?: pulumi.Input; /** * An array of individual stateful rules inspection criteria to be used together in a stateful rule group. Use this option to specify simple Suricata rules with protocol, source and destination, ports, direction, and rule options. For information about the Suricata `Rules` format, see [Rules Format](https://docs.aws.amazon.com/https://suricata.readthedocs.io/en/suricata-7.0.3/rules/intro.html) . */ statefulRules?: pulumi.Input[]>; /** * Stateless inspection criteria to be used in a stateless rule group. */ statelessRulesAndCustomActions?: pulumi.Input; } interface RuleGroupRulesSourceListArgs { /** * Whether you want to apply allow, reject, alert, or drop behavior to the domains in your target list. * * > When logging is enabled and you choose Alert, traffic that matches the domain specifications generates an alert in the firewall's logs. Then, traffic either passes, is rejected, or drops based on other rules in the firewall policy. */ generatedRulesType: pulumi.Input; /** * The types of targets to inspect for. Valid values are `TLS_SNI` and `HTTP_HOST` . */ targetTypes: pulumi.Input[]>; /** * The domains that you want to inspect for in your traffic flows. Valid domain specifications are the following: * * - Explicit names. For example, `abc.example.com` matches only the domain `abc.example.com` . * - Names that use a domain wildcard, which you indicate with an initial ' `.` '. For example, `.example.com` matches `example.com` and matches all subdomains of `example.com` , such as `abc.example.com` and `www.example.com` . */ targets: pulumi.Input[]>; } interface RuleGroupStatefulRuleArgs { /** * Defines what Network Firewall should do with the packets in a traffic flow when the flow matches the stateful rule criteria. For all actions, Network Firewall performs the specified action and discontinues stateful inspection of the traffic flow. * * The actions for a stateful rule are defined as follows: * * - *PASS* - Permits the packets to go to the intended destination. * - *DROP* - Blocks the packets from going to the intended destination and sends an alert log message, if alert logging is configured in the firewall logging configuration. * - *REJECT* - Drops traffic that matches the conditions of the stateful rule and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. `REJECT` is available only for TCP traffic. * - *ALERT* - Permits the packets to go to the intended destination and sends an alert log message, if alert logging is configured in the firewall logging configuration. * * You can use this action to test a rule that you intend to use to drop traffic. You can enable the rule with `ALERT` action, verify in the logs that the rule is filtering as you want, then change the action to `DROP` . * - *REJECT* - Drops TCP traffic that matches the conditions of the stateful rule, and sends a TCP reset packet back to sender of the packet. A TCP reset packet is a packet with no payload and a `RST` bit contained in the TCP header flags. Also sends an alert log mesage if alert logging is configured in the firewall logging configuration. * * `REJECT` isn't currently available for use with IMAP and FTP protocols. */ action: pulumi.Input; /** * The stateful inspection criteria for this rule, used to inspect traffic flows. */ header: pulumi.Input; /** * Additional settings for a stateful rule, provided as keywords and settings. */ ruleOptions: pulumi.Input[]>; } interface RuleGroupStatefulRuleOptionsArgs { /** * Indicates how to manage the order of the rule evaluation for the rule group. `DEFAULT_ACTION_ORDER` is the default behavior. Stateful rules are provided to the rule engine as Suricata compatible strings, and Suricata evaluates them based on certain settings. For more information, see [Evaluation order for stateful rules](https://docs.aws.amazon.com/network-firewall/latest/developerguide/suricata-rule-evaluation-order.html) in the *AWS Network Firewall Developer Guide* . */ ruleOrder?: pulumi.Input; } interface RuleGroupStatelessRuleArgs { /** * Indicates the order in which to run this rule relative to all of the rules that are defined for a stateless rule group. Network Firewall evaluates the rules in a rule group starting with the lowest priority setting. You must ensure that the priority settings are unique for the rule group. * * Each stateless rule group uses exactly one `StatelessRulesAndCustomActions` object, and each `StatelessRulesAndCustomActions` contains exactly one `StatelessRules` object. To ensure unique priority settings for your rule groups, set unique priorities for the stateless rules that you define inside any single `StatelessRules` object. * * You can change the priority settings of your rules at any time. To make it easier to insert rules later, number them so there's a wide range in between, for example use 100, 200, and so on. */ priority: pulumi.Input; /** * Defines the stateless 5-tuple packet inspection criteria and the action to take on a packet that matches the criteria. */ ruleDefinition: pulumi.Input; } interface RuleGroupStatelessRulesAndCustomActionsArgs { /** * Defines an array of individual custom action definitions that are available for use by the stateless rules in this `StatelessRulesAndCustomActions` specification. You name each custom action that you define, and then you can use it by name in your stateless rule definition `Actions` specification. */ customActions?: pulumi.Input[]>; /** * Defines the set of stateless rules for use in a stateless rule group. */ statelessRules: pulumi.Input[]>; } interface RuleGroupTcpFlagFieldArgs { /** * Used in conjunction with the `Masks` setting to define the flags that must be set and flags that must not be set in order for the packet to match. This setting can only specify values that are also specified in the `Masks` setting. * * For the flags that are specified in the masks setting, the following must be true for the packet to match: * * - The ones that are set in this flags setting must be set in the packet. * - The ones that are not set in this flags setting must also not be set in the packet. */ flags: pulumi.Input[]>; /** * The set of flags to consider in the inspection. To inspect all flags in the valid values list, leave this with no setting. */ masks?: pulumi.Input[]>; } /** * A complex type containing the currently selected rule option fields that will be displayed for rule summarization returned by `DescribeRuleGroupSummary` . * * - The `RuleOptions` specified in `SummaryConfiguration` * - Rule metadata organization preferences */ interface SummaryConfigurationPropertiesArgs { /** * Specifies the selected rule options returned by `DescribeRuleGroupSummary` . */ ruleOptions?: pulumi.Input[]>; } interface TlsInspectionConfigurationAddressArgs { /** * Specify an IP address or a block of IP addresses in Classless Inter-Domain Routing (CIDR) notation. Network Firewall supports all address ranges for IPv4 and IPv6. * * Examples: * * - To configure Network Firewall to inspect for the IP address 192.0.2.44, specify `192.0.2.44/32` . * - To configure Network Firewall to inspect for IP addresses from 192.0.2.0 to 192.0.2.255, specify `192.0.2.0/24` . * - To configure Network Firewall to inspect for the IP address 1111:0000:0000:0000:0000:0000:0000:0111, specify `1111:0000:0000:0000:0000:0000:0000:0111/128` . * - To configure Network Firewall to inspect for IP addresses from 1111:0000:0000:0000:0000:0000:0000:0000 to 1111:0000:0000:0000:ffff:ffff:ffff:ffff, specify `1111:0000:0000:0000:0000:0000:0000:0000/64` . * * For more information about CIDR notation, see the Wikipedia entry [Classless Inter-Domain Routing](https://docs.aws.amazon.com/https://en.wikipedia.org/wiki/Classless_Inter-Domain_Routing) . */ addressDefinition: pulumi.Input; } interface TlsInspectionConfigurationPortRangeArgs { /** * The lower limit of the port range. This must be less than or equal to the `ToPort` specification. */ fromPort: pulumi.Input; /** * The upper limit of the port range. This must be greater than or equal to the `FromPort` specification. */ toPort: pulumi.Input; } interface TlsInspectionConfigurationServerCertificateArgs { /** * The Amazon Resource Name (ARN) of the Certificate Manager SSL/TLS server certificate that's used for inbound SSL/TLS inspection. */ resourceArn?: pulumi.Input; } interface TlsInspectionConfigurationServerCertificateConfigurationArgs { /** * The Amazon Resource Name (ARN) of the imported certificate authority (CA) certificate within Certificate Manager (ACM) to use for outbound SSL/TLS inspection. * * The following limitations apply: * * - You can use CA certificates that you imported into ACM, but you can't generate CA certificates with ACM. * - You can't use certificates issued by Private Certificate Authority . * * For more information about configuring certificates for outbound inspection, see [Using SSL/TLS certificates with TLS inspection configurations](https://docs.aws.amazon.com/network-firewall/latest/developerguide/tls-inspection-certificate-requirements.html) in the *AWS Network Firewall Developer Guide* . * * For information about working with certificates in ACM, see [Importing certificates](https://docs.aws.amazon.com/acm/latest/userguide/import-certificate.html) in the *Certificate Manager User Guide* . */ certificateAuthorityArn?: pulumi.Input; /** * When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-servercertificateconfiguration.html) . */ checkCertificateRevocationStatus?: pulumi.Input; /** * A list of scopes. */ scopes?: pulumi.Input[]>; /** * The list of server certificates to use for inbound SSL/TLS inspection. */ serverCertificates?: pulumi.Input[]>; } /** * When enabled, Network Firewall checks if the server certificate presented by the server in the SSL/TLS connection has a revoked or unkown status. If the certificate has an unknown or revoked status, you must specify the actions that Network Firewall takes on outbound traffic. To check the certificate revocation status, you must also specify a `CertificateAuthorityArn` in [ServerCertificateConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-resource-networkfirewall-servercertificateconfiguration.html) . */ interface TlsInspectionConfigurationServerCertificateConfigurationCheckCertificateRevocationStatusPropertiesArgs { revokedStatusAction?: pulumi.Input; unknownStatusAction?: pulumi.Input; } interface TlsInspectionConfigurationServerCertificateScopeArgs { /** * The destination ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any destination port. * * You can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` . */ destinationPorts?: pulumi.Input[]>; /** * The destination IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this * matches with any destination address. */ destinations?: pulumi.Input[]>; /** * The protocols to inspect for, specified using the assigned internet protocol number (IANA) for each protocol. If not specified, this matches with any protocol. * * Network Firewall currently supports only TCP. */ protocols?: pulumi.Input[]>; /** * The source ports to decrypt for inspection, in Transmission Control Protocol (TCP) format. If not specified, this matches with any source port. * * You can specify individual ports, for example `1994` , and you can specify port ranges, such as `1990:1994` . */ sourcePorts?: pulumi.Input[]>; /** * The source IP addresses and address ranges to decrypt for inspection, in CIDR notation. If not specified, this * matches with any source address. */ sources?: pulumi.Input[]>; } interface TlsInspectionConfigurationTlsInspectionConfigurationArgs { /** * Lists the server certificate configurations that are associated with the TLS configuration. */ serverCertificateConfigurations?: pulumi.Input[]>; } interface VpcEndpointAssociationSubnetMappingArgs { /** * A IPAddressType */ ipAddressType?: pulumi.Input; /** * A SubnetId. */ subnetId: pulumi.Input; } } export declare namespace networkmanager { /** * Connect attachment options for protocol */ interface ConnectAttachmentOptionsArgs { /** * Tunnel protocol for connect attachment */ protocol?: pulumi.Input; } /** * The attachment to move from one network function group to another. */ interface ConnectAttachmentProposedNetworkFunctionGroupChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the network function group to change. */ networkFunctionGroupName?: pulumi.Input; /** * The key-value tags that changed for the network function group. */ tags?: pulumi.Input[]>; } /** * The attachment to move from one segment to another. */ interface ConnectAttachmentProposedSegmentChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the segment to change. */ segmentName?: pulumi.Input; /** * The list of key-value tags that changed for the segment. */ tags?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface ConnectAttachmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * Bgp options */ interface ConnectPeerBgpOptionsArgs { /** * The Peer ASN of the BGP. */ peerAsn?: pulumi.Input; } /** * The Amazon Web Services location of the device, if applicable. */ interface DeviceAwsLocationArgs { /** * The Amazon Resource Name (ARN) of the subnet that the device is located in. */ subnetArn?: pulumi.Input; /** * The Zone that the device is located in. Specify the ID of an Availability Zone, Local Zone, Wavelength Zone, or an Outpost. */ zone?: pulumi.Input; } /** * The site location. */ interface DeviceLocationArgs { /** * The physical address. */ address?: pulumi.Input; /** * The latitude. */ latitude?: pulumi.Input; /** * The longitude. */ longitude?: pulumi.Input; } /** * The attachment to move from one network function group to another. */ interface DirectConnectGatewayAttachmentProposedNetworkFunctionGroupChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the network function group to change. */ networkFunctionGroupName?: pulumi.Input; /** * The key-value tags that changed for the network function group. */ tags?: pulumi.Input[]>; } /** * The attachment to move from one segment to another. */ interface DirectConnectGatewayAttachmentProposedSegmentChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the segment to change. */ segmentName?: pulumi.Input; /** * The key-value tags that changed for the segment. */ tags?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface DirectConnectGatewayAttachmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * The bandwidth for the link. */ interface LinkBandwidthArgs { /** * Download speed in Mbps. */ downloadSpeed?: pulumi.Input; /** * Upload speed in Mbps. */ uploadSpeed?: pulumi.Input; } /** * The location of the site */ interface SiteLocationArgs { /** * The physical address. */ address?: pulumi.Input; /** * The latitude. */ latitude?: pulumi.Input; /** * The longitude. */ longitude?: pulumi.Input; } /** * The attachment to move from one network function group to another. */ interface SiteToSiteVpnAttachmentProposedNetworkFunctionGroupChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the network function group to change. */ networkFunctionGroupName?: pulumi.Input; /** * The key-value tags that changed for the network function group. */ tags?: pulumi.Input[]>; } /** * The attachment to move from one segment to another. */ interface SiteToSiteVpnAttachmentProposedSegmentChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the segment to change. */ segmentName?: pulumi.Input; /** * The key-value tags that changed for the segment. */ tags?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface SiteToSiteVpnAttachmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * The attachment to move from one network function group to another. */ interface TransitGatewayRouteTableAttachmentProposedNetworkFunctionGroupChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the network function group to change. */ networkFunctionGroupName?: pulumi.Input; /** * The key-value tags that changed for the network function group. */ tags?: pulumi.Input[]>; } /** * The attachment to move from one segment to another. */ interface TransitGatewayRouteTableAttachmentProposedSegmentChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the segment to change. */ segmentName?: pulumi.Input; /** * The key-value tags that changed for the segment. */ tags?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface TransitGatewayRouteTableAttachmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * The attachment to move from one network function group to another. */ interface VpcAttachmentProposedNetworkFunctionGroupChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the network function group to change. */ networkFunctionGroupName?: pulumi.Input; /** * The key-value tags that changed for the network function group. */ tags?: pulumi.Input[]>; } /** * The attachment to move from one segment to another. */ interface VpcAttachmentProposedSegmentChangeArgs { /** * The rule number in the policy document that applies to this change. */ attachmentPolicyRuleNumber?: pulumi.Input; /** * The name of the segment to change. */ segmentName?: pulumi.Input; /** * The key-value tags that changed for the segment. */ tags?: pulumi.Input[]>; } /** * A key-value pair to associate with a resource. */ interface VpcAttachmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 0 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } /** * Vpc options of the attachment. */ interface VpcAttachmentVpcOptionsArgs { /** * Indicates whether to enable ApplianceModeSupport Support for Vpc Attachment. Valid Values: true | false */ applianceModeSupport?: pulumi.Input; /** * Indicates whether to enable private DNS Support for Vpc Attachment. Valid Values: true | false */ dnsSupport?: pulumi.Input; /** * Indicates whether to enable Ipv6 Support for Vpc Attachment. Valid Values: enable | disable */ ipv6Support?: pulumi.Input; /** * Indicates whether to enable Security Group Referencing Support for Vpc Attachment. Valid Values: true | false */ securityGroupReferencingSupport?: pulumi.Input; } } export declare namespace nimblestudio { interface LaunchProfileStreamConfigurationArgs { automaticTerminationMode?: pulumi.Input; clipboardMode: pulumi.Input; ec2InstanceTypes: pulumi.Input[]>; maxSessionLengthInMinutes?: pulumi.Input; maxStoppedSessionLengthInMinutes?: pulumi.Input; sessionBackup?: pulumi.Input; sessionPersistenceMode?: pulumi.Input; sessionStorage?: pulumi.Input; streamingImageIds: pulumi.Input[]>; volumeConfiguration?: pulumi.Input; } interface LaunchProfileStreamConfigurationSessionBackupArgs { maxBackupsToRetain?: pulumi.Input; mode?: pulumi.Input; } interface LaunchProfileStreamConfigurationSessionStorageArgs { mode: pulumi.Input[]>; root?: pulumi.Input; } interface LaunchProfileStreamingSessionStorageRootArgs { linux?: pulumi.Input; windows?: pulumi.Input; } interface LaunchProfileVolumeConfigurationArgs { iops?: pulumi.Input; size?: pulumi.Input; throughput?: pulumi.Input; } interface StudioComponentActiveDirectoryComputerAttributeArgs { name?: pulumi.Input; value?: pulumi.Input; } interface StudioComponentActiveDirectoryConfigurationArgs { computerAttributes?: pulumi.Input[]>; directoryId?: pulumi.Input; organizationalUnitDistinguishedName?: pulumi.Input; } interface StudioComponentComputeFarmConfigurationArgs { activeDirectoryUser?: pulumi.Input; endpoint?: pulumi.Input; } interface StudioComponentConfigurationArgs { activeDirectoryConfiguration?: pulumi.Input; computeFarmConfiguration?: pulumi.Input; licenseServiceConfiguration?: pulumi.Input; sharedFileSystemConfiguration?: pulumi.Input; } interface StudioComponentInitializationScriptArgs { launchProfileProtocolVersion?: pulumi.Input; platform?: pulumi.Input; runContext?: pulumi.Input; script?: pulumi.Input; } interface StudioComponentLicenseServiceConfigurationArgs { endpoint?: pulumi.Input; } interface StudioComponentScriptParameterKeyValueArgs { key?: pulumi.Input; value?: pulumi.Input; } interface StudioComponentSharedFileSystemConfigurationArgs { endpoint?: pulumi.Input; fileSystemId?: pulumi.Input; linuxMountPoint?: pulumi.Input; shareName?: pulumi.Input; windowsMountDrive?: pulumi.Input; } interface StudioEncryptionConfigurationArgs { keyArn?: pulumi.Input; keyType: pulumi.Input; } } export declare namespace oam { interface LinkConfigurationArgs { /** * Use this structure to filter which log groups are to share log events from this source account to the monitoring account. */ logGroupConfiguration?: pulumi.Input; /** * Use this structure to filter which metric namespaces are to be shared from the source account to the monitoring account. */ metricConfiguration?: pulumi.Input; } interface LinkFilterArgs { /** * When used in `MetricConfiguration` this field specifies which metric namespaces are to be shared with the monitoring account * * When used in `LogGroupConfiguration` this field specifies which log groups are to share their log events with the monitoring account. Use the term `LogGroupName` and one or more of the following operands. * * Use single quotation marks (') around log group names and metric namespaces. * * The matching of log group names and metric namespaces is case sensitive. Each filter has a limit of five conditional operands. Conditional operands are `AND` and `OR` . * * - `=` and `!=` * - `AND` * - `OR` * - `LIKE` and `NOT LIKE` . These can be used only as prefix searches. Include a `%` at the end of the string that you want to search for and include. * - `IN` and `NOT IN` , using parentheses `( )` * * Examples: * * - `Namespace NOT LIKE 'AWS/%'` includes only namespaces that don't start with `AWS/` , such as custom namespaces. * - `Namespace IN ('AWS/EC2', 'AWS/ELB', 'AWS/S3')` includes only the metrics in the EC2, Elastic Load Balancing , and Amazon S3 namespaces. * - `Namespace = 'AWS/EC2' OR Namespace NOT LIKE 'AWS/%'` includes only the EC2 namespace and your custom namespaces. * - `LogGroupName IN ('This-Log-Group', 'Other-Log-Group')` includes only the log groups with names `This-Log-Group` and `Other-Log-Group` . * - `LogGroupName NOT IN ('Private-Log-Group', 'Private-Log-Group-2')` includes all log groups except the log groups with names `Private-Log-Group` and `Private-Log-Group-2` . * - `LogGroupName LIKE 'aws/lambda/%' OR LogGroupName LIKE 'AWSLogs%'` includes all log groups that have names that start with `aws/lambda/` or `AWSLogs` . * * > If you are updating a link that uses filters, you can specify `*` as the only value for the `filter` parameter to delete the filter and share all log groups with the monitoring account. */ filter: pulumi.Input; } } export declare namespace observabilityadmin { interface OrganizationCentralizationRuleCentralizationRuleArgs { /** * Configuration determining where the telemetry data should be centralized, backed up, as well as encryption configuration for the primary and backup destinations. */ destination: pulumi.Input; /** * Configuration determining the source of the telemetry data to be centralized. */ source: pulumi.Input; } interface OrganizationCentralizationRuleCentralizationRuleDestinationArgs { /** * The destination account (within the organization) to which the telemetry data should be centralized. */ account?: pulumi.Input; /** * Log specific configuration for centralization destination log groups. */ destinationLogsConfiguration?: pulumi.Input; /** * The primary destination region to which telemetry data should be centralized. */ region: pulumi.Input; } interface OrganizationCentralizationRuleCentralizationRuleSourceArgs { /** * The list of source regions from which telemetry data should be centralized. */ regions: pulumi.Input[]>; /** * The organizational scope from which telemetry data should be centralized, specified using organization id, accounts or organizational unit ids. */ scope?: pulumi.Input; /** * Log specific configuration for centralization source log groups. */ sourceLogsConfiguration?: pulumi.Input; } interface OrganizationCentralizationRuleDestinationLogsConfigurationArgs { /** * Configuration defining the backup region and an optional KMS key for the backup destination. */ backupConfiguration?: pulumi.Input; logGroupNameConfiguration?: pulumi.Input; /** * The encryption configuration for centralization destination log groups. */ logsEncryptionConfiguration?: pulumi.Input; } interface OrganizationCentralizationRuleLogGroupNameConfigurationArgs { logGroupNamePattern: pulumi.Input; } interface OrganizationCentralizationRuleLogsBackupConfigurationArgs { /** * KMS Key ARN belonging to the primary destination account and backup region, to encrypt newly created central log groups in the backup destination. */ kmsKeyArn?: pulumi.Input; /** * Logs specific backup destination region within the primary destination account to which log data should be centralized. */ region: pulumi.Input; } interface OrganizationCentralizationRuleLogsEncryptionConfigurationArgs { /** * Conflict resolution strategy for centralization if the encryption strategy is set to CUSTOMER_MANAGED and the destination log group is encrypted with an AWS_OWNED KMS Key. ALLOW lets centralization go through while SKIP prevents centralization into the destination log group. */ encryptionConflictResolutionStrategy?: pulumi.Input; /** * Configuration that determines the encryption strategy of the destination log groups. CUSTOMER_MANAGED uses the configured KmsKeyArn to encrypt newly created destination log groups. */ encryptionStrategy: pulumi.Input; /** * KMS Key ARN belonging to the primary destination account and region, to encrypt newly created central log groups in the primary destination. */ kmsKeyArn?: pulumi.Input; } interface OrganizationCentralizationRuleSourceLogsConfigurationArgs { dataSourceSelectionCriteria?: pulumi.Input; /** * A strategy determining whether to centralize source log groups that are encrypted with customer managed KMS keys (CMK). ALLOW will consider CMK encrypted source log groups for centralization while SKIP will skip CMK encrypted source log groups from centralization. */ encryptedLogGroupStrategy: pulumi.Input; /** * The selection criteria that specifies which source log groups to centralize. The selection criteria uses the same format as OAM link filters. */ logGroupSelectionCriteria?: pulumi.Input; } /** * The condition of the action desired in the filter. */ interface OrganizationTelemetryRuleActionConditionArgs { action?: pulumi.Input; } /** * An advanced event selector that includes optional name and field selectors */ interface OrganizationTelemetryRuleAdvancedEventSelectorArgs { /** * Contains all selector statements in an advanced event selector. */ fieldSelectors: pulumi.Input[]>; /** * An optional descriptive name for the advanced event selector */ name?: pulumi.Input; } /** * A single selector statement in an advanced event selector. */ interface OrganizationTelemetryRuleAdvancedFieldSelectorArgs { /** * An operator that includes events that match the last few characters of the event record field specified as the value of Field. */ endsWith?: pulumi.Input[]>; /** * An operator that includes events that match the exact value of the event record field specified as the value of Field. */ equals?: pulumi.Input[]>; /** * A field in a CloudTrail event record on which to filter events to be logged */ field?: pulumi.Input; /** * An operator that excludes events that match the last few characters of the event record field specified as the value of Field. */ notEndsWith?: pulumi.Input[]>; /** * An operator that excludes events that match the exact value of the event record field specified as the value of Field. */ notEquals?: pulumi.Input[]>; /** * An operator that excludes events that match the first few characters of the event record field specified as the value of Field. */ notStartsWith?: pulumi.Input[]>; /** * An operator that includes events that match the first few characters of the event record field specified as the value of Field. */ startsWith?: pulumi.Input[]>; } /** * Telemetry parameters for Cloudtrail */ interface OrganizationTelemetryRuleCloudtrailParametersArgs { /** * Create fine-grained selectors for AWS CloudTrail management and data. */ advancedEventSelectors: pulumi.Input[]>; } /** * A condition for a filter. */ interface OrganizationTelemetryRuleConditionArgs { actionCondition?: pulumi.Input; labelNameCondition?: pulumi.Input; } /** * Telemetry parameters for ELB/NLB Load Balancer Logs */ interface OrganizationTelemetryRuleElbLoadBalancerLoggingParametersArgs { /** * A delimiter to delineate log fields */ fieldDelimiter?: pulumi.Input; /** * The format for ELB access log entries (plain text or JSON format). */ outputFormat?: pulumi.Input; } /** * The field that we want to match this rule to. */ interface OrganizationTelemetryRuleFieldToMatchArgs { /** * The method with which to match this rule. */ method?: pulumi.Input; /** * The query string to find the resource to match this field to. */ queryString?: pulumi.Input; singleHeader?: pulumi.Input; /** * This is the URI path to match this rule to. */ uriPath?: pulumi.Input; } /** * A filter to be applied */ interface OrganizationTelemetryRuleFilterArgs { behavior?: pulumi.Input; conditions?: pulumi.Input[]>; requirement?: pulumi.Input; } /** * The label name of the condition. */ interface OrganizationTelemetryRuleLabelNameConditionArgs { /** * The label name of the condition. */ labelName?: pulumi.Input; } /** * Default handling for logs that don't match any of the specified filtering conditions. */ interface OrganizationTelemetryRuleLoggingFilterArgs { /** * The default action (KEEP or DROP) for log records that don't match any filter conditions. */ defaultBehavior?: pulumi.Input; /** * A list of filter conditions that determine log record handling behavior. */ filters?: pulumi.Input[]>; } /** * Header for the field to match. */ interface OrganizationTelemetryRuleSingleHeaderArgs { /** * The name of the header */ name: pulumi.Input; } /** * The destination configuration for telemetry data */ interface OrganizationTelemetryRuleTelemetryDestinationConfigurationArgs { /** * Configuration parameters specific to AWS CloudTrail when CloudTrail is the source type. */ cloudtrailParameters?: pulumi.Input; /** * The pattern used to generate the destination path or name, supporting macros like and . */ destinationPattern?: pulumi.Input; /** * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3"). */ destinationType?: pulumi.Input; /** * Configuration parameters specific to ELB load balancer logging when ELB is the resource type. */ elbLoadBalancerLoggingParameters?: pulumi.Input; /** * The number of days to retain the telemetry data in the destination. */ retentionInDays?: pulumi.Input; /** * Configuration parameters specific to VPC Flow Logs when VPC is the resource type. */ vpcFlowLogParameters?: pulumi.Input; /** * Configuration parameters specific to WAF logging when WAF is the resource type. */ wafLoggingParameters?: pulumi.Input; } /** * The telemetry rule */ interface OrganizationTelemetryRuleTelemetryRuleArgs { /** * Configuration specifying where and how the telemetry data should be delivered. */ destinationConfiguration?: pulumi.Input; /** * The type of AWS resource to configure telemetry for (e.g., "AWS::EC2::VPC", "AWS::EKS::Cluster", "AWS::WAFv2::WebACL"). */ resourceType: pulumi.Input; /** * The organizational scope to which the rule applies, specified using accounts or organizational units. */ scope?: pulumi.Input; /** * Criteria for selecting which resources the rule applies to, such as resource tags. */ selectionCriteria?: pulumi.Input; /** * The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type. */ telemetrySourceTypes?: pulumi.Input[]>; /** * The type of telemetry to collect (Logs, Metrics, or Traces). */ telemetryType: pulumi.Input; } /** * Telemetry parameters for VPC Flow logs */ interface OrganizationTelemetryRuleVpcFlowLogParametersArgs { /** * The fields to include in the flow log record. If you omit this parameter, the flow log is created using the default format. */ logFormat?: pulumi.Input; /** * The maximum interval of time, in seconds, during which a flow of packets is captured and aggregated into a flow log record. Default is 600s. */ maxAggregationInterval?: pulumi.Input; /** * The type of traffic captured for the flow log. Default is ALL */ trafficType?: pulumi.Input; } /** * Telemetry parameters for WAF v2 Web ACL */ interface OrganizationTelemetryRuleWafLoggingParametersArgs { /** * The type of WAF logs to collect (currently supports WAF_LOGS). */ logType?: pulumi.Input; /** * A filter configuration that determines which WAF log records to include or exclude. */ loggingFilter?: pulumi.Input; /** * Fields not to be included in the logs. */ redactedFields?: pulumi.Input[]>; } /** * Encryption configuration for the S3 Table Integration */ interface S3TableIntegrationEncryptionConfigArgs { /** * The ARN of the KMS key used to encrypt the S3 Table Integration */ kmsKeyArn?: pulumi.Input; /** * The server-side encryption algorithm used to encrypt the S3 Table(s) data */ sseAlgorithm: pulumi.Input; } /** * CloudWatch Logs data source to associate with the S3 Table Integration */ interface S3TableIntegrationLogSourceArgs { /** * The ID of the CloudWatch Logs data source association */ identifier?: pulumi.Input; /** * The name of the CloudWatch Logs data source */ name: pulumi.Input; /** * The type of the CloudWatch Logs data source */ type: pulumi.Input; } interface TelemetryPipelinesTelemetryPipelineConfigurationArgs { /** * The pipeline configuration body that defines the data processing rules and transformations. */ body: pulumi.Input; } /** * The telemetry rule */ interface TelemetryRuleArgs { /** * Configuration specifying where and how the telemetry data should be delivered. */ destinationConfiguration?: pulumi.Input; /** * The type of AWS resource to configure telemetry for (e.g., "AWS::EC2::VPC", "AWS::EKS::Cluster", "AWS::WAFv2::WebACL"). */ resourceType: pulumi.Input; /** * Criteria for selecting which resources the rule applies to, such as resource tags. */ selectionCriteria?: pulumi.Input; /** * The specific telemetry source types to configure for the resource, such as VPC_FLOW_LOGS or EKS_AUDIT_LOGS. TelemetrySourceTypes must be correlated with the specific resource type. */ telemetrySourceTypes?: pulumi.Input[]>; /** * The type of telemetry to collect (Logs, Metrics, or Traces). */ telemetryType: pulumi.Input; } /** * The condition of the action desired in the filter. */ interface TelemetryRuleActionConditionArgs { action?: pulumi.Input; } /** * An advanced event selector that includes optional name and field selectors */ interface TelemetryRuleAdvancedEventSelectorArgs { /** * Contains all selector statements in an advanced event selector. */ fieldSelectors: pulumi.Input[]>; /** * An optional descriptive name for the advanced event selector */ name?: pulumi.Input; } /** * A single selector statement in an advanced event selector. */ interface TelemetryRuleAdvancedFieldSelectorArgs { /** * An operator that includes events that match the last few characters of the event record field specified as the value of Field. */ endsWith?: pulumi.Input[]>; /** * An operator that includes events that match the exact value of the event record field specified as the value of Field. */ equals?: pulumi.Input[]>; /** * A field in a CloudTrail event record on which to filter events to be logged */ field?: pulumi.Input; /** * An operator that excludes events that match the last few characters of the event record field specified as the value of Field. */ notEndsWith?: pulumi.Input[]>; /** * An operator that excludes events that match the exact value of the event record field specified as the value of Field. */ notEquals?: pulumi.Input[]>; /** * An operator that excludes events that match the first few characters of the event record field specified as the value of Field. */ notStartsWith?: pulumi.Input[]>; /** * An operator that includes events that match the first few characters of the event record field specified as the value of Field. */ startsWith?: pulumi.Input[]>; } /** * Telemetry parameters for Cloudtrail */ interface TelemetryRuleCloudtrailParametersArgs { /** * Create fine-grained selectors for AWS CloudTrail management and data. */ advancedEventSelectors: pulumi.Input[]>; } /** * A condition for a filter. */ interface TelemetryRuleConditionArgs { actionCondition?: pulumi.Input; labelNameCondition?: pulumi.Input; } /** * Telemetry parameters for ELB/NLB Load Balancer Logs */ interface TelemetryRuleElbLoadBalancerLoggingParametersArgs { /** * A delimiter to delineate log fields */ fieldDelimiter?: pulumi.Input; /** * The format for ELB access log entries (plain text or JSON format). */ outputFormat?: pulumi.Input; } /** * The field that we want to match this rule to. */ interface TelemetryRuleFieldToMatchArgs { /** * The method with which to match this rule. */ method?: pulumi.Input; /** * The query string to find the resource to match this field to. */ queryString?: pulumi.Input; singleHeader?: pulumi.Input; /** * This is the URI path to match this rule to. */ uriPath?: pulumi.Input; } /** * A filter to be applied */ interface TelemetryRuleFilterArgs { behavior?: pulumi.Input; conditions?: pulumi.Input[]>; requirement?: pulumi.Input; } /** * The label name of the condition. */ interface TelemetryRuleLabelNameConditionArgs { /** * The label name of the condition. */ labelName?: pulumi.Input; } /** * Default handling for logs that don't match any of the specified filtering conditions. */ interface TelemetryRuleLoggingFilterArgs { /** * The default action (KEEP or DROP) for log records that don't match any filter conditions. */ defaultBehavior?: pulumi.Input; /** * A list of filter conditions that determine log record handling behavior. */ filters?: pulumi.Input[]>; } /** * Header for the field to match. */ interface TelemetryRuleSingleHeaderArgs { /** * The name of the header */ name: pulumi.Input; } /** * The destination configuration for telemetry data */ interface TelemetryRuleTelemetryDestinationConfigurationArgs { /** * Configuration parameters specific to AWS CloudTrail when CloudTrail is the source type. */ cloudtrailParameters?: pulumi.Input; /** * The pattern used to generate the destination path or name, supporting macros like and . */ destinationPattern?: pulumi.Input; /** * The type of destination for the telemetry data (e.g., "Amazon CloudWatch Logs", "S3"). */ destinationType?: pulumi.Input; /** * Configuration parameters specific to ELB load balancer logging when ELB is the resource type. */ elbLoadBalancerLoggingParameters?: pulumi.Input; /** * Parameters for BedrockAgentCore log delivery */ logDeliveryParameters?: pulumi.Input; /** * The number of days to retain the telemetry data in the destination. */ retentionInDays?: pulumi.Input; /** * Configuration parameters specific to VPC Flow Logs when VPC is the resource type. */ vpcFlowLogParameters?: pulumi.Input; /** * Configuration parameters specific to WAF logging when WAF is the resource type. */ wafLoggingParameters?: pulumi.Input; } /** * Parameters for BedrockAgentCore log delivery */ interface TelemetryRuleTelemetryDestinationConfigurationLogDeliveryParametersPropertiesArgs { /** * Types of logs to deliver for BedrockAgentCore resources */ logTypes?: pulumi.Input[]>; } /** * Telemetry parameters for VPC Flow logs */ interface TelemetryRuleVpcFlowLogParametersArgs { /** * The fields to include in the flow log record. If you omit this parameter, the flow log is created using the default format. */ logFormat?: pulumi.Input; /** * The maximum interval of time, in seconds, during which a flow of packets is captured and aggregated into a flow log record. Default is 600s. */ maxAggregationInterval?: pulumi.Input; /** * The type of traffic captured for the flow log. Default is ALL */ trafficType?: pulumi.Input; } /** * Telemetry parameters for WAF v2 Web ACL */ interface TelemetryRuleWafLoggingParametersArgs { /** * The type of WAF logs to collect (currently supports WAF_LOGS). */ logType?: pulumi.Input; /** * A filter configuration that determines which WAF log records to include or exclude. */ loggingFilter?: pulumi.Input; /** * Fields not to be included in the logs. */ redactedFields?: pulumi.Input[]>; } } export declare namespace odb { /** * An AWS Identity and Access Management (IAM) service role associated with the Autonomous VM cluster. */ interface CloudAutonomousVmClusterIamRoleArgs { /** * The AWS integration configuration settings for the AWS Identity and Access Management (IAM) service role. */ awsIntegration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role. */ iamRoleArn?: pulumi.Input; /** * The current status of the AWS Identity and Access Management (IAM) service role. */ status?: pulumi.Input; } /** * The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window. */ interface CloudAutonomousVmClusterMaintenanceWindowArgs { /** * The days of the week when maintenance can be performed. */ daysOfWeek?: pulumi.Input[]>; /** * The hours of the day when maintenance can be performed. */ hoursOfDay?: pulumi.Input[]>; /** * The lead time in weeks before the maintenance window. */ leadTimeInWeeks?: pulumi.Input; /** * The months when maintenance can be performed. */ months?: pulumi.Input[]>; /** * The preference for the maintenance window scheduling. */ preference?: pulumi.Input; /** * The weeks of the month when maintenance can be performed. */ weeksOfMonth?: pulumi.Input[]>; } /** * A contact to receive notification from Oracle about maintenance updates for a specific Exadata infrastructure. */ interface CloudExadataInfrastructureCustomerContactArgs { /** * The email address of the contact. */ email?: pulumi.Input; } /** * The scheduling details for the maintenance window. Patching and system updates take place during the maintenance window. */ interface CloudExadataInfrastructureMaintenanceWindowArgs { /** * The timeout duration for custom actions in minutes. */ customActionTimeoutInMins?: pulumi.Input; /** * The days of the week when maintenance can be performed. */ daysOfWeek?: pulumi.Input[]>; /** * The hours of the day when maintenance can be performed. */ hoursOfDay?: pulumi.Input[]>; /** * Indicates whether custom action timeout is enabled. */ isCustomActionTimeoutEnabled?: pulumi.Input; /** * The lead time in weeks before the maintenance window. */ leadTimeInWeeks?: pulumi.Input; /** * The months when maintenance can be performed. */ months?: pulumi.Input[]>; /** * The patching mode for the maintenance window. */ patchingMode?: pulumi.Input; /** * The preference for the maintenance window scheduling. */ preference?: pulumi.Input; /** * The weeks of the month when maintenance can be performed. */ weeksOfMonth?: pulumi.Input[]>; } /** * Information about the data collection options enabled for a VM cluster. */ interface CloudVmClusterDataCollectionOptionsArgs { /** * Indicates whether diagnostic collection is enabled for the VM cluster. */ isDiagnosticsEventsEnabled?: pulumi.Input; /** * Indicates whether health monitoring is enabled for the VM cluster. */ isHealthMonitoringEnabled?: pulumi.Input; /** * Indicates whether incident logs are enabled for the cloud VM cluster. */ isIncidentLogsEnabled?: pulumi.Input; } /** * A DbNode is a virtual machine that hosts Oracle database instances and provides access to shared storage servers within a VM Cluster */ interface CloudVmClusterDbNodeArgs { /** * The Oracle Cloud ID (OCID) of the backup IP address that's associated with the DB node. */ backupIpId?: pulumi.Input; /** * The OCID of the second backup virtual network interface card (VNIC) for the DB node. */ backupVnic2Id?: pulumi.Input; /** * The number of CPU cores enabled on the DB node. */ cpuCoreCount?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the DB node. */ dbNodeArn?: pulumi.Input; /** * The unique identifier of the DB node. */ dbNodeId?: pulumi.Input; /** * The amount of local node storage, in gigabytes (GB), that's allocated on the DB node. */ dbNodeStorageSizeInGbs?: pulumi.Input; /** * The unique identifier of the database server that's associated with the DB node. */ dbServerId: pulumi.Input; /** * The OCID of the DB system. */ dbSystemId?: pulumi.Input; /** * The OCID of the host IP address that's associated with the DB node. */ hostIpId?: pulumi.Input; /** * The host name for the DB node. */ hostname?: pulumi.Input; /** * The amount of memory, in gigabytes (GB), that allocated on the DB node. */ memorySizeInGbs?: pulumi.Input; /** * The OCID of the DB node. */ ocid?: pulumi.Input; /** * The current status of the DB node. */ status?: pulumi.Input; tags?: pulumi.Input[]>; /** * The OCID of the second VNIC. */ vnic2Id?: pulumi.Input; /** * The OCID of the VNIC. */ vnicId?: pulumi.Input; } /** * An AWS Identity and Access Management (IAM) service role associated with the VM cluster. */ interface CloudVmClusterIamRoleArgs { /** * The AWS integration configuration settings for the AWS Identity and Access Management (IAM) service role. */ awsIntegration?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the AWS Identity and Access Management (IAM) service role. */ iamRoleArn?: pulumi.Input; /** * The current status of the AWS Identity and Access Management (IAM) service role. */ status?: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface CloudVmClusterTagArgs { /** * The key name of the tag. You can specify a value that's 1 to 128 Unicode characters in length and can't be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., :, /, =, +, @, -, and ". */ key: pulumi.Input; /** * The value for the tag. You can specify a value that's 1 to 256 characters in length. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value?: pulumi.Input; } } export declare namespace omics { interface AnnotationStoreReferenceItemArgs { /** * The reference's ARN. */ referenceArn: pulumi.Input; } interface AnnotationStoreSseConfigArgs { /** * An encryption key ARN. */ keyArn?: pulumi.Input; /** * The encryption type. */ type: pulumi.Input; } interface AnnotationStoreStoreOptionsPropertiesArgs { tsvStoreOptions: pulumi.Input; } interface AnnotationStoreTsvStoreOptionsArgs { annotationType?: pulumi.Input; formatToHeader?: pulumi.Input<{ [key: string]: pulumi.Input; }>; schema?: pulumi.Input; }>[]>; } interface ConfigurationRunConfigurationsArgs { vpcConfig?: pulumi.Input; } interface ConfigurationVpcConfigArgs { securityGroupIds?: pulumi.Input[]>; subnetIds?: pulumi.Input[]>; } /** * Server-side encryption (SSE) settings for a store. */ interface ReferenceStoreSseConfigArgs { /** * An encryption key ARN. */ keyArn?: pulumi.Input; /** * The encryption type. */ type: pulumi.Input; } /** * Server-side encryption (SSE) settings for a store. */ interface SequenceStoreSseConfigArgs { /** * An encryption key ARN. */ keyArn?: pulumi.Input; /** * The encryption type. */ type: pulumi.Input; } interface VariantStoreReferenceItemArgs { /** * The reference's ARN. */ referenceArn: pulumi.Input; } interface VariantStoreSseConfigArgs { /** * An encryption key ARN. */ keyArn?: pulumi.Input; /** * The encryption type. */ type: pulumi.Input; } interface WorkflowContainerRegistryMapArgs { /** * Image mappings specify path mappings between the ECR private repository and their corresponding external repositories. */ imageMappings?: pulumi.Input[]>; /** * Mapping that provides the ECR repository path where upstream container images are pulled and synchronized. */ registryMappings?: pulumi.Input[]>; } interface WorkflowDefinitionRepositoryArgs { /** * The Amazon Resource Name (ARN) of the connection to the source code repository. */ connectionArn?: pulumi.Input; /** * A list of file patterns to exclude when retrieving the workflow definition from the repository. */ excludeFilePatterns?: pulumi.Input[]>; /** * The full repository identifier, including the repository owner and name. For example, 'repository-owner/repository-name'. */ fullRepositoryId?: pulumi.Input; /** * The source reference for the repository, such as a branch name, tag, or commit ID. */ sourceReference?: pulumi.Input; } interface WorkflowImageMappingArgs { /** * Specifies the URI of the corresponding image in the private ECR registry. */ destinationImage?: pulumi.Input; /** * Specifies the URI of the source image in the upstream registry. */ sourceImage?: pulumi.Input; } interface WorkflowParameterArgs { /** * The parameter's description. */ description?: pulumi.Input; /** * Whether the parameter is optional. */ optional?: pulumi.Input; } interface WorkflowRegistryMappingArgs { /** * Account ID of the account that owns the upstream container image. */ ecrAccountId?: pulumi.Input; /** * The repository prefix to use in the ECR private repository. */ ecrRepositoryPrefix?: pulumi.Input; /** * The URI of the upstream registry. */ upstreamRegistryUrl?: pulumi.Input; /** * The repository prefix of the corresponding repository in the upstream registry. */ upstreamRepositoryPrefix?: pulumi.Input; } interface WorkflowSourceReferenceArgs { /** * The type of source reference, such as branch, tag, or commit. */ type?: pulumi.Input; /** * The value of the source reference, such as the branch name, tag name, or commit ID. */ value?: pulumi.Input; } interface WorkflowVersionContainerRegistryMapArgs { /** * Image mappings specify path mappings between the ECR private repository and their corresponding external repositories. */ imageMappings?: pulumi.Input[]>; /** * Mapping that provides the ECR repository path where upstream container images are pulled and synchronized. */ registryMappings?: pulumi.Input[]>; } interface WorkflowVersionDefinitionRepositoryArgs { /** * The Amazon Resource Name (ARN) of the connection to the source code repository. */ connectionArn?: pulumi.Input; /** * A list of file patterns to exclude when retrieving the workflow definition from the repository. */ excludeFilePatterns?: pulumi.Input[]>; /** * The full repository identifier, including the repository owner and name. For example, 'repository-owner/repository-name'. */ fullRepositoryId?: pulumi.Input; /** * The source reference for the repository, such as a branch name, tag, or commit ID. */ sourceReference?: pulumi.Input; } interface WorkflowVersionImageMappingArgs { /** * Specifies the URI of the corresponding image in the private ECR registry. */ destinationImage?: pulumi.Input; /** * Specifies the URI of the source image in the upstream registry. */ sourceImage?: pulumi.Input; } interface WorkflowVersionRegistryMappingArgs { /** * Account ID of the account that owns the upstream container image. */ ecrAccountId?: pulumi.Input; /** * The repository prefix to use in the ECR private repository. */ ecrRepositoryPrefix?: pulumi.Input; /** * The URI of the upstream registry. */ upstreamRegistryUrl?: pulumi.Input; /** * The repository prefix of the corresponding repository in the upstream registry. */ upstreamRepositoryPrefix?: pulumi.Input; } interface WorkflowVersionSourceReferenceArgs { /** * The type of source reference, such as branch, tag, or commit. */ type?: pulumi.Input; /** * The value of the source reference, such as the branch name, tag name, or commit ID. */ value?: pulumi.Input; } interface WorkflowVersionWorkflowParameterArgs { /** * The parameter's description. */ description?: pulumi.Input; /** * Whether the parameter is optional. */ optional?: pulumi.Input; } } export declare namespace opensearchserverless { /** * Encryption settings for the collection */ interface CollectionEncryptionConfigArgs { /** * Indicates whether to use an AWS owned key for encryption. */ awsOwnedKey?: pulumi.Input; /** * Key Management Service key used to encrypt the collection. */ kmsKeyArn?: pulumi.Input; } interface CollectionGroupCapacityLimitsArgs { /** * The maximum indexing capacity for collections in the group. */ maxIndexingCapacityInOcu?: pulumi.Input; /** * The maximum search capacity for collections in the group. */ maxSearchCapacityInOcu?: pulumi.Input; /** * The minimum indexing capacity for collections in the group. */ minIndexingCapacityInOcu?: pulumi.Input; /** * The minimum search capacity for collections in the group. */ minSearchCapacityInOcu?: pulumi.Input; } /** * Vector search configuration options for the collection */ interface CollectionVectorOptionsArgs { serverlessVectorAcceleration?: pulumi.Input; } interface IndexPropertyMappingArgs { /** * Dimension size for vector fields, defines the number of dimensions in the vector */ dimension?: pulumi.Input; /** * Whether a field should be indexed */ index?: pulumi.Input; /** * Configuration for k-NN search method */ method?: pulumi.Input; /** * Nested fields within an object or nested field type */ properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The field data type. Must be a valid OpenSearch field type. */ type: pulumi.Input; /** * Default value for the field when not specified in a document */ value?: pulumi.Input; } /** * Configuration for k-NN search method */ interface IndexPropertyMappingMethodPropertiesArgs { /** * The k-NN search engine to use */ engine?: pulumi.Input; /** * The algorithm name for k-NN search */ name: pulumi.Input; /** * Additional parameters for the k-NN algorithm */ parameters?: pulumi.Input; /** * The distance function used for k-NN search */ spaceType?: pulumi.Input; } /** * Additional parameters for the k-NN algorithm */ interface IndexPropertyMappingMethodPropertiesParametersPropertiesArgs { /** * The size of the dynamic list used during k-NN graph creation */ efConstruction?: pulumi.Input; /** * Number of neighbors to consider during k-NN search */ m?: pulumi.Input; } interface IndexSettingsArgs { /** * Index settings. */ index?: pulumi.Input; } /** * Index settings. */ interface IndexSettingsIndexPropertiesArgs { /** * Enable/disable k-nearest neighbor search capability */ knn?: pulumi.Input; /** * Size of the dynamic list for the nearest neighbors */ knnAlgoParamEfSearch?: pulumi.Input; /** * How often to perform refresh operation (e.g. '1s', '5s') */ refreshInterval?: pulumi.Input; } /** * Index Mappings */ interface MappingsPropertiesArgs { /** * Defines the fields within the mapping, including their types and configurations */ properties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Describe IAM federation options in form of key value map */ interface SecurityConfigIamFederationConfigOptionsArgs { /** * Group attribute for this IAM federation integration */ groupAttribute?: pulumi.Input; /** * User attribute for this IAM federation integration */ userAttribute?: pulumi.Input; } /** * Describes IAM Identity Center options for an OpenSearch Serverless security configuration in the form of a key-value map */ interface SecurityConfigIamIdentityCenterConfigOptionsArgs { /** * The ARN of the IAM Identity Center application used to integrate with OpenSearch Serverless. */ applicationArn?: pulumi.Input; /** * The description of the IAM Identity Center application used to integrate with OpenSearch Serverless */ applicationDescription?: pulumi.Input; /** * The name of the IAM Identity Center application used to integrate with OpenSearch Serverless */ applicationName?: pulumi.Input; /** * The group attribute for this IAM Identity Center integration. Defaults to `GroupId` . */ groupAttribute?: pulumi.Input; /** * The ARN of the IAM Identity Center instance used to integrate with OpenSearch Serverless. */ instanceArn: pulumi.Input; /** * The user attribute for this IAM Identity Center integration. Defaults to `UserId` */ userAttribute?: pulumi.Input; } /** * Describes saml options in form of key value map */ interface SecurityConfigSamlConfigOptionsArgs { /** * Group attribute for this saml integration */ groupAttribute?: pulumi.Input; /** * The XML saml provider metadata document that you want to use */ metadata: pulumi.Input; /** * Custom entity id attribute to override default entity id for this saml integration */ openSearchServerlessEntityId?: pulumi.Input; /** * Defines the session timeout in minutes */ sessionTimeout?: pulumi.Input; /** * Custom attribute for this saml integration */ userAttribute?: pulumi.Input; } } export declare namespace opensearchservice { /** * A key-value pair of AppConfig */ interface ApplicationAppConfigArgs { /** * The configuration key */ key: pulumi.Input; /** * The configuration value. */ value: pulumi.Input; } /** * Datasource arn and description */ interface ApplicationDataSourceArgs { /** * The ARN of the data source. */ dataSourceArn: any; /** * Description of the data source. */ dataSourceDescription?: pulumi.Input; } interface DomainAdvancedSecurityOptionsInputArgs { /** * Date and time when the migration period will be disabled. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) . */ anonymousAuthDisableDate?: pulumi.Input; /** * True to enable a 30-day migration period during which administrators can create role mappings. Only necessary when [enabling fine-grained access control on an existing domain](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html#fgac-enabling-existing) . */ anonymousAuthEnabled?: pulumi.Input; /** * True to enable fine-grained access control. You must also enable encryption of data at rest and node-to-node encryption. See [Fine-grained access control in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/fgac.html) . */ enabled?: pulumi.Input; /** * Input configuration for IAM identity federation within advanced security options. */ iamFederationOptions?: pulumi.Input; /** * True to enable the internal user database. */ internalUserDatabaseEnabled?: pulumi.Input; /** * Container for information about the JWT configuration of the Amazon OpenSearch Service. */ jwtOptions?: pulumi.Input; /** * Specifies information about the master user. */ masterUserOptions?: pulumi.Input; /** * Container for information about the SAML configuration for OpenSearch Dashboards. */ samlOptions?: pulumi.Input; } interface DomainAimlOptionsArgs { s3VectorsEngine?: pulumi.Input; serverlessVectorAcceleration?: pulumi.Input; } interface DomainClusterConfigArgs { /** * Container for cold storage configuration options. */ coldStorageOptions?: pulumi.Input; /** * The number of instances to use for the master node. If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. */ dedicatedMasterCount?: pulumi.Input; /** * Indicates whether to use a dedicated master node for the OpenSearch Service domain. A dedicated master node is a cluster node that performs cluster management tasks, but doesn't hold data or respond to data upload requests. Dedicated master nodes offload cluster management tasks to increase the stability of your search clusters. See [Dedicated master nodes in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-dedicatedmasternodes.html) . */ dedicatedMasterEnabled?: pulumi.Input; /** * The hardware configuration of the computer that hosts the dedicated master node, such as `m3.medium.search` . If you specify this property, you must specify `true` for the `DedicatedMasterEnabled` property. For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) . */ dedicatedMasterType?: pulumi.Input; /** * The number of data nodes (instances) to use in the OpenSearch Service domain. */ instanceCount?: pulumi.Input; /** * The instance type for your data nodes, such as `m3.medium.search` . For valid values, see [Supported instance types in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/supported-instance-types.html) . */ instanceType?: pulumi.Input; /** * Indicates whether Multi-AZ with Standby deployment option is enabled. For more information, see [Multi-AZ with Standby](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html#managedomains-za-standby) . */ multiAzWithStandbyEnabled?: pulumi.Input; /** * List of node options for the domain. */ nodeOptions?: pulumi.Input[]>; /** * The number of warm nodes in the cluster. */ warmCount?: pulumi.Input; /** * Whether to enable UltraWarm storage for the cluster. See [UltraWarm storage for Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/ultrawarm.html) . */ warmEnabled?: pulumi.Input; /** * The instance type for the cluster's warm nodes. */ warmType?: pulumi.Input; /** * Specifies zone awareness configuration options. Only use if `ZoneAwarenessEnabled` is `true` . */ zoneAwarenessConfig?: pulumi.Input; /** * Indicates whether to enable zone awareness for the OpenSearch Service domain. When you enable zone awareness, OpenSearch Service allocates the nodes and replica index shards that belong to a cluster across two Availability Zones (AZs) in the same region to prevent data loss and minimize downtime in the event of node or data center failure. Don't enable zone awareness if your cluster has no replica index shards or is a single-node cluster. For more information, see [Configuring a multi-AZ domain in Amazon OpenSearch Service](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/managedomains-multiaz.html) . */ zoneAwarenessEnabled?: pulumi.Input; } interface DomainCognitoOptionsArgs { /** * Whether to enable or disable Amazon Cognito authentication for OpenSearch Dashboards. See [Amazon Cognito authentication for OpenSearch Dashboards](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/cognito-auth.html) . */ enabled?: pulumi.Input; /** * The Amazon Cognito identity pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. * * Required if you enabled Cognito Authentication for OpenSearch Dashboards. */ identityPoolId?: pulumi.Input; /** * The `AmazonOpenSearchServiceCognitoAccess` role that allows OpenSearch Service to configure your user pool and identity pool. * * Required if you enabled Cognito Authentication for OpenSearch Dashboards. */ roleArn?: pulumi.Input; /** * The Amazon Cognito user pool ID that you want OpenSearch Service to use for OpenSearch Dashboards authentication. * * Required if you enabled Cognito Authentication for OpenSearch Dashboards. */ userPoolId?: pulumi.Input; } interface DomainColdStorageOptionsArgs { /** * Whether to enable or disable cold storage on the domain. You must enable UltraWarm storage to enable cold storage. */ enabled?: pulumi.Input; } interface DomainDeploymentStrategyOptionsArgs { deploymentStrategy?: pulumi.Input; } interface DomainEbsOptionsArgs { /** * Specifies whether Amazon EBS volumes are attached to data nodes in the OpenSearch Service domain. */ ebsEnabled?: pulumi.Input; /** * The number of I/O operations per second (IOPS) that the volume supports. This property applies only to the `gp3` and provisioned IOPS EBS volume types. */ iops?: pulumi.Input; /** * The throughput (in MiB/s) of the EBS volumes attached to data nodes. Applies only to the `gp3` volume type. */ throughput?: pulumi.Input; /** * The size (in GiB) of the EBS volume for each data node. The minimum and maximum size of an EBS volume depends on the EBS volume type and the instance type to which it is attached. For more information, see [EBS volume size limits](https://docs.aws.amazon.com/opensearch-service/latest/developerguide/limits.html#ebsresource) in the *Amazon OpenSearch Service Developer Guide* . */ volumeSize?: pulumi.Input; /** * The EBS volume type to use with the OpenSearch Service domain. If you choose `gp3` , you must also specify values for `Iops` and `Throughput` . For more information about each type, see [Amazon EBS volume types](https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EBSVolumeTypes.html) in the *Amazon EC2 User Guide for Linux Instances* . */ volumeType?: pulumi.Input; } interface DomainEncryptionAtRestOptionsArgs { /** * Specify `true` to enable encryption at rest. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . * * If no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property. */ enabled?: pulumi.Input; /** * The KMS key ID. Takes the form `1a2a3a4-1a2a-3a4a-5a6a-1a2a3a4a5a6a` . Required if you enable encryption at rest. * * You can also use `keyAlias` as a value. * * If no encryption at rest options were initially specified in the template, updating this property by adding it causes no interruption. However, if you change this property after it's already been set within a template, the domain is deleted and recreated in order to modify the property. */ kmsKeyId?: pulumi.Input; } interface DomainEndpointOptionsArgs { /** * The fully qualified URL for your custom endpoint. Required if you enabled a custom endpoint for the domain. */ customEndpoint?: pulumi.Input; /** * The Certificate Manager ARN for your domain's SSL/TLS certificate. Required if you enabled a custom endpoint for the domain. */ customEndpointCertificateArn?: pulumi.Input; /** * True to enable a custom endpoint for the domain. If enabled, you must also provide values for `CustomEndpoint` and `CustomEndpointCertificateArn` . */ customEndpointEnabled?: pulumi.Input; /** * True to require that all traffic to the domain arrive over HTTPS. Required if you enable fine-grained access control in [AdvancedSecurityOptions](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . */ enforceHttps?: pulumi.Input; /** * The minimum TLS version required for traffic to the domain. The policy can be one of the following values: * * - *Policy-Min-TLS-1-0-2019-07:* TLS security policy that supports TLS version 1.0 to TLS version 1.2 * - *Policy-Min-TLS-1-2-2019-07:* TLS security policy that supports only TLS version 1.2 * - *Policy-Min-TLS-1-2-PFS-2023-10:* TLS security policy that supports TLS version 1.2 to TLS version 1.3 with perfect forward secrecy cipher suites */ tlsSecurityPolicy?: pulumi.Input; } interface DomainIamFederationOptionsArgs { enabled?: pulumi.Input; rolesKey?: pulumi.Input; subjectKey?: pulumi.Input; } /** * Options for configuring Identity Center */ interface DomainIdentityCenterOptionsArgs { /** * Whether Identity Center is enabled. */ enabledApiAccess?: pulumi.Input; /** * The ARN of the Identity Center application. */ identityCenterApplicationArn?: pulumi.Input; /** * The ARN of the Identity Center instance. */ identityCenterInstanceArn?: pulumi.Input; /** * The IdentityStoreId for Identity Center options. */ identityStoreId?: pulumi.Input; /** * The roles key for Identity Center options. */ rolesKey?: pulumi.Input; /** * The subject key for Identity Center options. */ subjectKey?: pulumi.Input; } interface DomainIdpArgs { /** * The unique entity ID of the application in the SAML identity provider. */ entityId: pulumi.Input; /** * The metadata of the SAML application, in XML format. */ metadataContent: pulumi.Input; } interface DomainJwtOptionsArgs { enabled?: pulumi.Input; publicKey?: pulumi.Input; rolesKey?: pulumi.Input; subjectKey?: pulumi.Input; } interface DomainLogPublishingOptionArgs { cloudWatchLogsLogGroupArn?: pulumi.Input; enabled?: pulumi.Input; } interface DomainMasterUserOptionsArgs { /** * Amazon Resource Name (ARN) for the master user. The ARN can point to an IAM user or role. This property is required for Amazon Cognito to work, and it must match the role configured for Cognito. Only specify if `InternalUserDatabaseEnabled` is false in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . */ masterUserArn?: pulumi.Input; /** * Username for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . * * If you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead. */ masterUserName?: pulumi.Input; /** * Password for the master user. Only specify if `InternalUserDatabaseEnabled` is true in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . * * If you don't want to specify this value directly within the template, you can use a [dynamic reference](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/dynamic-references.html) instead. */ masterUserPassword?: pulumi.Input; } interface DomainNodeConfigArgs { /** * The number of nodes of a specific type within the cluster. */ count?: pulumi.Input; /** * A boolean value indicating whether a specific node type is active or inactive. */ enabled?: pulumi.Input; /** * The instance type of a particular node within the cluster. */ type?: pulumi.Input; } interface DomainNodeOptionArgs { /** * Configuration options for defining the setup of any node type. */ nodeConfig?: pulumi.Input; /** * Defines the type of node, such as coordinating nodes. */ nodeType?: pulumi.Input; } interface DomainNodeToNodeEncryptionOptionsArgs { /** * Specifies to enable or disable node-to-node encryption on the domain. Required if you enable fine-grained access control in [AdvancedSecurityOptionsInput](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-advancedsecurityoptionsinput.html) . */ enabled?: pulumi.Input; } interface DomainOffPeakWindowArgs { /** * The desired start time for an off-peak maintenance window. */ windowStartTime?: pulumi.Input; } interface DomainOffPeakWindowOptionsArgs { /** * Specifies whether off-peak window settings are enabled for the domain. */ enabled?: pulumi.Input; /** * Off-peak window settings for the domain. */ offPeakWindow?: pulumi.Input; } interface DomainS3VectorsEngineArgs { /** * Whether to enable S3 vectors engine. */ enabled: pulumi.Input; } interface DomainSamlOptionsArgs { /** * True to enable SAML authentication for a domain. */ enabled?: pulumi.Input; /** * The SAML Identity Provider's information. */ idp?: pulumi.Input; /** * The backend role that the SAML master user is mapped to. */ masterBackendRole?: pulumi.Input; /** * The SAML master user name, which is stored in the domain's internal user database. */ masterUserName?: pulumi.Input; /** * Element of the SAML assertion to use for backend roles. Default is `roles` . */ rolesKey?: pulumi.Input; /** * The duration, in minutes, after which a user session becomes inactive. Acceptable values are between 1 and 1440, and the default value is 60. */ sessionTimeoutMinutes?: pulumi.Input; /** * Element of the SAML assertion to use for the user name. Default is `NameID` . */ subjectKey?: pulumi.Input; } interface DomainServerlessVectorAccelerationArgs { /** * Whether to enable serverless vector acceleration. */ enabled?: pulumi.Input; } interface DomainSnapshotOptionsArgs { /** * The hour in UTC during which the service takes an automated daily snapshot of the indexes in the OpenSearch Service domain. For example, if you specify 0, OpenSearch Service takes an automated snapshot everyday between midnight and 1 am. You can specify a value between 0 and 23. */ automatedSnapshotStartHour?: pulumi.Input; } interface DomainSoftwareUpdateOptionsArgs { /** * Specifies whether automatic service software updates are enabled for the domain. */ autoSoftwareUpdateEnabled?: pulumi.Input; } interface DomainVpcOptionsArgs { /** * The list of security group IDs that are associated with the VPC endpoints for the domain. If you don't provide a security group ID, OpenSearch Service uses the default security group for the VPC. To learn more, see [Security groups for your VPC](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_SecurityGroups.html) in the *Amazon VPC User Guide* . */ securityGroupIds?: pulumi.Input[]>; /** * Provide one subnet ID for each Availability Zone that your domain uses. For example, you must specify three subnet IDs for a three-AZ domain. To learn more, see [VPCs and subnets](https://docs.aws.amazon.com/vpc/latest/userguide/VPC_Subnets.html) in the *Amazon VPC User Guide* . * * If you specify more than one subnet, you must also configure `ZoneAwarenessEnabled` and `ZoneAwarenessConfig` within [ClusterConfig](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-opensearchservice-domain-clusterconfig.html) , otherwise you'll see the error "You must specify exactly one subnet" during template creation. */ subnetIds?: pulumi.Input[]>; } interface DomainWindowStartTimeArgs { /** * The start hour of the window in Coordinated Universal Time (UTC), using 24-hour time. For example, 17 refers to 5:00 P.M. UTC. The minimum value is 0 and the maximum value is 23. */ hours: pulumi.Input; /** * The start minute of the window, in UTC. The minimum value is 0 and the maximum value is 59. */ minutes: pulumi.Input; } interface DomainZoneAwarenessConfigArgs { /** * If you enabled multiple Availability Zones (AZs), the number of AZs that you want the domain to use. * * Valid values are `2` and `3` . Default is 2. */ availabilityZoneCount?: pulumi.Input; } /** * Options for configuring IAM Identity Center */ interface IamIdentityCenterOptionsPropertiesArgs { /** * Whether IAM Identity Center is enabled. */ enabled?: pulumi.Input; /** * The ARN of the IAM Identity Center instance. */ iamIdentityCenterInstanceArn?: any; /** * The ARN of the IAM role for Identity Center application. */ iamRoleForIdentityCenterApplicationArn?: pulumi.Input; } } export declare namespace opsworkscm { interface ServerEngineAttributeArgs { /** * The name of the engine attribute. * * *Attribute name for Chef Automate servers:* * * - `CHEF_AUTOMATE_ADMIN_PASSWORD` * * *Attribute names for Puppet Enterprise servers:* * * - `PUPPET_ADMIN_PASSWORD` * - `PUPPET_R10K_REMOTE` * - `PUPPET_R10K_PRIVATE_KEY` */ name?: pulumi.Input; /** * The value of the engine attribute. * * *Attribute value for Chef Automate servers:* * * - `CHEF_AUTOMATE_PIVOTAL_KEY` : A base64-encoded RSA public key. The corresponding private key is required to access the Chef API. You can generate this key by running the following [OpenSSL](https://docs.aws.amazon.com/https://www.openssl.org/) command on Linux-based computers. * * `openssl genrsa -out *pivotal_key_file_name* .pem 2048` * * On Windows-based computers, you can use the PuTTYgen utility to generate a base64-encoded RSA private key. For more information, see [PuTTYgen - Key Generator for PuTTY on Windows](https://docs.aws.amazon.com/https://www.ssh.com/ssh/putty/windows/puttygen) on SSH.com. * * *Attribute values for Puppet Enterprise servers:* * * - `PUPPET_ADMIN_PASSWORD` : An administrator password that you can use to sign in to the Puppet Enterprise console webpage after the server is online. The password must use between 8 and 32 ASCII characters. * - `PUPPET_R10K_REMOTE` : The r10k remote is the URL of your control repository (for example, ssh://git@your.git-repo.com:user/control-repo.git). Specifying an r10k remote opens TCP port 8170. * - `PUPPET_R10K_PRIVATE_KEY` : If you are using a private Git repository, add `PUPPET_R10K_PRIVATE_KEY` to specify a PEM-encoded private SSH key. */ value?: pulumi.Input; } } export declare namespace organizations { } export declare namespace osis { /** * Key-value pairs to configure buffering. */ interface PipelineBufferOptionsArgs { /** * Whether persistent buffering should be enabled. */ persistentBufferEnabled: pulumi.Input; } /** * Key-value pairs to configure encryption at rest. */ interface PipelineEncryptionAtRestOptionsArgs { /** * The KMS key to use for encrypting data. By default an AWS owned key is used */ kmsKeyArn: pulumi.Input; } /** * Key-value pairs to configure log publishing. */ interface PipelineLogPublishingOptionsArgs { /** * The destination for OpenSearch Ingestion Service logs sent to Amazon CloudWatch. */ cloudWatchLogDestination?: pulumi.Input; /** * Whether logs should be published. */ isLoggingEnabled?: pulumi.Input; } /** * The destination for OpenSearch Ingestion Service logs sent to Amazon CloudWatch. */ interface PipelineLogPublishingOptionsCloudWatchLogDestinationPropertiesArgs { logGroup: pulumi.Input; } interface PipelineResourcePolicyArgs { policy: any; } /** * Container for the values required to configure VPC access for the pipeline. If you don't specify these values, OpenSearch Ingestion Service creates the pipeline with a public endpoint. */ interface PipelineVpcOptionsArgs { /** * A list of security groups associated with the VPC endpoint. */ securityGroupIds?: pulumi.Input[]>; /** * A list of subnet IDs associated with the VPC endpoint. */ subnetIds: pulumi.Input[]>; /** * Options for attaching a VPC to the pipeline. */ vpcAttachmentOptions?: pulumi.Input; /** * Defines whether you or Amazon OpenSearch Ingestion service create and manage the VPC endpoint configured for the pipeline. */ vpcEndpointManagement?: pulumi.Input; } /** * Options for attaching a VPC to the pipeline. */ interface PipelineVpcOptionsVpcAttachmentOptionsPropertiesArgs { /** * Whether the pipeline should be attached to the provided VPC */ attachToVpc: pulumi.Input; /** * The CIDR block to be reserved for OpenSearch Ingestion to create elastic network interfaces (ENIs). */ cidrBlock: pulumi.Input; } } export declare namespace panorama { /** * Parameter overrides for an application instance. This is a JSON document that has a single key (``PayloadData``) where the value is an escaped string representation of the overrides document. */ interface ApplicationInstanceManifestOverridesPayloadArgs { /** * The overrides document. */ payloadData?: pulumi.Input; } /** * A application verion's manifest file. This is a JSON document that has a single key (``PayloadData``) where the value is an escaped string representation of the application manifest (``graph.json``). This file is located in the ``graphs`` folder in your application source. */ interface ApplicationInstanceManifestPayloadArgs { /** * The application manifest. */ payloadData?: pulumi.Input; } /** * A storage location. */ interface PackageStorageLocationArgs { /** * The location's binary prefix. */ binaryPrefixLocation?: pulumi.Input; /** * The location's bucket. */ bucket?: pulumi.Input; /** * The location's generated prefix. */ generatedPrefixLocation?: pulumi.Input; /** * The location's manifest prefix. */ manifestPrefixLocation?: pulumi.Input; /** * The location's repo prefix. */ repoPrefixLocation?: pulumi.Input; } } export declare namespace paymentcryptography { interface KeyAttributesArgs { /** * The key algorithm to be use during creation of an AWS Payment Cryptography key. * * For symmetric keys, AWS Payment Cryptography supports `AES` and `TDES` algorithms. For asymmetric keys, AWS Payment Cryptography supports `RSA` and `ECC_NIST` algorithms. */ keyAlgorithm: pulumi.Input; /** * The type of AWS Payment Cryptography key to create, which determines the classification of the cryptographic method and whether AWS Payment Cryptography key contains a symmetric key or an asymmetric key pair. */ keyClass: pulumi.Input; /** * The list of cryptographic operations that you can perform using the key. */ keyModesOfUse: pulumi.Input; /** * The cryptographic usage of an AWS Payment Cryptography key as defined in section A.5.2 of the TR-31 spec. */ keyUsage: pulumi.Input; } interface KeyModesOfUseArgs { /** * Specifies whether an AWS Payment Cryptography key can be used to decrypt data. */ decrypt?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used to derive new keys. */ deriveKey?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used to encrypt data. */ encrypt?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used to generate and verify other card and PIN verification keys. */ generate?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key has no special restrictions other than the restrictions implied by `KeyUsage` . */ noRestrictions?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used for signing. */ sign?: pulumi.Input; unwrap?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used to verify signatures. */ verify?: pulumi.Input; /** * Specifies whether an AWS Payment Cryptography key can be used to wrap other keys. */ wrap?: pulumi.Input; } } export declare namespace pcaconnectorad { interface ConnectorVpcInformationArgs { /** * The VPC IP address type. */ ipAddressType?: pulumi.Input; /** * The security groups used with the connector. You can use a maximum of 4 security groups with a connector. */ securityGroupIds: pulumi.Input[]>; } interface TemplateApplicationPoliciesArgs { critical?: pulumi.Input; policies: pulumi.Input[]>; } interface TemplateApplicationPolicy0PropertiesArgs { policyType: pulumi.Input; } interface TemplateApplicationPolicy1PropertiesArgs { policyObjectIdentifier: pulumi.Input; } interface TemplateCertificateValidityArgs { renewalPeriod: pulumi.Input; validityPeriod: pulumi.Input; } interface TemplateDefinition0PropertiesArgs { templateV2: pulumi.Input; } interface TemplateDefinition1PropertiesArgs { templateV3: pulumi.Input; } interface TemplateDefinition2PropertiesArgs { templateV4: pulumi.Input; } interface TemplateEnrollmentFlagsV2Args { enableKeyReuseOnNtTokenKeysetStorageFull?: pulumi.Input; includeSymmetricAlgorithms?: pulumi.Input; noSecurityExtension?: pulumi.Input; removeInvalidCertificateFromPersonalStore?: pulumi.Input; userInteractionRequired?: pulumi.Input; } interface TemplateEnrollmentFlagsV3Args { enableKeyReuseOnNtTokenKeysetStorageFull?: pulumi.Input; includeSymmetricAlgorithms?: pulumi.Input; noSecurityExtension?: pulumi.Input; removeInvalidCertificateFromPersonalStore?: pulumi.Input; userInteractionRequired?: pulumi.Input; } interface TemplateEnrollmentFlagsV4Args { enableKeyReuseOnNtTokenKeysetStorageFull?: pulumi.Input; includeSymmetricAlgorithms?: pulumi.Input; noSecurityExtension?: pulumi.Input; removeInvalidCertificateFromPersonalStore?: pulumi.Input; userInteractionRequired?: pulumi.Input; } interface TemplateExtensionsV2Args { applicationPolicies?: pulumi.Input; keyUsage: pulumi.Input; } interface TemplateExtensionsV3Args { applicationPolicies?: pulumi.Input; keyUsage: pulumi.Input; } interface TemplateExtensionsV4Args { applicationPolicies?: pulumi.Input; keyUsage: pulumi.Input; } interface TemplateGeneralFlagsV2Args { autoEnrollment?: pulumi.Input; machineType?: pulumi.Input; } interface TemplateGeneralFlagsV3Args { autoEnrollment?: pulumi.Input; machineType?: pulumi.Input; } interface TemplateGeneralFlagsV4Args { autoEnrollment?: pulumi.Input; machineType?: pulumi.Input; } interface TemplateGroupAccessControlEntryAccessRightsArgs { /** * Allow or deny an Active Directory group from autoenrolling certificates issued against a template. The Active Directory group must be allowed to enroll to allow autoenrollment */ autoEnroll?: pulumi.Input; /** * Allow or deny an Active Directory group from enrolling certificates issued against a template. */ enroll?: pulumi.Input; } interface TemplateKeyUsageArgs { critical?: pulumi.Input; usageFlags: pulumi.Input; } interface TemplateKeyUsageFlagsArgs { dataEncipherment?: pulumi.Input; digitalSignature?: pulumi.Input; keyAgreement?: pulumi.Input; keyEncipherment?: pulumi.Input; nonRepudiation?: pulumi.Input; } interface TemplateKeyUsageProperty0PropertiesArgs { propertyType: pulumi.Input; } interface TemplateKeyUsageProperty1PropertiesArgs { propertyFlags: pulumi.Input; } interface TemplateKeyUsagePropertyFlagsArgs { decrypt?: pulumi.Input; keyAgreement?: pulumi.Input; sign?: pulumi.Input; } interface TemplatePrivateKeyAttributesV2Args { cryptoProviders?: pulumi.Input[]>; keySpec: pulumi.Input; minimalKeyLength: pulumi.Input; } interface TemplatePrivateKeyAttributesV3Args { algorithm: pulumi.Input; cryptoProviders?: pulumi.Input[]>; keySpec: pulumi.Input; keyUsageProperty: pulumi.Input; minimalKeyLength: pulumi.Input; } interface TemplatePrivateKeyAttributesV4Args { algorithm?: pulumi.Input; cryptoProviders?: pulumi.Input[]>; keySpec: pulumi.Input; keyUsageProperty?: pulumi.Input; minimalKeyLength: pulumi.Input; } interface TemplatePrivateKeyFlagsV2Args { clientVersion: pulumi.Input; exportableKey?: pulumi.Input; strongKeyProtectionRequired?: pulumi.Input; } interface TemplatePrivateKeyFlagsV3Args { clientVersion: pulumi.Input; exportableKey?: pulumi.Input; requireAlternateSignatureAlgorithm?: pulumi.Input; strongKeyProtectionRequired?: pulumi.Input; } interface TemplatePrivateKeyFlagsV4Args { clientVersion: pulumi.Input; exportableKey?: pulumi.Input; requireAlternateSignatureAlgorithm?: pulumi.Input; requireSameKeyRenewal?: pulumi.Input; strongKeyProtectionRequired?: pulumi.Input; useLegacyProvider?: pulumi.Input; } interface TemplateSubjectNameFlagsV2Args { requireCommonName?: pulumi.Input; requireDirectoryPath?: pulumi.Input; requireDnsAsCn?: pulumi.Input; requireEmail?: pulumi.Input; sanRequireDirectoryGuid?: pulumi.Input; sanRequireDns?: pulumi.Input; sanRequireDomainDns?: pulumi.Input; sanRequireEmail?: pulumi.Input; sanRequireSpn?: pulumi.Input; sanRequireUpn?: pulumi.Input; } interface TemplateSubjectNameFlagsV3Args { requireCommonName?: pulumi.Input; requireDirectoryPath?: pulumi.Input; requireDnsAsCn?: pulumi.Input; requireEmail?: pulumi.Input; sanRequireDirectoryGuid?: pulumi.Input; sanRequireDns?: pulumi.Input; sanRequireDomainDns?: pulumi.Input; sanRequireEmail?: pulumi.Input; sanRequireSpn?: pulumi.Input; sanRequireUpn?: pulumi.Input; } interface TemplateSubjectNameFlagsV4Args { requireCommonName?: pulumi.Input; requireDirectoryPath?: pulumi.Input; requireDnsAsCn?: pulumi.Input; requireEmail?: pulumi.Input; sanRequireDirectoryGuid?: pulumi.Input; sanRequireDns?: pulumi.Input; sanRequireDomainDns?: pulumi.Input; sanRequireEmail?: pulumi.Input; sanRequireSpn?: pulumi.Input; sanRequireUpn?: pulumi.Input; } interface TemplateV2Args { certificateValidity: pulumi.Input; enrollmentFlags: pulumi.Input; extensions: pulumi.Input; generalFlags: pulumi.Input; privateKeyAttributes: pulumi.Input; privateKeyFlags: pulumi.Input; subjectNameFlags: pulumi.Input; supersededTemplates?: pulumi.Input[]>; } interface TemplateV3Args { certificateValidity: pulumi.Input; enrollmentFlags: pulumi.Input; extensions: pulumi.Input; generalFlags: pulumi.Input; hashAlgorithm: pulumi.Input; privateKeyAttributes: pulumi.Input; privateKeyFlags: pulumi.Input; subjectNameFlags: pulumi.Input; supersededTemplates?: pulumi.Input[]>; } interface TemplateV4Args { certificateValidity: pulumi.Input; enrollmentFlags: pulumi.Input; extensions: pulumi.Input; generalFlags: pulumi.Input; hashAlgorithm?: pulumi.Input; privateKeyAttributes: pulumi.Input; privateKeyFlags: pulumi.Input; subjectNameFlags: pulumi.Input; supersededTemplates?: pulumi.Input[]>; } interface TemplateValidityPeriodArgs { period: pulumi.Input; periodType: pulumi.Input; } } export declare namespace pcaconnectorscep { interface ConnectorMobileDeviceManagementArgs { } } export declare namespace pcs { /** * An EC2 instance configuration AWS PCS uses to launch compute nodes. */ interface ComputeNodeGroupInstanceConfigArgs { /** * The EC2 instance type that AWS PCS can provision in the compute node group. */ instanceType?: pulumi.Input; } /** * An Amazon EC2 launch template AWS PCS uses to launch compute nodes. */ interface CustomLaunchTemplatePropertiesArgs { /** * The ID of the EC2 launch template to use to provision instances. */ templateId?: pulumi.Input; /** * The version of the EC2 launch template to use to provision instances. */ version: pulumi.Input; } /** * The networking configuration for the cluster's control plane. */ interface NetworkingPropertiesArgs { /** * The IP of the cluster (IPV4 or IPV6) */ networkType?: pulumi.Input; /** * The list of security group IDs associated with the Elastic Network Interface (ENI) created in subnets. */ securityGroupIds?: pulumi.Input[]>; /** * The list of subnet IDs where AWS PCS creates an Elastic Network Interface (ENI) to enable communication between managed controllers and AWS PCS resources. The subnet must have an available IP address, cannot reside in AWS Outposts, AWS Wavelength, or an AWS Local Zone. AWS PCS currently supports only 1 subnet in this list. */ subnetIds?: pulumi.Input[]>; } /** * The compute node group configuration for a queue. */ interface QueueComputeNodeGroupConfigurationArgs { /** * The compute node group ID for the compute node group configuration. */ computeNodeGroupId?: pulumi.Input; } /** * Additional settings that directly map to Slurm settings. */ interface QueueSlurmCustomSettingArgs { /** * AWS PCS supports configuration of the Slurm parameters for queues:. */ parameterName: pulumi.Input; /** * The value for the configured Slurm setting. */ parameterValue: pulumi.Input; } /** * Specifies the boundaries of the compute node group auto scaling. */ interface ScalingConfigurationPropertiesArgs { /** * The upper bound of the number of instances allowed in the compute fleet. */ maxInstanceCount: pulumi.Input; /** * The lower bound of the number of instances allowed in the compute fleet. */ minInstanceCount: pulumi.Input; } /** * The cluster management and job scheduling software associated with the cluster. */ interface SchedulerPropertiesArgs { /** * The software AWS PCS uses to manage cluster scaling and job scheduling. */ type: pulumi.Input; /** * The version of the specified scheduling software that AWS PCS uses to manage cluster scaling and job scheduling. */ version: pulumi.Input; } /** * The Slurm configuration for the queue. */ interface SlurmConfigurationPropertiesArgs { /** * Custom Slurm parameters that directly map to Slurm configuration settings. */ slurmCustomSettings?: pulumi.Input[]>; } /** * Additional configuration when you specify SPOT as the purchase option. */ interface SpotOptionsPropertiesArgs { /** * The Amazon EC2 allocation strategy AWS PCS uses to provision EC2 instances. AWS PCS supports lowest price, capacity optimized, and price capacity optimized. If you don't provide this option, it defaults to price capacity optimized. */ allocationStrategy?: pulumi.Input; } } export declare namespace personalize { /** * Initial DatasetImportJob for the created dataset */ interface DatasetImportJobArgs { /** * The Amazon S3 bucket that contains the training data to import. */ dataSource?: pulumi.Input; /** * The ARN of the dataset that receives the imported data */ datasetArn?: pulumi.Input; /** * The ARN of the dataset import job */ datasetImportJobArn?: pulumi.Input; /** * The name for the dataset import job. */ jobName?: pulumi.Input; /** * The ARN of the IAM role that has permissions to read from the Amazon S3 data source. */ roleArn?: pulumi.Input; } /** * The Amazon S3 bucket that contains the training data to import. */ interface DatasetImportJobDataSourcePropertiesArgs { /** * The path to the Amazon S3 bucket where the data that you want to upload to your dataset is stored. */ dataLocation?: pulumi.Input; } /** * Provides the name and values of a Categorical hyperparameter. */ interface SolutionCategoricalHyperParameterRangeArgs { /** * The name of the hyperparameter. */ name?: pulumi.Input; /** * A list of the categories for the hyperparameter. */ values?: pulumi.Input[]>; } /** * The configuration to use with the solution. When performAutoML is set to true, Amazon Personalize only evaluates the autoMLConfig section of the solution configuration. */ interface SolutionConfigArgs { /** * Lists the hyperparameter names and ranges. */ algorithmHyperParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The AutoMLConfig object containing a list of recipes to search when AutoML is performed. */ autoMlConfig?: pulumi.Input; /** * Only events with a value greater than or equal to this threshold are used for training a model. */ eventValueThreshold?: pulumi.Input; /** * Lists the feature transformation parameters. */ featureTransformationParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Describes the properties for hyperparameter optimization (HPO) */ hpoConfig?: pulumi.Input; } /** * The AutoMLConfig object containing a list of recipes to search when AutoML is performed. */ interface SolutionConfigAutoMlConfigPropertiesArgs { /** * The metric to optimize. */ metricName?: pulumi.Input; /** * The list of candidate recipes. */ recipeList?: pulumi.Input[]>; } /** * Describes the properties for hyperparameter optimization (HPO) */ interface SolutionConfigHpoConfigPropertiesArgs { /** * The hyperparameters and their allowable ranges */ algorithmHyperParameterRanges?: pulumi.Input; /** * The metric to optimize during HPO. */ hpoObjective?: pulumi.Input; /** * Describes the resource configuration for hyperparameter optimization (HPO). */ hpoResourceConfig?: pulumi.Input; } /** * The hyperparameters and their allowable ranges */ interface SolutionConfigHpoConfigPropertiesAlgorithmHyperParameterRangesPropertiesArgs { /** * The categorical hyperparameters and their ranges. */ categoricalHyperParameterRanges?: pulumi.Input[]>; /** * The continuous hyperparameters and their ranges. */ continuousHyperParameterRanges?: pulumi.Input[]>; /** * The integer hyperparameters and their ranges. */ integerHyperParameterRanges?: pulumi.Input[]>; } /** * The metric to optimize during HPO. */ interface SolutionConfigHpoConfigPropertiesHpoObjectivePropertiesArgs { /** * The name of the metric */ metricName?: pulumi.Input; /** * A regular expression for finding the metric in the training job logs. */ metricRegex?: pulumi.Input; /** * The type of the metric. Valid values are Maximize and Minimize. */ type?: pulumi.Input; } /** * Describes the resource configuration for hyperparameter optimization (HPO). */ interface SolutionConfigHpoConfigPropertiesHpoResourceConfigPropertiesArgs { /** * The maximum number of training jobs when you create a solution version. The maximum value for maxNumberOfTrainingJobs is 40. */ maxNumberOfTrainingJobs?: pulumi.Input; /** * The maximum number of parallel training jobs when you create a solution version. The maximum value for maxParallelTrainingJobs is 10. */ maxParallelTrainingJobs?: pulumi.Input; } /** * Provides the name and range of a continuous hyperparameter. */ interface SolutionContinuousHyperParameterRangeArgs { /** * The maximum allowable value for the hyperparameter. */ maxValue?: pulumi.Input; /** * The minimum allowable value for the hyperparameter. */ minValue?: pulumi.Input; /** * The name of the hyperparameter. */ name?: pulumi.Input; } /** * Provides the name and range of an integer-valued hyperparameter. */ interface SolutionIntegerHyperParameterRangeArgs { /** * The maximum allowable value for the hyperparameter. */ maxValue?: pulumi.Input; /** * The minimum allowable value for the hyperparameter. */ minValue?: pulumi.Input; /** * The name of the hyperparameter. */ name?: pulumi.Input; } } export declare namespace pinpoint { interface InAppTemplateBodyConfigArgs { /** * The text alignment of the main body text of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` . */ alignment?: pulumi.Input; /** * The main body text of the message. */ body?: pulumi.Input; /** * The color of the body text, expressed as a hex color code (such as #000000 for black). */ textColor?: pulumi.Input; } interface InAppTemplateButtonConfigArgs { /** * Optional button configuration to use for in-app messages sent to Android devices. This button configuration overrides the default button configuration. */ android?: pulumi.Input; /** * Specifies the default behavior of a button that appears in an in-app message. You can optionally add button configurations that specifically apply to iOS, Android, or web browser users. */ defaultConfig?: pulumi.Input; /** * Optional button configuration to use for in-app messages sent to iOS devices. This button configuration overrides the default button configuration. */ ios?: pulumi.Input; /** * Optional button configuration to use for in-app messages sent to web applications. This button configuration overrides the default button configuration. */ web?: pulumi.Input; } interface InAppTemplateDefaultButtonConfigurationArgs { /** * The background color of a button, expressed as a hex color code (such as #000000 for black). */ backgroundColor?: pulumi.Input; /** * The border radius of a button. */ borderRadius?: pulumi.Input; /** * The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following: * * - `LINK` – A link to a web destination. * - `DEEP_LINK` – A link to a specific page in an application. * - `CLOSE` – Dismisses the message. */ buttonAction?: pulumi.Input; /** * The destination (such as a URL) for a button. */ link?: pulumi.Input; /** * The text that appears on a button in an in-app message. */ text?: pulumi.Input; /** * The color of the body text in a button, expressed as a hex color code (such as #000000 for black). */ textColor?: pulumi.Input; } interface InAppTemplateHeaderConfigArgs { /** * The text alignment of the title of the message. Acceptable values: `LEFT` , `CENTER` , `RIGHT` . */ alignment?: pulumi.Input; /** * The title text of the in-app message. */ header?: pulumi.Input; /** * The color of the title text, expressed as a hex color code (such as #000000 for black). */ textColor?: pulumi.Input; } interface InAppTemplateInAppMessageContentArgs { /** * The background color for an in-app message banner, expressed as a hex color code (such as #000000 for black). */ backgroundColor?: pulumi.Input; /** * An object that contains configuration information about the header or title text of the in-app message. */ bodyConfig?: pulumi.Input; /** * An object that contains configuration information about the header or title text of the in-app message. */ headerConfig?: pulumi.Input; /** * The URL of the image that appears on an in-app message banner. */ imageUrl?: pulumi.Input; /** * An object that contains configuration information about the primary button in an in-app message. */ primaryBtn?: pulumi.Input; /** * An object that contains configuration information about the secondary button in an in-app message. */ secondaryBtn?: pulumi.Input; } interface InAppTemplateOverrideButtonConfigurationArgs { /** * The action that occurs when a recipient chooses a button in an in-app message. You can specify one of the following: * * - `LINK` – A link to a web destination. * - `DEEP_LINK` – A link to a specific page in an application. * - `CLOSE` – Dismisses the message. */ buttonAction?: pulumi.Input; /** * The destination (such as a URL) for a button. */ link?: pulumi.Input; } } export declare namespace pipes { interface PipeAwsVpcConfigurationArgs { /** * Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` . */ assignPublicIp?: pulumi.Input; /** * Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets. */ subnets: pulumi.Input[]>; } interface PipeBatchArrayPropertiesArgs { /** * The size of the array, if this is an array batch job. */ size?: pulumi.Input; } interface PipeBatchContainerOverridesArgs { /** * The command to send to the container that overrides the default command from the Docker image or the task definition. */ command?: pulumi.Input[]>; /** * The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. * * > Environment variables cannot start with " `AWS Batch` ". This naming convention is reserved for variables that AWS Batch sets. */ environment?: pulumi.Input[]>; /** * The instance type to use for a multi-node parallel job. * * > This parameter isn't applicable to single-node container jobs or jobs that run on Fargate resources, and shouldn't be provided. */ instanceType?: pulumi.Input; /** * The type and amount of resources to assign to a container. This overrides the settings in the job definition. The supported resources include `GPU` , `MEMORY` , and `VCPU` . */ resourceRequirements?: pulumi.Input[]>; } interface PipeBatchEnvironmentVariableArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ name?: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value?: pulumi.Input; } interface PipeBatchJobDependencyArgs { /** * The job ID of the AWS Batch job that's associated with this dependency. */ jobId?: pulumi.Input; /** * The type of the job dependency. */ type?: pulumi.Input; } interface PipeBatchResourceRequirementArgs { /** * The type of resource to assign to a container. The supported resources include `GPU` , `MEMORY` , and `VCPU` . */ type: pulumi.Input; /** * The quantity of the specified resource to reserve for the container. The values vary based on the `type` specified. * * - **type="GPU"** - The number of physical GPUs to reserve for the container. Make sure that the number of GPUs reserved for all containers in a job doesn't exceed the number of available GPUs on the compute resource that the job is launched on. * * > GPUs aren't available for jobs that are running on Fargate resources. * - **type="MEMORY"** - The memory hard limit (in MiB) present to the container. This parameter is supported for jobs that are running on EC2 resources. If your container attempts to exceed the memory specified, the container is terminated. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . You must specify at least 4 MiB of memory for a job. This is required but can be specified in several places for multi-node parallel (MNP) jobs. It must be specified for each node at least once. This parameter maps to `Memory` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--memory` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . * * > If you're trying to maximize your resource utilization by providing your jobs as much memory as possible for a particular instance type, see [Memory management](https://docs.aws.amazon.com/batch/latest/userguide/memory-management.html) in the *AWS Batch User Guide* . * * For jobs that are running on Fargate resources, then `value` is the hard limit (in MiB), and must match one of the supported values and the `VCPU` values must be one of the values supported for that memory value. * * - **value = 512** - `VCPU` = 0.25 * - **value = 1024** - `VCPU` = 0.25 or 0.5 * - **value = 2048** - `VCPU` = 0.25, 0.5, or 1 * - **value = 3072** - `VCPU` = 0.5, or 1 * - **value = 4096** - `VCPU` = 0.5, 1, or 2 * - **value = 5120, 6144, or 7168** - `VCPU` = 1 or 2 * - **value = 8192** - `VCPU` = 1, 2, 4, or 8 * - **value = 9216, 10240, 11264, 12288, 13312, 14336, or 15360** - `VCPU` = 2 or 4 * - **value = 16384** - `VCPU` = 2, 4, or 8 * - **value = 17408, 18432, 19456, 21504, 22528, 23552, 25600, 26624, 27648, 29696, or 30720** - `VCPU` = 4 * - **value = 20480, 24576, or 28672** - `VCPU` = 4 or 8 * - **value = 36864, 45056, 53248, or 61440** - `VCPU` = 8 * - **value = 32768, 40960, 49152, or 57344** - `VCPU` = 8 or 16 * - **value = 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880** - `VCPU` = 16 * - **type="VCPU"** - The number of vCPUs reserved for the container. This parameter maps to `CpuShares` in the [Create a container](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/#create-a-container) section of the [Docker Remote API](https://docs.aws.amazon.com/https://docs.docker.com/engine/api/v1.23/) and the `--cpu-shares` option to [docker run](https://docs.aws.amazon.com/https://docs.docker.com/engine/reference/run/) . Each vCPU is equivalent to 1,024 CPU shares. For EC2 resources, you must specify at least one vCPU. This is required but can be specified in several places; it must be specified for each node at least once. * * The default for the Fargate On-Demand vCPU resource count quota is 6 vCPUs. For more information about Fargate quotas, see [AWS Fargate quotas](https://docs.aws.amazon.com/general/latest/gr/ecs-service.html#service-quotas-fargate) in the *AWS General Reference* . * * For jobs that are running on Fargate resources, then `value` must match one of the supported values and the `MEMORY` values must be one of the values supported for that `VCPU` value. The supported values are 0.25, 0.5, 1, 2, 4, 8, and 16 * * - **value = 0.25** - `MEMORY` = 512, 1024, or 2048 * - **value = 0.5** - `MEMORY` = 1024, 2048, 3072, or 4096 * - **value = 1** - `MEMORY` = 2048, 3072, 4096, 5120, 6144, 7168, or 8192 * - **value = 2** - `MEMORY` = 4096, 5120, 6144, 7168, 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, or 16384 * - **value = 4** - `MEMORY` = 8192, 9216, 10240, 11264, 12288, 13312, 14336, 15360, 16384, 17408, 18432, 19456, 20480, 21504, 22528, 23552, 24576, 25600, 26624, 27648, 28672, 29696, or 30720 * - **value = 8** - `MEMORY` = 16384, 20480, 24576, 28672, 32768, 36864, 40960, 45056, 49152, 53248, 57344, or 61440 * - **value = 16** - `MEMORY` = 32768, 40960, 49152, 57344, 65536, 73728, 81920, 90112, 98304, 106496, 114688, or 122880 */ value: pulumi.Input; } interface PipeBatchRetryStrategyArgs { /** * The number of times to move a job to the `RUNNABLE` status. If the value of `attempts` is greater than one, the job is retried on failure the same number of attempts as the value. */ attempts?: pulumi.Input; } interface PipeCapacityProviderStrategyItemArgs { /** * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used. */ base?: pulumi.Input; /** * The short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. */ weight?: pulumi.Input; } interface PipeCloudwatchLogsLogDestinationArgs { /** * The AWS Resource Name (ARN) for the CloudWatch log group to which EventBridge sends the log records. */ logGroupArn?: pulumi.Input; } interface PipeDeadLetterConfigArgs { /** * The ARN of the specified target for the dead-letter queue. * * For Amazon Kinesis stream and Amazon DynamoDB stream sources, specify either an Amazon SNS topic or Amazon SQS queue ARN. */ arn?: pulumi.Input; } interface PipeDimensionMappingArgs { /** * The metadata attributes of the time series. For example, the name and Availability Zone of an Amazon EC2 instance or the name of the manufacturer of a wind turbine are dimensions. */ dimensionName: pulumi.Input; /** * Dynamic path to the dimension value in the source event. */ dimensionValue: pulumi.Input; /** * The data type of the dimension for the time-series data. */ dimensionValueType: pulumi.Input; } interface PipeEcsContainerOverrideArgs { /** * The command to send to the container that overrides the default command from the Docker image or the task definition. You must also specify a container name. */ command?: pulumi.Input[]>; /** * The number of `cpu` units reserved for the container, instead of the default value from the task definition. You must also specify a container name. */ cpu?: pulumi.Input; /** * The environment variables to send to the container. You can add new environment variables, which are added to the container at launch, or you can override the existing environment variables from the Docker image or the task definition. You must also specify a container name. */ environment?: pulumi.Input[]>; /** * A list of files containing the environment variables to pass to a container, instead of the value from the container definition. */ environmentFiles?: pulumi.Input[]>; /** * The hard limit (in MiB) of memory to present to the container, instead of the default value from the task definition. If your container attempts to exceed the memory specified here, the container is killed. You must also specify a container name. */ memory?: pulumi.Input; /** * The soft limit (in MiB) of memory to reserve for the container, instead of the default value from the task definition. You must also specify a container name. */ memoryReservation?: pulumi.Input; /** * The name of the container that receives the override. This parameter is required if any override is specified. */ name?: pulumi.Input; /** * The type and amount of a resource to assign to a container, instead of the default value from the task definition. The only supported resource is a GPU. */ resourceRequirements?: pulumi.Input[]>; } interface PipeEcsEnvironmentFileArgs { /** * The file type to use. The only supported value is `s3` . */ type: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon S3 object containing the environment variable file. */ value: pulumi.Input; } interface PipeEcsEnvironmentVariableArgs { /** * The name of the key-value pair. For environment variables, this is the name of the environment variable. */ name?: pulumi.Input; /** * The value of the key-value pair. For environment variables, this is the value of the environment variable. */ value?: pulumi.Input; } interface PipeEcsEphemeralStorageArgs { /** * The total amount, in GiB, of ephemeral storage to set for the task. The minimum supported value is `21` GiB and the maximum supported value is `200` GiB. */ sizeInGiB: pulumi.Input; } interface PipeEcsInferenceAcceleratorOverrideArgs { /** * The Elastic Inference accelerator device name to override for the task. This parameter must match a `deviceName` specified in the task definition. */ deviceName?: pulumi.Input; /** * The Elastic Inference accelerator type to use. */ deviceType?: pulumi.Input; } interface PipeEcsResourceRequirementArgs { /** * The type of resource to assign to a container. The supported values are `GPU` or `InferenceAccelerator` . */ type: pulumi.Input; /** * The value for the specified resource type. * * If the `GPU` type is used, the value is the number of physical `GPUs` the Amazon ECS container agent reserves for the container. The number of GPUs that's reserved for all containers in a task can't exceed the number of available GPUs on the container instance that the task is launched on. * * If the `InferenceAccelerator` type is used, the `value` matches the `deviceName` for an InferenceAccelerator specified in a task definition. */ value: pulumi.Input; } interface PipeEcsTaskOverrideArgs { /** * One or more container overrides that are sent to a task. */ containerOverrides?: pulumi.Input[]>; /** * The cpu override for the task. */ cpu?: pulumi.Input; /** * The ephemeral storage setting override for the task. * * > This parameter is only supported for tasks hosted on Fargate that use the following platform versions: * > * > - Linux platform version `1.4.0` or later. * > - Windows platform version `1.0.0` or later. */ ephemeralStorage?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the task execution IAM role override for the task. For more information, see [Amazon ECS task execution IAM role](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task_execution_IAM_role.html) in the *Amazon Elastic Container Service Developer Guide* . */ executionRoleArn?: pulumi.Input; /** * The Elastic Inference accelerator override for the task. */ inferenceAcceleratorOverrides?: pulumi.Input[]>; /** * The memory override for the task. */ memory?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that containers in this task can assume. All containers in this task are granted the permissions that are specified in this role. For more information, see [IAM Role for Tasks](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/task-iam-roles.html) in the *Amazon Elastic Container Service Developer Guide* . */ taskRoleArn?: pulumi.Input; } interface PipeEnrichmentHttpParametersArgs { /** * The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination. */ headerParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards ("*"). */ pathParameterValues?: pulumi.Input[]>; /** * The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination. */ queryStringParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface PipeEnrichmentParametersArgs { /** * Contains the HTTP parameters to use when the target is a API Gateway REST endpoint or EventBridge ApiDestination. * * If you specify an API Gateway REST API or EventBridge ApiDestination as a target, you can use this parameter to specify headers, path parameters, and query string keys/values as part of your target invoking request. If you're using ApiDestinations, the corresponding Connection can also have these values configured. In case of any conflicting keys, values from the Connection take precedence. */ httpParameters?: pulumi.Input; /** * Valid JSON text passed to the enrichment. In this case, nothing from the event itself is passed to the enrichment. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) . * * To remove an input template, specify an empty string. */ inputTemplate?: pulumi.Input; } interface PipeFilterArgs { /** * The event pattern. */ pattern?: pulumi.Input; } interface PipeFilterCriteriaArgs { /** * The event patterns. */ filters?: pulumi.Input[]>; } interface PipeFirehoseLogDestinationArgs { /** * The Amazon Resource Name (ARN) of the Firehose delivery stream to which EventBridge delivers the pipe log records. */ deliveryStreamArn?: pulumi.Input; } interface PipeLogConfigurationArgs { /** * The logging configuration settings for the pipe. */ cloudwatchLogsLogDestination?: pulumi.Input; /** * The Amazon Data Firehose logging configuration settings for the pipe. */ firehoseLogDestination?: pulumi.Input; /** * Whether the execution data (specifically, the `payload` , `awsRequest` , and `awsResponse` fields) is included in the log messages for this pipe. * * This applies to all log destinations for the pipe. * * For more information, see [Including execution data in logs](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-logs.html#eb-pipes-logs-execution-data) in the *Amazon EventBridge User Guide* . * * *Allowed values:* `ALL` */ includeExecutionData?: pulumi.Input[]>; /** * The level of logging detail to include. This applies to all log destinations for the pipe. */ level?: pulumi.Input; /** * The Amazon S3 logging configuration settings for the pipe. */ s3LogDestination?: pulumi.Input; } interface PipeMqBrokerAccessCredentialsPropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ basicAuth: pulumi.Input; } interface PipeMskAccessCredentials0PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ saslScram512Auth: pulumi.Input; } interface PipeMskAccessCredentials1PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ clientCertificateTlsAuth: pulumi.Input; } interface PipeMultiMeasureAttributeMappingArgs { /** * Dynamic path to the measurement attribute in the source event. */ measureValue: pulumi.Input; /** * Data type of the measurement attribute in the source event. */ measureValueType: pulumi.Input; /** * Target measure name to be used. */ multiMeasureAttributeName: pulumi.Input; } interface PipeMultiMeasureMappingArgs { /** * Mappings that represent multiple source event fields mapped to measures in the same Timestream for LiveAnalytics record. */ multiMeasureAttributeMappings: pulumi.Input[]>; /** * The name of the multiple measurements per record (multi-measure). */ multiMeasureName: pulumi.Input; } interface PipeNetworkConfigurationArgs { /** * Use this structure to specify the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the `awsvpc` network mode. */ awsvpcConfiguration?: pulumi.Input; } interface PipePlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is `distinctInstance` . To learn more, see [Cluster Query Language](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/cluster-query-language.html) in the Amazon Elastic Container Service Developer Guide. */ expression?: pulumi.Input; /** * The type of constraint. Use distinctInstance to ensure that each task in a particular group is running on a different container instance. Use memberOf to restrict the selection to a group of valid candidates. */ type?: pulumi.Input; } interface PipePlacementStrategyArgs { /** * The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used. */ field?: pulumi.Input; /** * The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). */ type?: pulumi.Input; } interface PipeS3LogDestinationArgs { /** * The name of the Amazon S3 bucket to which EventBridge delivers the log records for the pipe. */ bucketName?: pulumi.Input; /** * The AWS account that owns the Amazon S3 bucket to which EventBridge delivers the log records for the pipe. */ bucketOwner?: pulumi.Input; /** * The format EventBridge uses for the log records. * * EventBridge currently only supports `json` formatting. */ outputFormat?: pulumi.Input; /** * The prefix text with which to begin Amazon S3 log object names. * * For more information, see [Organizing objects using prefixes](https://docs.aws.amazon.com/AmazonS3/latest/userguide/using-prefixes.html) in the *Amazon Simple Storage Service User Guide* . */ prefix?: pulumi.Input; } interface PipeSageMakerPipelineParameterArgs { /** * Name of parameter to start execution of a SageMaker AI Model Building Pipeline. */ name: pulumi.Input; /** * Value of parameter to start execution of a SageMaker AI Model Building Pipeline. */ value: pulumi.Input; } interface PipeSelfManagedKafkaAccessConfigurationCredentials0PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ basicAuth: pulumi.Input; } interface PipeSelfManagedKafkaAccessConfigurationCredentials1PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ saslScram512Auth: pulumi.Input; } interface PipeSelfManagedKafkaAccessConfigurationCredentials2PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ saslScram256Auth: pulumi.Input; } interface PipeSelfManagedKafkaAccessConfigurationCredentials3PropertiesArgs { /** * Optional SecretManager ARN which stores the database credentials */ clientCertificateTlsAuth: pulumi.Input; } interface PipeSelfManagedKafkaAccessConfigurationVpcArgs { /** * List of SecurityGroupId. */ securityGroup?: pulumi.Input[]>; /** * List of SubnetId. */ subnets?: pulumi.Input[]>; } interface PipeSingleMeasureMappingArgs { /** * Target measure name for the measurement attribute in the Timestream table. */ measureName: pulumi.Input; /** * Dynamic path of the source field to map to the measure in the record. */ measureValue: pulumi.Input; /** * Data type of the source field. */ measureValueType: pulumi.Input; } interface PipeSourceActiveMqBrokerParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * The credentials needed to access the resource. */ credentials: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * The name of the destination queue to consume. */ queueName: pulumi.Input; } interface PipeSourceDynamoDbStreamParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * Define the target queue to send dead-letter queue events to. */ deadLetterConfig?: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records. */ maximumRecordAgeInSeconds?: pulumi.Input; /** * Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source. */ maximumRetryAttempts?: pulumi.Input; /** * Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch. */ onPartialBatchItemFailure?: pulumi.Input; /** * The number of batches to process concurrently from each shard. The default value is 1. */ parallelizationFactor?: pulumi.Input; /** * (Streams only) The position in a stream from which to start reading. * * *Valid values* : `TRIM_HORIZON | LATEST` */ startingPosition: pulumi.Input; } interface PipeSourceKinesisStreamParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * Define the target queue to send dead-letter queue events to. */ deadLetterConfig?: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * Discard records older than the specified age. The default value is -1, which sets the maximum age to infinite. When the value is set to infinite, EventBridge never discards old records. */ maximumRecordAgeInSeconds?: pulumi.Input; /** * Discard records after the specified number of retries. The default value is -1, which sets the maximum number of retries to infinite. When MaximumRetryAttempts is infinite, EventBridge retries failed records until the record expires in the event source. */ maximumRetryAttempts?: pulumi.Input; /** * Define how to handle item process failures. `AUTOMATIC_BISECT` halves each batch and retry each half until all the records are processed or there is one failed message left in the batch. */ onPartialBatchItemFailure?: pulumi.Input; /** * The number of batches to process concurrently from each shard. The default value is 1. */ parallelizationFactor?: pulumi.Input; /** * The position in a stream from which to start reading. */ startingPosition: pulumi.Input; /** * With `StartingPosition` set to `AT_TIMESTAMP` , the time from which to start reading, in Unix time seconds. */ startingPositionTimestamp?: pulumi.Input; } interface PipeSourceManagedStreamingKafkaParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * The name of the destination queue to consume. */ consumerGroupId?: pulumi.Input; /** * The credentials needed to access the resource. */ credentials?: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * The position in a stream from which to start reading. */ startingPosition?: pulumi.Input; /** * The name of the topic that the pipe will read from. */ topicName: pulumi.Input; } interface PipeSourceParametersArgs { /** * The parameters for using an Active MQ broker as a source. */ activeMqBrokerParameters?: pulumi.Input; /** * The parameters for using a DynamoDB stream as a source. */ dynamoDbStreamParameters?: pulumi.Input; /** * The collection of event patterns used to filter events. * * To remove a filter, specify a `FilterCriteria` object with an empty array of `Filter` objects. * * For more information, see [Events and Event Patterns](https://docs.aws.amazon.com/eventbridge/latest/userguide/eventbridge-and-event-patterns.html) in the *Amazon EventBridge User Guide* . */ filterCriteria?: pulumi.Input; /** * The parameters for using a Kinesis stream as a source. */ kinesisStreamParameters?: pulumi.Input; /** * The parameters for using an MSK stream as a source. */ managedStreamingKafkaParameters?: pulumi.Input; /** * The parameters for using a Rabbit MQ broker as a source. */ rabbitMqBrokerParameters?: pulumi.Input; /** * The parameters for using a self-managed Apache Kafka stream as a source. * * A *self managed* cluster refers to any Apache Kafka cluster not hosted by AWS . This includes both clusters you manage yourself, as well as those hosted by a third-party provider, such as [Confluent Cloud](https://docs.aws.amazon.com/https://www.confluent.io/) , [CloudKarafka](https://docs.aws.amazon.com/https://www.cloudkarafka.com/) , or [Redpanda](https://docs.aws.amazon.com/https://redpanda.com/) . For more information, see [Apache Kafka streams as a source](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-kafka.html) in the *Amazon EventBridge User Guide* . */ selfManagedKafkaParameters?: pulumi.Input; /** * The parameters for using a Amazon SQS stream as a source. */ sqsQueueParameters?: pulumi.Input; } interface PipeSourceRabbitMqBrokerParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * The credentials needed to access the resource. */ credentials: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * The name of the destination queue to consume. */ queueName: pulumi.Input; /** * The name of the virtual host associated with the source broker. */ virtualHost?: pulumi.Input; } interface PipeSourceSelfManagedKafkaParametersArgs { /** * An array of server URLs. */ additionalBootstrapServers?: pulumi.Input[]>; /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * The name of the destination queue to consume. */ consumerGroupId?: pulumi.Input; /** * The credentials needed to access the resource. */ credentials?: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; /** * Optional SecretManager ARN which stores the database credentials */ serverRootCaCertificate?: pulumi.Input; /** * The position in a stream from which to start reading. */ startingPosition?: pulumi.Input; /** * The name of the topic that the pipe will read from. */ topicName: pulumi.Input; /** * This structure specifies the VPC subnets and security groups for the stream, and whether a public IP address is to be used. */ vpc?: pulumi.Input; } interface PipeSourceSqsQueueParametersArgs { /** * The maximum number of records to include in each batch. */ batchSize?: pulumi.Input; /** * The maximum length of a time to wait for events. */ maximumBatchingWindowInSeconds?: pulumi.Input; } interface PipeTagArgs { /** * The key of the key-value pair. */ key: pulumi.Input; /** * The value of the key-value pair. */ value: pulumi.Input; } interface PipeTargetBatchJobParametersArgs { /** * The array properties for the submitted job, such as the size of the array. The array size can be between 2 and 10,000. If you specify array properties for a job, it becomes an array job. This parameter is used only if the target is an AWS Batch job. */ arrayProperties?: pulumi.Input; /** * The overrides that are sent to a container. */ containerOverrides?: pulumi.Input; /** * A list of dependencies for the job. A job can depend upon a maximum of 20 jobs. You can specify a `SEQUENTIAL` type dependency without specifying a job ID for array jobs so that each child array job completes sequentially, starting at index 0. You can also specify an `N_TO_N` type dependency with a job ID for array jobs. In that case, each index child of this job must wait for the corresponding index child of each dependency to complete before it can begin. */ dependsOn?: pulumi.Input[]>; /** * The job definition used by this job. This value can be one of `name` , `name:revision` , or the Amazon Resource Name (ARN) for the job definition. If name is specified without a revision then the latest active revision is used. */ jobDefinition: pulumi.Input; /** * The name of the job. It can be up to 128 letters long. The first character must be alphanumeric, can contain uppercase and lowercase letters, numbers, hyphens (-), and underscores (_). */ jobName: pulumi.Input; /** * Additional parameters passed to the job that replace parameter substitution placeholders that are set in the job definition. Parameters are specified as a key and value pair mapping. Parameters included here override any corresponding parameter defaults from the job definition. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The retry strategy to use for failed jobs. When a retry strategy is specified here, it overrides the retry strategy defined in the job definition. */ retryStrategy?: pulumi.Input; } interface PipeTargetCloudWatchLogsParametersArgs { /** * The name of the log stream. */ logStreamName?: pulumi.Input; /** * A [dynamic path parameter](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes-event-target.html) to a field in the payload containing the time the event occurred, expressed as the number of milliseconds after Jan 1, 1970 00:00:00 UTC. * * The value cannot be a static timestamp as the provided timestamp would be applied to all events delivered by the Pipe, regardless of when they are actually delivered. * * If no dynamic path parameter is provided, the default value is the time the invocation is processed by the Pipe. */ timestamp?: pulumi.Input; } interface PipeTargetEcsTaskParametersArgs { /** * The capacity provider strategy to use for the task. * * If a `capacityProviderStrategy` is specified, the `launchType` parameter must be omitted. If no `capacityProviderStrategy` or launchType is specified, the `defaultCapacityProviderStrategy` for the cluster is used. */ capacityProviderStrategy?: pulumi.Input[]>; /** * Specifies whether to enable Amazon ECS managed tags for the task. For more information, see [Tagging Your Amazon ECS Resources](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/ecs-using-tags.html) in the Amazon Elastic Container Service Developer Guide. */ enableEcsManagedTags?: pulumi.Input; /** * Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * Specifies an Amazon ECS task group for the task. The maximum length is 255 characters. */ group?: pulumi.Input; /** * Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where AWS Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS-Fargate.html) in the *Amazon Elastic Container Service Developer Guide* . */ launchType?: pulumi.Input; /** * Use this structure if the Amazon ECS task uses the `awsvpc` network mode. This structure specifies the VPC subnets and security groups associated with the task, and whether a public IP address is to be used. This structure is required if `LaunchType` is `FARGATE` because the `awsvpc` mode is required for Fargate tasks. * * If you specify `NetworkConfiguration` when the target ECS task does not use the `awsvpc` network mode, the task fails. */ networkConfiguration?: pulumi.Input; /** * The overrides that are associated with a task. */ overrides?: pulumi.Input; /** * An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). */ placementConstraints?: pulumi.Input[]>; /** * The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. */ placementStrategy?: pulumi.Input[]>; /** * Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as `1.1.0` . * * This structure is used only if `LaunchType` is `FARGATE` . For more information about valid platform versions, see [AWS Fargate Platform Versions](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/platform_versions.html) in the *Amazon Elastic Container Service Developer Guide* . */ platformVersion?: pulumi.Input; /** * Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the `TagResource` API action. */ propagateTags?: pulumi.Input; /** * The reference ID to use for the task. */ referenceId?: pulumi.Input; /** * The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see [RunTask](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html#ECS-RunTask-request-tags) in the Amazon ECS API Reference. */ tags?: pulumi.Input[]>; /** * The number of tasks to create based on `TaskDefinition` . The default is 1. */ taskCount?: pulumi.Input; /** * The ARN of the task definition to use if the event target is an Amazon ECS task. */ taskDefinitionArn: pulumi.Input; } interface PipeTargetEventBridgeEventBusParametersArgs { /** * A free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail. */ detailType?: pulumi.Input; /** * The URL subdomain of the endpoint. For example, if the URL for Endpoint is https://abcde.veo.endpoints.event.amazonaws.com, then the EndpointId is `abcde.veo` . */ endpointId?: pulumi.Input; /** * AWS resources, identified by Amazon Resource Name (ARN), which the event primarily concerns. Any number, including zero, may be present. */ resources?: pulumi.Input[]>; /** * The source of the event. */ source?: pulumi.Input; /** * The time stamp of the event, per [RFC3339](https://docs.aws.amazon.com/https://www.rfc-editor.org/rfc/rfc3339.txt) . If no time stamp is provided, the time stamp of the [PutEvents](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) call is used. */ time?: pulumi.Input; } interface PipeTargetHttpParametersArgs { /** * The headers that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination. */ headerParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The path parameter values to be used to populate API Gateway REST API or EventBridge ApiDestination path wildcards ("*"). */ pathParameterValues?: pulumi.Input[]>; /** * The query string keys/values that need to be sent as part of request invoking the API Gateway REST API or EventBridge ApiDestination. */ queryStringParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface PipeTargetKinesisStreamParametersArgs { /** * Determines which shard in the stream the data record is assigned to. Partition keys are Unicode strings with a maximum length limit of 256 characters for each key. Amazon Kinesis Data Streams uses the partition key as input to a hash function that maps the partition key and associated data to a specific shard. Specifically, an MD5 hash function is used to map partition keys to 128-bit integer values and to map associated data records to shards. As a result of this hashing mechanism, all data records with the same partition key map to the same shard within the stream. */ partitionKey: pulumi.Input; } interface PipeTargetLambdaFunctionParametersArgs { /** * Specify whether to invoke the function synchronously or asynchronously. * * - `REQUEST_RESPONSE` (default) - Invoke synchronously. This corresponds to the `RequestResponse` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API. * - `FIRE_AND_FORGET` - Invoke asynchronously. This corresponds to the `Event` option in the `InvocationType` parameter for the Lambda [Invoke](https://docs.aws.amazon.com/lambda/latest/dg/API_Invoke.html#API_Invoke_RequestSyntax) API. * * For more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* . */ invocationType?: pulumi.Input; } interface PipeTargetParametersArgs { /** * The parameters for using an AWS Batch job as a target. */ batchJobParameters?: pulumi.Input; /** * The parameters for using an CloudWatch Logs log stream as a target. */ cloudWatchLogsParameters?: pulumi.Input; /** * The parameters for using an Amazon ECS task as a target. */ ecsTaskParameters?: pulumi.Input; /** * The parameters for using an EventBridge event bus as a target. */ eventBridgeEventBusParameters?: pulumi.Input; /** * These are custom parameter to be used when the target is an API Gateway REST APIs or EventBridge ApiDestinations. */ httpParameters?: pulumi.Input; /** * Valid JSON text passed to the target. In this case, nothing from the event itself is passed to the target. For more information, see [The JavaScript Object Notation (JSON) Data Interchange Format](https://docs.aws.amazon.com/http://www.rfc-editor.org/rfc/rfc7159.txt) . * * To remove an input template, specify an empty string. */ inputTemplate?: pulumi.Input; /** * The parameters for using a Kinesis stream as a target. */ kinesisStreamParameters?: pulumi.Input; /** * The parameters for using a Lambda function as a target. */ lambdaFunctionParameters?: pulumi.Input; /** * These are custom parameters to be used when the target is a Amazon Redshift cluster to invoke the Amazon Redshift Data API BatchExecuteStatement. */ redshiftDataParameters?: pulumi.Input; /** * The parameters for using a SageMaker AI pipeline as a target. */ sageMakerPipelineParameters?: pulumi.Input; /** * The parameters for using a Amazon SQS stream as a target. */ sqsQueueParameters?: pulumi.Input; /** * The parameters for using a Step Functions state machine as a target. */ stepFunctionStateMachineParameters?: pulumi.Input; /** * The parameters for using a Timestream for LiveAnalytics table as a target. */ timestreamParameters?: pulumi.Input; } interface PipeTargetRedshiftDataParametersArgs { /** * Redshift Database */ database: pulumi.Input; /** * Database user name */ dbUser?: pulumi.Input; /** * Optional SecretManager ARN which stores the database credentials */ secretManagerArn?: pulumi.Input; /** * A list of SQLs. */ sqls: pulumi.Input[]>; /** * A name for Redshift DataAPI statement which can be used as filter of ListStatement. */ statementName?: pulumi.Input; /** * Indicates whether to send an event back to EventBridge after the SQL statement runs. */ withEvent?: pulumi.Input; } interface PipeTargetSageMakerPipelineParametersArgs { /** * List of Parameter names and values for SageMaker AI Model Building Pipeline execution. */ pipelineParameterList?: pulumi.Input[]>; } interface PipeTargetSqsQueueParametersArgs { /** * This parameter applies only to FIFO (first-in-first-out) queues. * * The token used for deduplication of sent messages. */ messageDeduplicationId?: pulumi.Input; /** * The FIFO message group ID to use as the target. */ messageGroupId?: pulumi.Input; } interface PipeTargetStateMachineParametersArgs { /** * Specify whether to invoke the Step Functions state machine synchronously or asynchronously. * * - `REQUEST_RESPONSE` (default) - Invoke synchronously. For more information, see [StartSyncExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartSyncExecution.html) in the *AWS Step Functions API Reference* . * * > `REQUEST_RESPONSE` is not supported for `STANDARD` state machine workflows. * - `FIRE_AND_FORGET` - Invoke asynchronously. For more information, see [StartExecution](https://docs.aws.amazon.com/step-functions/latest/apireference/API_StartExecution.html) in the *AWS Step Functions API Reference* . * * For more information, see [Invocation types](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-pipes.html#pipes-invocation) in the *Amazon EventBridge User Guide* . */ invocationType?: pulumi.Input; } interface PipeTargetTimestreamParametersArgs { /** * Map source data to dimensions in the target Timestream for LiveAnalytics table. * * For more information, see [Amazon Timestream for LiveAnalytics concepts](https://docs.aws.amazon.com/timestream/latest/developerguide/concepts.html) */ dimensionMappings: pulumi.Input[]>; /** * The granularity of the time units used. Default is `MILLISECONDS` . * * Required if `TimeFieldType` is specified as `EPOCH` . */ epochTimeUnit?: pulumi.Input; /** * Maps multiple measures from the source event to the same record in the specified Timestream for LiveAnalytics table. */ multiMeasureMappings?: pulumi.Input[]>; /** * Mappings of single source data fields to individual records in the specified Timestream for LiveAnalytics table. */ singleMeasureMappings?: pulumi.Input[]>; /** * The type of time value used. * * The default is `EPOCH` . */ timeFieldType?: pulumi.Input; /** * Dynamic path to the source data field that represents the time value for your data. */ timeValue: pulumi.Input; /** * How to format the timestamps. For example, `yyyy-MM-dd'T'HH:mm:ss'Z'` . * * Required if `TimeFieldType` is specified as `TIMESTAMP_FORMAT` . */ timestampFormat?: pulumi.Input; /** * 64 bit version value or source data field that represents the version value for your data. * * Write requests with a higher version number will update the existing measure values of the record and version. In cases where the measure value is the same, the version will still be updated. * * Default value is 1. * * Timestream for LiveAnalytics does not support updating partial measure values in a record. * * Write requests for duplicate data with a higher version number will update the existing measure value and version. In cases where the measure value is the same, `Version` will still be updated. Default value is `1` . * * > `Version` must be `1` or greater, or you will receive a `ValidationException` error. */ versionValue: pulumi.Input; } } export declare namespace proton { } export declare namespace qbusiness { interface ApplicationAttachmentsConfigurationArgs { /** * Status information about whether file upload functionality is activated or deactivated for your end user. */ attachmentsControlMode: pulumi.Input; } interface ApplicationAutoSubscriptionConfigurationArgs { /** * Describes whether automatic subscriptions are enabled for an Amazon Q Business application using IAM identity federation for user management. */ autoSubscribe: pulumi.Input; /** * Describes the default subscription type assigned to an Amazon Q Business application using IAM identity federation for user management. If the value for `autoSubscribe` is set to `ENABLED` you must select a value for this field. */ defaultSubscriptionType?: pulumi.Input; } interface ApplicationEncryptionConfigurationArgs { /** * The identifier of the AWS key. Amazon Q Business doesn't support asymmetric keys. */ kmsKeyId?: pulumi.Input; } interface ApplicationPersonalizationConfigurationArgs { /** * An option to allow Amazon Q Business to customize chat responses using user specific metadata—specifically, location and job information—in your IAM Identity Center instance. */ personalizationControlMode: pulumi.Input; } interface ApplicationQAppsConfigurationArgs { /** * Status information about whether end users can create and use Amazon Q Apps in the web experience. */ qAppsControlMode: pulumi.Input; } interface ApplicationQuickSightConfigurationArgs { /** * The Amazon Quick Suite namespace that is used as the identity provider. For more information about Quick Suite namespaces, see [Namespace operations](https://docs.aws.amazon.com/quicksight/latest/developerguide/namespace-operations.html) . */ clientNamespace: pulumi.Input; } interface DataAccessorActionConfigurationArgs { /** * The Amazon Q Business action that is allowed. */ action: pulumi.Input; /** * The filter configuration for the action, if any. */ filterConfiguration?: pulumi.Input; } interface DataAccessorActionFilterConfigurationArgs { /** * Enables filtering of responses based on document attributes or metadata fields. */ documentAttributeFilter: pulumi.Input; } interface DataAccessorAttributeFilterArgs { /** * Performs a logical `AND` operation on all supplied filters. */ andAllFilters?: pulumi.Input[]>; /** * Returns `true` when a document contains all the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` . */ containsAll?: pulumi.Input; /** * Returns `true` when a document contains any of the specified document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `stringListValue` . */ containsAny?: pulumi.Input; /** * Performs an equals operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` , `longValue` , `stringListValue` and `stringValue` . */ equalsTo?: pulumi.Input; /** * Performs a greater than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` . */ greaterThan?: pulumi.Input; /** * Performs a greater or equals than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` . */ greaterThanOrEquals?: pulumi.Input; /** * Performs a less than operation on two document attributes or metadata fields. Supported for the following [document attribute value types](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` . */ lessThan?: pulumi.Input; /** * Performs a less than or equals operation on two document attributes or metadata fields.Supported for the following [document attribute value type](https://docs.aws.amazon.com/amazonq/latest/api-reference/API_DocumentAttributeValue.html) : `dateValue` and `longValue` . */ lessThanOrEquals?: pulumi.Input; /** * Performs a logical `NOT` operation on all supplied filters. */ notFilter?: pulumi.Input; /** * Performs a logical `OR` operation on all supplied filters. */ orAllFilters?: pulumi.Input[]>; } interface DataAccessorAuthenticationConfigurationPropertiesArgs { idcTrustedTokenIssuerConfiguration: pulumi.Input; } interface DataAccessorAuthenticationDetailArgs { /** * The specific authentication configuration based on the authentication type. */ authenticationConfiguration?: pulumi.Input; /** * The type of authentication to use for the data accessor. This determines how the ISV authenticates when accessing data. You can use one of two authentication types: * * - `AWS_IAM_IDC_TTI` - Authentication using IAM Identity Center Trusted Token Issuer (TTI). This authentication type allows the ISV to use a trusted token issuer to generate tokens for accessing the data. * - `AWS_IAM_IDC_AUTH_CODE` - Authentication using IAM Identity Center authorization code flow. This authentication type uses the standard OAuth 2.0 authorization code flow for authentication. */ authenticationType: pulumi.Input; /** * A list of external identifiers associated with this authentication configuration. These are used to correlate the data accessor with external systems. */ externalIds?: pulumi.Input[]>; } interface DataAccessorDocumentAttributeArgs { /** * The identifier for the attribute. */ name: pulumi.Input; /** * The value of the attribute. */ value: pulumi.Input; } interface DataAccessorDocumentAttributeValue0PropertiesArgs { stringValue: pulumi.Input; } interface DataAccessorDocumentAttributeValue1PropertiesArgs { stringListValue: pulumi.Input[]>; } interface DataAccessorDocumentAttributeValue2PropertiesArgs { longValue: pulumi.Input; } interface DataAccessorDocumentAttributeValue3PropertiesArgs { dateValue: pulumi.Input; } interface DataAccessorIdcTrustedTokenIssuerConfigurationArgs { idcTrustedTokenIssuerArn: pulumi.Input; } interface DataSourceAudioExtractionConfigurationArgs { /** * The status of audio extraction (ENABLED or DISABLED) for processing audio content from files. */ audioExtractionStatus: pulumi.Input; } interface DataSourceDocumentAttributeConditionArgs { /** * The identifier of the document attribute used for the condition. * * For example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. * * Amazon Q Business currently doesn't support `_document_body` as an attribute key used for the condition. */ key: pulumi.Input; /** * The identifier of the document attribute used for the condition. * * For example, 'Source_URI' could be an identifier for the attribute or metadata field that contains source URIs associated with the documents. * * Amazon Q Business currently does not support `_document_body` as an attribute key used for the condition. */ operator: pulumi.Input; /** * The value of a document attribute. You can only provide one value for a document attribute. */ value?: pulumi.Input; } interface DataSourceDocumentAttributeTargetArgs { /** * `TRUE` to delete the existing target value for your specified target attribute key. You cannot create a target value and set this to `TRUE` . */ attributeValueOperator?: pulumi.Input; /** * The identifier of the target document attribute or metadata field. For example, 'Department' could be an identifier for the target attribute or metadata field that includes the department names associated with the documents. */ key: pulumi.Input; /** * The value of a document attribute. You can only provide one value for a document attribute. */ value?: pulumi.Input; } interface DataSourceDocumentAttributeValue0PropertiesArgs { stringValue: pulumi.Input; } interface DataSourceDocumentAttributeValue1PropertiesArgs { stringListValue: pulumi.Input[]>; } interface DataSourceDocumentAttributeValue2PropertiesArgs { longValue: pulumi.Input; } interface DataSourceDocumentAttributeValue3PropertiesArgs { dateValue: pulumi.Input; } interface DataSourceDocumentEnrichmentConfigurationArgs { /** * Configuration information to alter document attributes or metadata fields and content when ingesting documents into Amazon Q Business. */ inlineConfigurations?: pulumi.Input[]>; /** * Configuration information for invoking a Lambda function in AWS Lambda on the structured documents with their metadata and text extracted. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) . */ postExtractionHookConfiguration?: pulumi.Input; /** * Configuration information for invoking a Lambda function in AWS Lambda on the original or raw documents before extracting their metadata and text. You can use a Lambda function to apply advanced logic for creating, modifying, or deleting document metadata and content. For more information, see [Using Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html) . */ preExtractionHookConfiguration?: pulumi.Input; } interface DataSourceHookConfigurationArgs { /** * The condition used for when a Lambda function should be invoked. * * For example, you can specify a condition that if there are empty date-time values, then Amazon Q Business should invoke a function that inserts the current date-time. */ invocationCondition?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lambda function during ingestion. For more information, see [Using Lambda functions for Amazon Q Business document enrichment](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/cde-lambda-operations.html) . */ lambdaArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) of a role with permission to run `PreExtractionHookConfiguration` and `PostExtractionHookConfiguration` for altering document metadata and content during the document ingestion process. */ roleArn?: pulumi.Input; /** * Stores the original, raw documents or the structured, parsed documents before and after altering them. For more information, see [Data contracts for Lambda functions](https://docs.aws.amazon.com/amazonq/latest/business-use-dg/cde-lambda-operations.html#cde-lambda-operations-data-contracts) . */ s3BucketName?: pulumi.Input; } interface DataSourceImageExtractionConfigurationArgs { /** * Specify whether to extract semantic meaning from images and visuals from documents. */ imageExtractionStatus: pulumi.Input; } interface DataSourceInlineDocumentEnrichmentConfigurationArgs { /** * Configuration of the condition used for the target document attribute or metadata field when ingesting documents into Amazon Q Business . */ condition?: pulumi.Input; /** * `TRUE` to delete content if the condition used for the target attribute is met. */ documentContentOperator?: pulumi.Input; /** * Configuration of the target document attribute or metadata field when ingesting documents into Amazon Q Business . You can also include a value. */ target?: pulumi.Input; } interface DataSourceMediaExtractionConfigurationArgs { /** * Configuration settings for extracting and processing audio content from media files. */ audioExtractionConfiguration?: pulumi.Input; /** * The configuration for extracting semantic meaning from images in documents. For more information, see [Extracting semantic meaning from images and visuals](https://docs.aws.amazon.com/amazonq/latest/qbusiness-ug/extracting-meaning-from-images.html) . */ imageExtractionConfiguration?: pulumi.Input; /** * Configuration settings for extracting and processing video content from media files. */ videoExtractionConfiguration?: pulumi.Input; } interface DataSourceVideoExtractionConfigurationArgs { /** * The status of video extraction (ENABLED or DISABLED) for processing video content from files. */ videoExtractionStatus: pulumi.Input; } interface DataSourceVpcConfigurationArgs { /** * A list of identifiers of security groups within your Amazon VPC. The security groups should enable Amazon Q Business to connect to the data source. */ securityGroupIds: pulumi.Input[]>; /** * A list of identifiers for subnets within your Amazon VPC. The subnets should be able to connect to each other in the VPC, and they should have outgoing access to the Internet through a NAT device. */ subnetIds: pulumi.Input[]>; } interface IndexCapacityConfigurationArgs { /** * The number of storage units configured for an Amazon Q Business index. */ units?: pulumi.Input; } interface IndexDocumentAttributeConfigurationArgs { /** * The name of the document attribute. */ name?: pulumi.Input; /** * Information about whether the document attribute can be used by an end user to search for information on their web experience. */ search?: pulumi.Input; /** * The type of document attribute. */ type?: pulumi.Input; } interface PermissionConditionArgs { conditionKey: pulumi.Input; conditionOperator: pulumi.Input; conditionValues: pulumi.Input[]>; } interface PluginApiSchema0PropertiesArgs { payload: pulumi.Input; } interface PluginApiSchema1PropertiesArgs { s3: pulumi.Input; } interface PluginAuthConfiguration0PropertiesArgs { basicAuthConfiguration: pulumi.Input; } interface PluginAuthConfiguration1PropertiesArgs { oAuth2ClientCredentialConfiguration: pulumi.Input; } interface PluginAuthConfiguration2PropertiesArgs { noAuthConfiguration: pulumi.Input; } interface PluginBasicAuthConfigurationArgs { roleArn: pulumi.Input; secretArn: pulumi.Input; } interface PluginCustomPluginConfigurationArgs { /** * Contains either details about the S3 object containing the OpenAPI schema for the action group or the JSON or YAML-formatted payload defining the schema. */ apiSchema: pulumi.Input; /** * The type of OpenAPI schema to use. */ apiSchemaType: pulumi.Input; /** * A description for your custom plugin configuration. */ description: pulumi.Input; } interface PluginNoAuthConfigurationArgs { } interface PluginOAuth2ClientCredentialConfigurationArgs { authorizationUrl?: pulumi.Input; roleArn: pulumi.Input; secretArn: pulumi.Input; tokenUrl?: pulumi.Input; } interface PluginS3Args { bucket: pulumi.Input; key: pulumi.Input; } interface RetrieverConfiguration0PropertiesArgs { nativeIndexConfiguration: pulumi.Input; } interface RetrieverConfiguration1PropertiesArgs { kendraIndexConfiguration: pulumi.Input; } interface RetrieverKendraIndexConfigurationArgs { indexId: pulumi.Input; } interface RetrieverNativeIndexConfigurationArgs { indexId: pulumi.Input; } interface WebExperienceBrowserExtensionConfigurationArgs { /** * Specify the browser extensions allowed for your Amazon Q web experience. * * - `CHROME` — Enables the extension for Chromium-based browsers (Google Chrome, Microsoft Edge, Opera, etc.). * - `FIREFOX` — Enables the extension for Mozilla Firefox. * - `CHROME` and `FIREFOX` — Enable the extension for Chromium-based browsers and Mozilla Firefox. */ enabledBrowserExtensions: pulumi.Input[]>; } interface WebExperienceCustomizationConfigurationArgs { /** * Provides the URL where the custom CSS file is hosted for an Amazon Q web experience. */ customCssUrl?: pulumi.Input; /** * Provides the URL where the custom favicon file is hosted for an Amazon Q web experience. */ faviconUrl?: pulumi.Input; /** * Provides the URL where the custom font file is hosted for an Amazon Q web experience. */ fontUrl?: pulumi.Input; /** * Provides the URL where the custom logo file is hosted for an Amazon Q web experience. */ logoUrl?: pulumi.Input; } interface WebExperienceIdentityProviderConfiguration0PropertiesArgs { samlConfiguration: pulumi.Input; } interface WebExperienceIdentityProviderConfiguration1PropertiesArgs { openIdConnectConfiguration: pulumi.Input; } interface WebExperienceOpenIdConnectProviderConfigurationArgs { secretsArn: pulumi.Input; secretsRole: pulumi.Input; } interface WebExperienceSamlProviderConfigurationArgs { authenticationUrl: pulumi.Input; } } export declare namespace qldb { interface StreamKinesisConfigurationArgs { /** * Enables QLDB to publish multiple data records in a single Kinesis Data Streams record, increasing the number of records sent per API call. * * Default: `True` * * > Record aggregation has important implications for processing records and requires de-aggregation in your stream consumer. To learn more, see [KPL Key Concepts](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-concepts.html) and [Consumer De-aggregation](https://docs.aws.amazon.com/streams/latest/dev/kinesis-kpl-consumer-deaggregation.html) in the *Amazon Kinesis Data Streams Developer Guide* . */ aggregationEnabled?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Kinesis Data Streams resource. */ streamArn?: pulumi.Input; } } export declare namespace quicksight { interface ActionConnectorApiKeyConnectionMetadataArgs { apiKey: pulumi.Input; baseEndpoint: pulumi.Input; email?: pulumi.Input; } interface ActionConnectorAuthConfigArgs { authenticationMetadata: pulumi.Input; authenticationType: pulumi.Input; } interface ActionConnectorAuthenticationMetadata0PropertiesArgs { authorizationCodeGrantMetadata: pulumi.Input; } interface ActionConnectorAuthenticationMetadata1PropertiesArgs { clientCredentialsGrantMetadata: pulumi.Input; } interface ActionConnectorAuthenticationMetadata2PropertiesArgs { basicAuthConnectionMetadata: pulumi.Input; } interface ActionConnectorAuthenticationMetadata3PropertiesArgs { apiKeyConnectionMetadata: pulumi.Input; } interface ActionConnectorAuthenticationMetadata4PropertiesArgs { noneConnectionMetadata: pulumi.Input; } interface ActionConnectorAuthenticationMetadata5PropertiesArgs { iamConnectionMetadata: pulumi.Input; } interface ActionConnectorAuthorizationCodeGrantCredentialsDetailsPropertiesArgs { authorizationCodeGrantDetails: pulumi.Input; } interface ActionConnectorAuthorizationCodeGrantDetailsArgs { authorizationEndpoint: pulumi.Input; clientId: pulumi.Input; clientSecret: pulumi.Input; tokenEndpoint: pulumi.Input; } interface ActionConnectorAuthorizationCodeGrantMetadataArgs { authorizationCodeGrantCredentialsDetails?: pulumi.Input; authorizationCodeGrantCredentialsSource?: pulumi.Input; baseEndpoint: pulumi.Input; redirectUrl: pulumi.Input; } interface ActionConnectorBasicAuthConnectionMetadataArgs { baseEndpoint: pulumi.Input; password: pulumi.Input; username: pulumi.Input; } interface ActionConnectorClientCredentialsDetailsPropertiesArgs { clientCredentialsGrantDetails: pulumi.Input; } interface ActionConnectorClientCredentialsGrantDetailsArgs { clientId: pulumi.Input; clientSecret: pulumi.Input; tokenEndpoint: pulumi.Input; } interface ActionConnectorClientCredentialsGrantMetadataArgs { baseEndpoint: pulumi.Input; clientCredentialsDetails?: pulumi.Input; clientCredentialsSource?: pulumi.Input; } interface ActionConnectorIamConnectionMetadataArgs { roleArn: pulumi.Input; } interface ActionConnectorNoneConnectionMetadataArgs { baseEndpoint: pulumi.Input; } /** *

Permission for the resource.

*/ interface ActionConnectorResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface AnalysisAggregationFunctionArgs { /** * Aggregation for attributes. */ attributeAggregationFunction?: pulumi.Input; /** * Aggregation for categorical values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. */ categoricalAggregationFunction?: pulumi.Input; /** * Aggregation for date values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. * - `MIN` : Select the smallest date value. * - `MAX` : Select the largest date value. */ dateAggregationFunction?: pulumi.Input; /** * Aggregation for numerical values. */ numericalAggregationFunction?: pulumi.Input; } interface AnalysisAggregationSortConfigurationArgs { /** * The function that aggregates the values in `Column` . */ aggregationFunction?: pulumi.Input; /** * The column that determines the sort order of aggregated values. */ column: pulumi.Input; /** * The sort direction of values. * * - `ASC` : Sort in ascending order. * - `DESC` : Sort in descending order. */ sortDirection: pulumi.Input; } interface AnalysisAllSheetsFilterScopeConfigurationArgs { } interface AnalysisAnchorDateConfigurationArgs { /** * The options for the date configuration. Choose one of the options below: * * - `NOW` */ anchorOption?: pulumi.Input; /** * The name of the parameter that is used for the anchor date configuration. */ parameterName?: pulumi.Input; } interface AnalysisArcAxisConfigurationArgs { /** * The arc axis range of a `GaugeChartVisual` . */ range?: pulumi.Input; /** * The reserved range of the arc axis. */ reserveRange?: pulumi.Input; } interface AnalysisArcAxisDisplayRangeArgs { /** * The maximum value of the arc axis range. */ max?: pulumi.Input; /** * The minimum value of the arc axis range. */ min?: pulumi.Input; } interface AnalysisArcConfigurationArgs { /** * The option that determines the arc angle of a `GaugeChartVisual` . */ arcAngle?: pulumi.Input; /** * The options that determine the arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface AnalysisArcOptionsArgs { /** * The arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface AnalysisAssetOptionsArgs { /** * Determines the timezone for the analysis. */ timezone?: pulumi.Input; /** * Determines the week start day for an analysis. */ weekStart?: pulumi.Input; } interface AnalysisAttributeAggregationFunctionArgs { /** * The built-in aggregation functions for attributes. * * - `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields. */ simpleAttributeAggregation?: pulumi.Input; /** * Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'. */ valueForMultipleValues?: pulumi.Input; } interface AnalysisAxisDataOptionsArgs { /** * The options for an axis with a date field. */ dateAxisOptions?: pulumi.Input; /** * The options for an axis with a numeric field. */ numericAxisOptions?: pulumi.Input; } interface AnalysisAxisDisplayDataDrivenRangeArgs { } interface AnalysisAxisDisplayMinMaxRangeArgs { /** * The maximum setup for an axis display range. */ maximum?: pulumi.Input; /** * The minimum setup for an axis display range. */ minimum?: pulumi.Input; } interface AnalysisAxisDisplayOptionsArgs { /** * Determines whether or not the axis line is visible. */ axisLineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ axisOffset?: pulumi.Input; /** * The data options for an axis. */ dataOptions?: pulumi.Input; /** * Determines whether or not the grid line is visible. */ gridLineVisibility?: pulumi.Input; /** * The scroll bar options for an axis. */ scrollbarOptions?: pulumi.Input; /** * The tick label options of an axis. */ tickLabelOptions?: pulumi.Input; } interface AnalysisAxisDisplayRangeArgs { /** * The data-driven setup of an axis display range. */ dataDriven?: pulumi.Input; /** * The minimum and maximum setup of an axis display range. */ minMax?: pulumi.Input; } interface AnalysisAxisLabelOptionsArgs { /** * The options that indicate which field the label belongs to. */ applyTo?: pulumi.Input; /** * The text for the axis label. */ customLabel?: pulumi.Input; /** * The font configuration of the axis label. */ fontConfiguration?: pulumi.Input; } interface AnalysisAxisLabelReferenceOptionsArgs { /** * The column that the axis label is targeted to. */ column: pulumi.Input; /** * The field that the axis label is targeted to. */ fieldId: pulumi.Input; } interface AnalysisAxisLinearScaleArgs { /** * The step count setup of a linear axis. */ stepCount?: pulumi.Input; /** * The step size setup of a linear axis. */ stepSize?: pulumi.Input; } interface AnalysisAxisLogarithmicScaleArgs { /** * The base setup of a logarithmic axis scale. */ base?: pulumi.Input; } interface AnalysisAxisScaleArgs { /** * The linear axis scale setup. */ linear?: pulumi.Input; /** * The logarithmic axis scale setup. */ logarithmic?: pulumi.Input; } interface AnalysisAxisTickLabelOptionsArgs { /** * Determines whether or not the axis ticks are visible. */ labelOptions?: pulumi.Input; /** * The rotation angle of the axis tick labels. */ rotationAngle?: pulumi.Input; } interface AnalysisBarChartAggregatedFieldWellsArgs { /** * The category (y-axis) field well of a bar chart. */ category?: pulumi.Input[]>; /** * The color (group/color) field well of a bar chart. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a bar chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a bar chart. Values are aggregated by category. */ values?: pulumi.Input[]>; } interface AnalysisBarChartConfigurationArgs { /** * Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual. */ barsArrangement?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for bar chart category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart. */ colorLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The orientation of the bars in a bar chart visual. There are two valid values in this structure: * * - `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts. * - `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts. */ orientation?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a `BarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for a bar chart value. */ valueAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart value. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface AnalysisBarChartFieldWellsArgs { /** * The aggregated field wells of a bar chart. */ barChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisBarChartSortConfigurationArgs { /** * The limit on the number of categories displayed in a bar chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of values displayed in a bar chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of color fields in a bar chart. */ colorSort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface AnalysisBarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisBinCountOptionsArgs { /** * The options that determine the bin count value. */ value?: pulumi.Input; } interface AnalysisBinWidthOptionsArgs { /** * The options that determine the bin count limit. */ binCountLimit?: pulumi.Input; /** * The options that determine the bin width value. */ value?: pulumi.Input; } interface AnalysisBodySectionConfigurationArgs { /** * The configuration of content in a body section. */ content: pulumi.Input; /** * The configuration of a page break for a section. */ pageBreakConfiguration?: pulumi.Input; /** * Describes the configurations that are required to declare a section as repeating. */ repeatConfiguration?: pulumi.Input; /** * The unique identifier of a body section. */ sectionId: pulumi.Input; /** * The style options of a body section. */ style?: pulumi.Input; } interface AnalysisBodySectionContentArgs { /** * The layout configuration of a body section. */ layout?: pulumi.Input; } interface AnalysisBodySectionDynamicCategoryDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface AnalysisBodySectionDynamicNumericDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface AnalysisBodySectionRepeatConfigurationArgs { /** * List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section. */ dimensionConfigurations?: pulumi.Input[]>; /** * List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances. */ nonRepeatingVisuals?: pulumi.Input[]>; /** * Page break configuration to apply for each repeating instance. */ pageBreakConfiguration?: pulumi.Input; } interface AnalysisBodySectionRepeatDimensionConfigurationArgs { /** * Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents. */ dynamicCategoryDimensionConfiguration?: pulumi.Input; /** * Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section. */ dynamicNumericDimensionConfiguration?: pulumi.Input; } interface AnalysisBodySectionRepeatPageBreakConfigurationArgs { after?: pulumi.Input; } interface AnalysisBoxPlotAggregatedFieldWellsArgs { /** * The group by field well of a box plot chart. Values are grouped based on group by fields. */ groupBy?: pulumi.Input[]>; /** * The value field well of a box plot chart. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface AnalysisBoxPlotChartConfigurationArgs { /** * The box plot chart options for a box plot visual */ boxPlotOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort Icon visibility) of a box plot category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; legend?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) of a box plot value. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The sort configuration of a `BoxPlotVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface AnalysisBoxPlotFieldWellsArgs { /** * The aggregated field wells of a box plot. */ boxPlotAggregatedFieldWells?: pulumi.Input; } interface AnalysisBoxPlotOptionsArgs { /** * Determines the visibility of all data points of the box plot. */ allDataPointsVisibility?: pulumi.Input; /** * Determines the visibility of the outlier in a box plot. */ outlierVisibility?: pulumi.Input; /** * The style options of the box plot. */ styleOptions?: pulumi.Input; } interface AnalysisBoxPlotSortConfigurationArgs { /** * The sort configuration of a group by fields. */ categorySort?: pulumi.Input[]>; /** * The pagination configuration of a table visual or box plot. */ paginationConfiguration?: pulumi.Input; } interface AnalysisBoxPlotStyleOptionsArgs { /** * The fill styles (solid, transparent) of the box plot. */ fillStyle?: pulumi.Input; } interface AnalysisBoxPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisCalculatedFieldArgs { /** * The data set that is used in this calculated field. */ dataSetIdentifier: pulumi.Input; /** * The expression of the calculated field. */ expression: pulumi.Input; /** * The name of the calculated field. */ name: pulumi.Input; } interface AnalysisCalculatedMeasureFieldArgs { /** * The expression in the table calculation. */ expression: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; } interface AnalysisCascadingControlConfigurationArgs { /** * A list of source controls that determine the values that are used in the current control. */ sourceControls?: pulumi.Input[]>; } interface AnalysisCascadingControlSourceArgs { /** * The column identifier that determines which column to look up for the source sheet control. */ columnToMatch?: pulumi.Input; /** * The source sheet control ID of a `CascadingControlSource` . */ sourceSheetControlId?: pulumi.Input; } interface AnalysisCategoricalDimensionFieldArgs { /** * The column that is used in the `CategoricalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface AnalysisCategoricalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `CategoricalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface AnalysisCategoryDrillDownFilterArgs { /** * A list of the string inputs that are the values of the category drill down filter. */ categoryValues: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; } interface AnalysisCategoryFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The configuration for a `CategoryFilter` . */ configuration: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; } interface AnalysisCategoryFilterConfigurationArgs { /** * A custom filter that filters based on a single value. This filter can be partially matched. */ customFilterConfiguration?: pulumi.Input; /** * A list of custom filter values. In the Quick Sight console, this filter type is called a custom filter list. */ customFilterListConfiguration?: pulumi.Input; /** * A list of filter configurations. In the Quick Sight console, this filter type is called a filter list. */ filterListConfiguration?: pulumi.Input; } interface AnalysisCategoryInnerFilterArgs { column: pulumi.Input; configuration: pulumi.Input; defaultFilterControlConfiguration?: pulumi.Input; } interface AnalysisChartAxisLabelOptionsArgs { /** * The label options for a chart axis. */ axisLabelOptions?: pulumi.Input[]>; /** * The visibility configuration of the sort icon on a chart's axis label. */ sortIconVisibility?: pulumi.Input; /** * The visibility of an axis label on a chart. Choose one of the following options: * * - `VISIBLE` : Shows the axis. * - `HIDDEN` : Hides the axis. */ visibility?: pulumi.Input; } interface AnalysisClusterMarkerArgs { /** * The simple cluster marker of the cluster marker. */ simpleClusterMarker?: pulumi.Input; } interface AnalysisClusterMarkerConfigurationArgs { /** * The cluster marker that is a part of the cluster marker configuration. */ clusterMarker?: pulumi.Input; } interface AnalysisColorScaleArgs { /** * Determines the color fill type. */ colorFillType: pulumi.Input; /** * Determines the list of colors that are applied to the visual. */ colors: pulumi.Input[]>; /** * Determines the color that is applied to null values. */ nullValueColor?: pulumi.Input; } interface AnalysisColorsConfigurationArgs { /** * A list of up to 50 custom colors. */ customColors?: pulumi.Input[]>; } interface AnalysisColumnConfigurationArgs { /** * The color configurations of the column. */ colorsConfiguration?: pulumi.Input; /** * The column. */ column: pulumi.Input; /** * The format configuration of a column. */ formatConfiguration?: pulumi.Input; /** * The role of the column. */ role?: pulumi.Input; } interface AnalysisColumnHierarchyArgs { /** * The option that determines the hierarchy of any `DateTime` fields. */ dateTimeHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals. */ explicitHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source. */ predefinedHierarchy?: pulumi.Input; } interface AnalysisColumnIdentifierArgs { /** * The name of the column. */ columnName: pulumi.Input; /** * The data set that the column belongs to. */ dataSetIdentifier: pulumi.Input; } interface AnalysisColumnSortArgs { /** * The aggregation function that is defined in the column sort. */ aggregationFunction?: pulumi.Input; /** * The sort direction. */ direction: pulumi.Input; sortBy: pulumi.Input; } interface AnalysisColumnTooltipItemArgs { /** * The aggregation function of the column tooltip item. */ aggregation?: pulumi.Input; /** * The target column of the tooltip item. */ column: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the column tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface AnalysisComboChartAggregatedFieldWellsArgs { /** * The aggregated `BarValues` field well of a combo chart. */ barValues?: pulumi.Input[]>; /** * The aggregated category field wells of a combo chart. */ category?: pulumi.Input[]>; /** * The aggregated colors field well of a combo chart. */ colors?: pulumi.Input[]>; /** * The aggregated `LineValues` field well of a combo chart. */ lineValues?: pulumi.Input[]>; } interface AnalysisComboChartConfigurationArgs { /** * The options that determine if visual data labels are displayed. * * The data label options for a bar in a combo chart. */ barDataLabels?: pulumi.Input; /** * Determines the bar arrangement in a combo chart. The following are valid values in this structure: * * - `CLUSTERED` : For clustered bar combo charts. * - `STACKED` : For stacked bar combo charts. * - `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error. */ barsArrangement?: pulumi.Input; /** * The category axis of a combo chart. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well. */ colorLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The options that determine if visual data labels are displayed. * * The data label options for a line in a combo chart. */ lineDataLabels?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well. */ secondaryYAxisLabelOptions?: pulumi.Input; singleAxisOptions?: pulumi.Input; /** * The sort configuration of a `ComboChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface AnalysisComboChartFieldWellsArgs { /** * The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category. */ comboChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisComboChartSortConfigurationArgs { /** * The item limit configuration for the category field well of a combo chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category field well in a combo chart. */ categorySort?: pulumi.Input[]>; /** * The item limit configuration of the color field well in a combo chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of the color field well in a combo chart. */ colorSort?: pulumi.Input[]>; } interface AnalysisComboChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisComparisonConfigurationArgs { /** * The format of the comparison. */ comparisonFormat?: pulumi.Input; /** * The method of the comparison. Choose from the following options: * * - `DIFFERENCE` * - `PERCENT_DIFFERENCE` * - `PERCENT` */ comparisonMethod?: pulumi.Input; } interface AnalysisComparisonFormatConfigurationArgs { /** * The number display format. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The percentage display format. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface AnalysisComputationArgs { /** * The forecast computation configuration. */ forecast?: pulumi.Input; /** * The growth rate computation configuration. */ growthRate?: pulumi.Input; /** * The maximum and minimum computation configuration. */ maximumMinimum?: pulumi.Input; /** * The metric comparison computation configuration. */ metricComparison?: pulumi.Input; /** * The period over period computation configuration. */ periodOverPeriod?: pulumi.Input; /** * The period to `DataSetIdentifier` computation configuration. */ periodToDate?: pulumi.Input; /** * The top movers and bottom movers computation configuration. */ topBottomMovers?: pulumi.Input; /** * The top ranked and bottom ranked computation configuration. */ topBottomRanked?: pulumi.Input; /** * The total aggregation computation configuration. */ totalAggregation?: pulumi.Input; /** * The unique values computation configuration. */ uniqueValues?: pulumi.Input; } interface AnalysisConditionalFormattingColorArgs { /** * Formatting configuration for gradient color. */ gradient?: pulumi.Input; /** * Formatting configuration for solid color. */ solid?: pulumi.Input; } interface AnalysisConditionalFormattingCustomIconConditionArgs { /** * Determines the color of the icon. */ color?: pulumi.Input; /** * Determines the icon display configuration. */ displayConfiguration?: pulumi.Input; /** * The expression that determines the condition of the icon set. */ expression: pulumi.Input; /** * Custom icon options for an icon set. */ iconOptions: pulumi.Input; } interface AnalysisConditionalFormattingCustomIconOptionsArgs { /** * Determines the type of icon. */ icon?: pulumi.Input; /** * Determines the Unicode icon type. */ unicodeIcon?: pulumi.Input; } interface AnalysisConditionalFormattingGradientColorArgs { /** * Determines the color. */ color: pulumi.Input; /** * The expression that determines the formatting configuration for gradient color. */ expression: pulumi.Input; } interface AnalysisConditionalFormattingIconArgs { /** * Determines the custom condition for an icon set. */ customCondition?: pulumi.Input; /** * Formatting configuration for icon set. */ iconSet?: pulumi.Input; } interface AnalysisConditionalFormattingIconDisplayConfigurationArgs { /** * Determines the icon display configuration. */ iconDisplayOption?: pulumi.Input; } interface AnalysisConditionalFormattingIconSetArgs { /** * The expression that determines the formatting configuration for the icon set. */ expression: pulumi.Input; /** * Determines the icon set type. */ iconSetType?: pulumi.Input; } interface AnalysisConditionalFormattingSolidColorArgs { /** * Determines the color. */ color?: pulumi.Input; /** * The expression that determines the formatting configuration for solid color. */ expression: pulumi.Input; } interface AnalysisContextMenuOptionArgs { /** * The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu. */ availabilityStatus?: pulumi.Input; } interface AnalysisContributionAnalysisDefaultArgs { /** * The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` . */ contributorDimensions: pulumi.Input[]>; /** * The measure field that is used in the contribution analysis. */ measureFieldId: pulumi.Input; } interface AnalysisCurrencyDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value for the currency format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the currency format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the currency format. */ suffix?: pulumi.Input; /** * Determines the symbol for the currency format. */ symbol?: pulumi.Input; } interface AnalysisCustomActionFilterOperationArgs { /** * The configuration that chooses the fields to be filtered. */ selectedFieldsConfiguration: pulumi.Input; /** * The configuration that chooses the target visuals to be filtered. */ targetVisualsConfiguration: pulumi.Input; } interface AnalysisCustomActionNavigationOperationArgs { /** * The configuration that chooses the navigation target. */ localNavigationConfiguration?: pulumi.Input; } interface AnalysisCustomActionSetParametersOperationArgs { /** * The parameter that determines the value configuration. */ parameterValueConfigurations: pulumi.Input[]>; } interface AnalysisCustomActionUrlOperationArgs { /** * The target of the `CustomActionURLOperation` . * * Valid values are defined as follows: * * - `NEW_TAB` : Opens the target URL in a new browser tab. * - `NEW_WINDOW` : Opens the target URL in a new browser window. * - `SAME_TAB` : Opens the target URL in the same browser tab. */ urlTarget: pulumi.Input; /** * THe URL link of the `CustomActionURLOperation` . */ urlTemplate: pulumi.Input; } interface AnalysisCustomColorArgs { /** * The color that is applied to the data value. */ color: pulumi.Input; /** * The data value that the color is applied to. */ fieldValue?: pulumi.Input; /** * The value of a special data value. */ specialValue?: pulumi.Input; } interface AnalysisCustomContentConfigurationArgs { /** * The content type of the custom content visual. You can use this to have the visual render as an image. */ contentType?: pulumi.Input; /** * The input URL that links to the custom content that you want in the custom visual. */ contentUrl?: pulumi.Input; /** * The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` . */ imageScaling?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface AnalysisCustomContentVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `CustomContentVisual` . */ chartConfiguration?: pulumi.Input; /** * The dataset that is used to create the custom content visual. You can't create a visual without a dataset. */ dataSetIdentifier: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisCustomFilterConfigurationArgs { /** * The category value for the filter. * * This field is mutually exclusive to `ParameterName` . */ categoryValue?: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `CategoryValue` . */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface AnalysisCustomFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface AnalysisCustomNarrativeOptionsArgs { /** * The string input of custom narrative. */ narrative: pulumi.Input; } interface AnalysisCustomParameterValuesArgs { /** * A list of datetime-type parameter values. */ dateTimeValues?: pulumi.Input[]>; /** * A list of decimal-type parameter values. */ decimalValues?: pulumi.Input[]>; /** * A list of integer-type parameter values. */ integerValues?: pulumi.Input[]>; /** * A list of string-type parameter values. */ stringValues?: pulumi.Input[]>; } interface AnalysisCustomValuesConfigurationArgs { customValues: pulumi.Input; /** * Includes the null value in custom action parameter values. */ includeNullValue?: pulumi.Input; } interface AnalysisDataBarsOptionsArgs { /** * The field ID for the data bars options. */ fieldId: pulumi.Input; /** * The color of the negative data bar. */ negativeColor?: pulumi.Input; /** * The color of the positive data bar. */ positiveColor?: pulumi.Input; } interface AnalysisDataColorArgs { /** * The color that is applied to the data value. */ color?: pulumi.Input; /** * The data value that the color is applied to. */ dataValue?: pulumi.Input; } interface AnalysisDataFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field that you are setting the axis binding to. */ fieldId: pulumi.Input; /** * The field value of the field that you are setting the axis binding to. */ fieldValue?: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface AnalysisDataLabelOptionsArgs { /** * Determines the visibility of the category field labels. */ categoryLabelVisibility?: pulumi.Input; /** * The option that determines the data label type. */ dataLabelTypes?: pulumi.Input[]>; /** * Determines the color of the data labels. */ labelColor?: pulumi.Input; /** * Determines the content of the data labels. */ labelContent?: pulumi.Input; /** * Determines the font configuration of the data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the visibility of the measure field labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines whether overlap is enabled or disabled for the data labels. */ overlap?: pulumi.Input; /** * Determines the position of the data labels. */ position?: pulumi.Input; /** * Determines the visibility of the total. */ totalsVisibility?: pulumi.Input; /** * Determines the visibility of the data labels. */ visibility?: pulumi.Input; } interface AnalysisDataLabelTypeArgs { /** * The option that specifies individual data values for labels. */ dataPathLabelType?: pulumi.Input; /** * Determines the label configuration for the entire field. */ fieldLabelType?: pulumi.Input; /** * Determines the label configuration for the maximum value in a visual. */ maximumLabelType?: pulumi.Input; /** * Determines the label configuration for the minimum value in a visual. */ minimumLabelType?: pulumi.Input; /** * Determines the label configuration for range end value in a visual. */ rangeEndsLabelType?: pulumi.Input; } interface AnalysisDataPathColorArgs { /** * The color that needs to be applied to the element. */ color: pulumi.Input; /** * The element that the color needs to be applied to. */ element: pulumi.Input; /** * The time granularity of the field that the color needs to be applied to. */ timeGranularity?: pulumi.Input; } interface AnalysisDataPathLabelTypeArgs { /** * The field ID of the field that the data label needs to be applied to. */ fieldId?: pulumi.Input; /** * The actual value of the field that is labeled. */ fieldValue?: pulumi.Input; /** * The visibility of the data label. */ visibility?: pulumi.Input; } interface AnalysisDataPathSortArgs { /** * Determines the sort direction. */ direction: pulumi.Input; /** * The list of data paths that need to be sorted. */ sortPaths: pulumi.Input[]>; } interface AnalysisDataPathTypeArgs { /** * The type of data path value utilized in a pivot table. Choose one of the following options: * * - `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` . * - `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement. * - `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement. * - `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` . */ pivotTableDataPathType?: pulumi.Input; } interface AnalysisDataPathValueArgs { /** * The type configuration of the field. */ dataPathType?: pulumi.Input; /** * The field ID of the field that needs to be sorted. */ fieldId?: pulumi.Input; /** * The actual value of the field that needs to be sorted. */ fieldValue?: pulumi.Input; } interface AnalysisDataSetIdentifierDeclarationArgs { /** * The Amazon Resource Name (ARN) of the data set. */ dataSetArn: pulumi.Input; /** * The identifier of the data set, typically the data set's name. */ identifier: pulumi.Input; } /** *

Dataset reference.

*/ interface AnalysisDataSetReferenceArgs { /** *

Dataset Amazon Resource Name (ARN).

*/ dataSetArn: pulumi.Input; /** *

Dataset placeholder.

*/ dataSetPlaceholder: pulumi.Input; } interface AnalysisDateAxisOptionsArgs { /** * Determines whether or not missing dates are displayed. */ missingDateVisibility?: pulumi.Input; } interface AnalysisDateDimensionFieldArgs { /** * The column that is used in the `DateDimensionField` . */ column: pulumi.Input; /** * The date granularity of the `DateDimensionField` . Choose one of the following options: * * - `YEAR` * - `QUARTER` * - `MONTH` * - `WEEK` * - `DAY` * - `HOUR` * - `MINUTE` * - `SECOND` * - `MILLISECOND` */ dateGranularity?: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface AnalysisDateMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `DateMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface AnalysisDateTimeDefaultValuesArgs { /** * The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression. */ rollingDate?: pulumi.Input; /** * The static values of the `DataTimeDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface AnalysisDateTimeFormatConfigurationArgs { /** * Determines the `DateTime` format. */ dateTimeFormat?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric `DateTime` fields. */ numericFormatConfiguration?: pulumi.Input; } interface AnalysisDateTimeHierarchyArgs { /** * The option that determines the drill down filters for the `DateTime` hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the `DateTime` hierarchy. */ hierarchyId: pulumi.Input; } /** *

A date-time parameter.

*/ interface AnalysisDateTimeParameterArgs { /** *

A display name for the date-time parameter.

*/ name: pulumi.Input; /** *

The values for the date-time parameter.

*/ values: pulumi.Input[]>; } interface AnalysisDateTimeParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The configuration that defines the default value of a `DateTime` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface AnalysisDateTimePickerControlDisplayOptionsArgs { /** * The date icon visibility of the `DateTimePickerControlDisplayOptions` . */ dateIconVisibility?: pulumi.Input; /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The helper text visibility of the `DateTimePickerControlDisplayOptions` . */ helperTextVisibility?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisDateTimeValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface AnalysisDecimalDefaultValuesArgs { /** * The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } /** *

A decimal parameter.

*/ interface AnalysisDecimalParameterArgs { /** *

A display name for the decimal parameter.

*/ name: pulumi.Input; /** *

The values for the decimal parameter.

*/ values: pulumi.Input[]>; } interface AnalysisDecimalParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `Decimal` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface AnalysisDecimalPlacesConfigurationArgs { /** * The values of the decimal places. */ decimalPlaces: pulumi.Input; } interface AnalysisDecimalValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface AnalysisDefaultDateTimePickerControlOptionsArgs { /** * The visibility configuration of the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options: * * - `SINGLE_VALUED` : The filter condition is a fixed date. * - `DATE_RANGE` : The filter condition is a date time range. */ type?: pulumi.Input; } interface AnalysisDefaultFilterControlConfigurationArgs { /** * The control option for the `DefaultFilterControlConfiguration` . */ controlOptions: pulumi.Input; /** * The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter. */ title: pulumi.Input; } interface AnalysisDefaultFilterControlOptionsArgs { /** * The default options that correspond to the filter control type of a `DateTimePicker` . */ defaultDateTimePickerOptions?: pulumi.Input; /** * The default options that correspond to the `Dropdown` filter control type. */ defaultDropdownOptions?: pulumi.Input; /** * The default options that correspond to the `List` filter control type. */ defaultListOptions?: pulumi.Input; /** * The default options that correspond to the `RelativeDateTime` filter control type. */ defaultRelativeDateTimeOptions?: pulumi.Input; /** * The default options that correspond to the `Slider` filter control type. */ defaultSliderOptions?: pulumi.Input; /** * The default options that correspond to the `TextArea` filter control type. */ defaultTextAreaOptions?: pulumi.Input; /** * The default options that correspond to the `TextField` filter control type. */ defaultTextFieldOptions?: pulumi.Input; } interface AnalysisDefaultFilterDropDownControlOptionsArgs { /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface AnalysisDefaultFilterListControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `DefaultFilterListControlOptions` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface AnalysisDefaultFreeFormLayoutConfigurationArgs { /** * Determines the screen canvas size options for a free-form layout. */ canvasSizeOptions: pulumi.Input; } interface AnalysisDefaultGridLayoutConfigurationArgs { /** * Determines the screen canvas size options for a grid layout. */ canvasSizeOptions: pulumi.Input; } interface AnalysisDefaultInteractiveLayoutConfigurationArgs { /** * The options that determine the default settings of a free-form layout configuration. */ freeForm?: pulumi.Input; /** * The options that determine the default settings for a grid layout configuration. */ grid?: pulumi.Input; } interface AnalysisDefaultNewSheetConfigurationArgs { /** * The options that determine the default settings for interactive layout configuration. */ interactiveLayoutConfiguration?: pulumi.Input; /** * The options that determine the default settings for a paginated layout configuration. */ paginatedLayoutConfiguration?: pulumi.Input; /** * The option that determines the sheet content type. */ sheetContentType?: pulumi.Input; } interface AnalysisDefaultPaginatedLayoutConfigurationArgs { /** * The options that determine the default settings for a section-based layout configuration. */ sectionBased?: pulumi.Input; } interface AnalysisDefaultRelativeDateTimeControlOptionsArgs { /** * The visibility configuration of the Apply button on a `RelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface AnalysisDefaultSectionBasedLayoutConfigurationArgs { /** * Determines the screen canvas size options for a section-based layout. */ canvasSizeOptions: pulumi.Input; } interface AnalysisDefaultSliderControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The type of the `DefaultSliderControlOptions` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface AnalysisDefaultTextAreaControlOptionsArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface AnalysisDefaultTextFieldControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface AnalysisDefaultsArgs { /** * The configuration for default new sheet settings. */ defaultNewSheetConfiguration: pulumi.Input; } interface AnalysisDefinitionArgs { analysisDefaults?: pulumi.Input; /** * An array of calculated field definitions for the analysis. */ calculatedFields?: pulumi.Input[]>; /** * An array of analysis-level column configurations. Column configurations can be used to set default formatting for a column to be used throughout an analysis. */ columnConfigurations?: pulumi.Input[]>; /** * An array of dataset identifier declarations. This mapping allows the usage of dataset identifiers instead of dataset ARNs throughout analysis sub-structures. */ dataSetIdentifierDeclarations: pulumi.Input[]>; /** * Filter definitions for an analysis. * * For more information, see [Filtering Data in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon Quick Suite User Guide* . */ filterGroups?: pulumi.Input[]>; /** * An array of option definitions for an analysis. */ options?: pulumi.Input; /** * An array of parameter declarations for an analysis. * * Parameters are named variables that can transfer a value for use by an action or an object. * * For more information, see [Parameters in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon Quick Suite User Guide* . */ parameterDeclarations?: pulumi.Input[]>; queryExecutionOptions?: pulumi.Input; /** * An array of sheet definitions for an analysis. Each `SheetDefinition` provides detailed information about a sheet within this analysis. */ sheets?: pulumi.Input[]>; /** * The static files for the definition. */ staticFiles?: pulumi.Input[]>; } interface AnalysisDestinationParameterValueConfigurationArgs { /** * The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` . */ customValuesConfiguration?: pulumi.Input; /** * The configuration that selects all options. */ selectAllValueOptions?: pulumi.Input; /** * A column of a data set. */ sourceColumn?: pulumi.Input; /** * The source field ID of the destination parameter. */ sourceField?: pulumi.Input; /** * The source parameter name of the destination parameter. */ sourceParameterName?: pulumi.Input; } interface AnalysisDimensionFieldArgs { /** * The dimension type field with categorical type columns. */ categoricalDimensionField?: pulumi.Input; /** * The dimension type field with date type columns. */ dateDimensionField?: pulumi.Input; /** * The dimension type field with numerical type columns. */ numericalDimensionField?: pulumi.Input; } interface AnalysisDonutCenterOptionsArgs { /** * Determines the visibility of the label in a donut chart. In the Quick Sight console, this option is called `'Show total'` . */ labelVisibility?: pulumi.Input; } interface AnalysisDonutOptionsArgs { /** * The option for define the arc of the chart shape. Valid values are as follows: * * - `WHOLE` - A pie chart * - `SMALL` - A small-sized donut chart * - `MEDIUM` - A medium-sized donut chart * - `LARGE` - A large-sized donut chart */ arcOptions?: pulumi.Input; /** * The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts. */ donutCenterOptions?: pulumi.Input; } interface AnalysisDrillDownFilterArgs { /** * The category type drill down filter. This filter is used for string type columns. */ categoryFilter?: pulumi.Input; /** * The numeric equality type drill down filter. This filter is used for number type columns. */ numericEqualityFilter?: pulumi.Input; /** * The time range drill down filter. This filter is used for date time columns. */ timeRangeFilter?: pulumi.Input; } interface AnalysisDropDownControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a dropdown control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisDynamicDefaultValueArgs { /** * The column that contains the default value of each user or group. */ defaultValueColumn: pulumi.Input; /** * The column that contains the group name. */ groupNameColumn?: pulumi.Input; /** * The column that contains the username. */ userNameColumn?: pulumi.Input; } interface AnalysisEmptyVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The data set that is used in the empty visual. Every visual requires a dataset to render. */ dataSetIdentifier: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisEntityArgs { /** * The hierarchical path of the entity within the analysis, template, or dashboard definition tree. */ path?: pulumi.Input; } /** *

Analysis error.

*/ interface AnalysisErrorArgs { /** *

The message associated with the analysis error.

*/ message?: pulumi.Input; /** * The type of the analysis error. */ type?: pulumi.Input; /** *

Lists the violated entities that caused the analysis error

*/ violatedEntities?: pulumi.Input[]>; } interface AnalysisExcludePeriodConfigurationArgs { /** * The amount or number of the exclude period. */ amount: pulumi.Input; /** * The granularity or unit (day, month, year) of the exclude period. */ granularity: pulumi.Input; /** * The status of the exclude period. Choose from the following options: * * - `ENABLED` * - `DISABLED` */ status?: pulumi.Input; } interface AnalysisExplicitHierarchyArgs { /** * The list of columns that define the explicit hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the explicit hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the explicit hierarchy. */ hierarchyId: pulumi.Input; } interface AnalysisFieldBasedTooltipArgs { /** * The visibility of `Show aggregations` . */ aggregationVisibility?: pulumi.Input; /** * The fields configuration in the tooltip. */ tooltipFields?: pulumi.Input[]>; /** * The type for the >tooltip title. Choose one of the following options: * * - `NONE` : Doesn't use the primary value as the title. * - `PRIMARY_VALUE` : Uses primary value as the title. */ tooltipTitleType?: pulumi.Input; } interface AnalysisFieldLabelTypeArgs { /** * Indicates the field that is targeted by the field label. */ fieldId?: pulumi.Input; /** * The visibility of the field label. */ visibility?: pulumi.Input; } interface AnalysisFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field for which you are setting the axis binding. */ fieldId: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface AnalysisFieldSortArgs { /** * The sort direction. Choose one of the following options: * * - `ASC` : Ascending * - `DESC` : Descending */ direction: pulumi.Input; /** * The sort configuration target field. */ fieldId: pulumi.Input; } interface AnalysisFieldSortOptionsArgs { /** * The sort configuration for a column that is not used in a field well. */ columnSort?: pulumi.Input; /** * The sort configuration for a field in a field well. */ fieldSort?: pulumi.Input; } interface AnalysisFieldTooltipItemArgs { /** * The unique ID of the field that is targeted by the tooltip. */ fieldId: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the field tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface AnalysisFilledMapAggregatedFieldWellsArgs { /** * The aggregated location field well of the filled map. Values are grouped by location fields. */ geospatial?: pulumi.Input[]>; /** * The aggregated color field well of a filled map. Values are aggregated based on location fields. */ values?: pulumi.Input[]>; } interface AnalysisFilledMapConditionalFormattingArgs { /** * Conditional formatting options of a `FilledMapVisual` . */ conditionalFormattingOptions: pulumi.Input[]>; } interface AnalysisFilledMapConditionalFormattingOptionArgs { /** * The conditional formatting that determines the shape of the filled map. */ shape: pulumi.Input; } interface AnalysisFilledMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the filled map visual. */ mapStyleOptions?: pulumi.Input; /** * The sort configuration of a `FilledMapVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The window options of the filled map visual. */ windowOptions?: pulumi.Input; } interface AnalysisFilledMapFieldWellsArgs { /** * The aggregated field well of the filled map. */ filledMapAggregatedFieldWells?: pulumi.Input; } interface AnalysisFilledMapShapeConditionalFormattingArgs { /** * The field ID of the filled map shape. */ fieldId: pulumi.Input; /** * The conditional formatting that determines the background color of a filled map's shape. */ format?: pulumi.Input; } interface AnalysisFilledMapSortConfigurationArgs { /** * The sort configuration of the location fields. */ categorySort?: pulumi.Input[]>; } interface AnalysisFilledMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a `FilledMapVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisFilterArgs { /** * A `CategoryFilter` filters text values. * * For more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon Quick Suite User Guide* . */ categoryFilter?: pulumi.Input; /** * A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter. */ nestedFilter?: pulumi.Input; /** * A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value. */ numericEqualityFilter?: pulumi.Input; /** * A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range. */ numericRangeFilter?: pulumi.Input; /** * A `RelativeDatesFilter` filters date values that are relative to a given date. */ relativeDatesFilter?: pulumi.Input; /** * A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value. */ timeEqualityFilter?: pulumi.Input; /** * A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range. */ timeRangeFilter?: pulumi.Input; /** * A `TopBottomFilter` filters data to the top or bottom values for a given column. */ topBottomFilter?: pulumi.Input; } interface AnalysisFilterControlArgs { /** * A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet */ crossSheet?: pulumi.Input; /** * A control from a date filter that is used to specify date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list of buttons or boxes. This is used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control from a date filter that is used to specify the relative date. */ relativeDateTime?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface AnalysisFilterCrossSheetControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The ID of the `FilterCrossSheetControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterCrossSheetControl` . */ sourceFilterId: pulumi.Input; } interface AnalysisFilterDateTimePickerControlArgs { /** * The visibility configurationof the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDateTimePickerControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterDateTimePickerControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDateTimePickerControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface AnalysisFilterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of the `FilterDropDownControl` . */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDropDownControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterDropDownControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDropDownControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface AnalysisFilterGroupArgs { /** * The filter new feature which can apply filter group to all data sets. Choose one of the following options: * * - `ALL_DATASETS` * - `SINGLE_DATASET` */ crossDataset: pulumi.Input; /** * The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis. */ filterGroupId: pulumi.Input; /** * The list of filters that are present in a `FilterGroup` . */ filters: pulumi.Input[]>; /** * The configuration that specifies what scope to apply to a `FilterGroup` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ scopeConfiguration: pulumi.Input; /** * The status of the `FilterGroup` . */ status?: pulumi.Input; } interface AnalysisFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface AnalysisFilterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterListControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterListControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterListControl` . */ title: pulumi.Input; /** * The type of the `FilterListControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface AnalysisFilterOperationSelectedFieldsConfigurationArgs { /** *

The selected columns of a dataset.

*/ selectedColumns?: pulumi.Input[]>; /** * A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` . * * Valid values are defined as follows: * * - `ALL_FIELDS` : Applies the filter operation to all fields. */ selectedFieldOptions?: pulumi.Input; /** * Chooses the fields that are filtered in `CustomActionFilterOperation` . */ selectedFields?: pulumi.Input[]>; } interface AnalysisFilterOperationTargetVisualsConfigurationArgs { /** * The configuration of the same-sheet target visuals that you want to be filtered. */ sameSheetTargetVisualConfiguration?: pulumi.Input; } interface AnalysisFilterRelativeDateTimeControlArgs { /** * The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface AnalysisFilterScopeConfigurationArgs { /** * The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen. */ allSheets?: pulumi.Input; /** * The configuration for applying a filter to specific sheets. */ selectedSheets?: pulumi.Input; } interface AnalysisFilterSelectableValuesArgs { /** * The values that are used in the `FilterSelectableValues` . */ values?: pulumi.Input[]>; } interface AnalysisFilterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterSliderControl` . */ filterControlId: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The source filter ID of the `FilterSliderControl` . */ sourceFilterId: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `FilterSliderControl` . */ title: pulumi.Input; /** * The type of the `FilterSliderControl` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface AnalysisFilterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface AnalysisFilterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextFieldControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextFieldControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextFieldControl` . */ title: pulumi.Input; } interface AnalysisFontConfigurationArgs { /** * Determines the color of the text. */ fontColor?: pulumi.Input; /** * Determines the appearance of decorative lines on the text. */ fontDecoration?: pulumi.Input; /** * The font family that you want to use. */ fontFamily?: pulumi.Input; /** * The option that determines the text display size. */ fontSize?: pulumi.Input; /** * Determines the text display face that is inherited by the given font family. */ fontStyle?: pulumi.Input; /** * The option that determines the text display weight, or boldness. */ fontWeight?: pulumi.Input; } interface AnalysisFontSizeArgs { /** * String based length that is composed of value and unit in px */ absolute?: pulumi.Input; /** * The lexical name for the text size, proportional to its surrounding context. */ relative?: pulumi.Input; } interface AnalysisFontWeightArgs { /** * The lexical name for the level of boldness of the text display. */ name?: pulumi.Input; } interface AnalysisForecastComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The custom seasonality value setup of a forecast computation. */ customSeasonalityValue?: pulumi.Input; /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `AUTOMATIC` * - `CUSTOM` : Checks the custom seasonality value. */ seasonality?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisForecastConfigurationArgs { /** * The forecast properties setup of a forecast in the line chart. */ forecastProperties?: pulumi.Input; /** * The forecast scenario of a forecast in the line chart. */ scenario?: pulumi.Input; } interface AnalysisForecastScenarioArgs { /** * The what-if analysis forecast setup with the target date. */ whatIfPointScenario?: pulumi.Input; /** * The what-if analysis forecast setup with the date range. */ whatIfRangeScenario?: pulumi.Input; } interface AnalysisFormatConfigurationArgs { /** * Formatting configuration for `DateTime` fields. */ dateTimeFormatConfiguration?: pulumi.Input; /** * Formatting configuration for number fields. */ numberFormatConfiguration?: pulumi.Input; /** * Formatting configuration for string fields. */ stringFormatConfiguration?: pulumi.Input; } interface AnalysisFreeFormLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a free-form layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface AnalysisFreeFormLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a free-form layout. */ elements: pulumi.Input[]>; } interface AnalysisFreeFormLayoutElementArgs { /** * The background style configuration of a free-form layout element. */ backgroundStyle?: pulumi.Input; /** * The border style configuration of a free-form layout element. */ borderStyle?: pulumi.Input; /** * A unique identifier for an element within a free-form layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; /** * String based length that is composed of value and unit in px */ height: pulumi.Input; /** * The loading animation configuration of a free-form layout element. */ loadingAnimation?: pulumi.Input; /** * The rendering rules that determine when an element should be displayed within a free-form layout. */ renderingRules?: pulumi.Input[]>; /** * The border style configuration of a free-form layout element. This border style is used when the element is selected. */ selectedBorderStyle?: pulumi.Input; /** * The visibility of an element within a free-form layout. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width: pulumi.Input; /** * String based length that is composed of value and unit in px */ xAxisLocation: pulumi.Input; /** * String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value */ yAxisLocation: pulumi.Input; } interface AnalysisFreeFormLayoutElementBackgroundStyleArgs { /** * The background color of a free-form layout element. */ color?: pulumi.Input; /** * The background visibility of a free-form layout element. */ visibility?: pulumi.Input; } interface AnalysisFreeFormLayoutElementBorderStyleArgs { /** * The border color of a free-form layout element. */ color?: pulumi.Input; /** * The border visibility of a free-form layout element. */ visibility?: pulumi.Input; } interface AnalysisFreeFormLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth: pulumi.Input; } interface AnalysisFreeFormSectionLayoutConfigurationArgs { /** * The elements that are included in the free-form layout. */ elements: pulumi.Input[]>; } interface AnalysisFunnelChartAggregatedFieldWellsArgs { /** * The category field wells of a funnel chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The value field wells of a funnel chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface AnalysisFunnelChartConfigurationArgs { /** * The label options of the categories that are displayed in a `FunnelChartVisual` . */ categoryLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the data labels. */ dataLabelOptions?: pulumi.Input; /** * The field well configuration of a `FunnelChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a `FunnelChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a `FunnelChartVisual` . */ tooltip?: pulumi.Input; /** * The label options for the values that are displayed in a `FunnelChartVisual` . */ valueLabelOptions?: pulumi.Input; /** * The visual palette configuration of a `FunnelChartVisual` . */ visualPalette?: pulumi.Input; } interface AnalysisFunnelChartDataLabelOptionsArgs { /** * The visibility of the category labels within the data labels. */ categoryLabelVisibility?: pulumi.Input; /** * The color of the data label text. */ labelColor?: pulumi.Input; /** * The font configuration for the data labels. * * Only the `FontSize` attribute of the font configuration is used for data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the style of the metric labels. */ measureDataLabelStyle?: pulumi.Input; /** * The visibility of the measure labels within the data labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines the positioning of the data label relative to a section of the funnel. */ position?: pulumi.Input; /** * The visibility option that determines if data labels are displayed. */ visibility?: pulumi.Input; } interface AnalysisFunnelChartFieldWellsArgs { /** * The field well configuration of a `FunnelChartVisual` . */ funnelChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisFunnelChartSortConfigurationArgs { /** * The limit on the number of categories displayed. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface AnalysisFunnelChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `FunnelChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisGaugeChartArcConditionalFormattingArgs { /** * The conditional formatting of the arc foreground color. */ foregroundColor?: pulumi.Input; } interface AnalysisGaugeChartColorConfigurationArgs { /** * The background color configuration of a `GaugeChartVisual` . */ backgroundColor?: pulumi.Input; /** * The foreground color configuration of a `GaugeChartVisual` . */ foregroundColor?: pulumi.Input; } interface AnalysisGaugeChartConditionalFormattingArgs { /** * Conditional formatting options of a `GaugeChartVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface AnalysisGaugeChartConditionalFormattingOptionArgs { /** * The options that determine the presentation of the arc of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The conditional formatting for the primary value of a `GaugeChartVisual` . */ primaryValue?: pulumi.Input; } interface AnalysisGaugeChartConfigurationArgs { /** * The color configuration of a `GaugeChartVisual` . */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a `GaugeChartVisual` . */ dataLabels?: pulumi.Input; /** * The field well configuration of a `GaugeChartVisual` . */ fieldWells?: pulumi.Input; /** * The options that determine the presentation of the `GaugeChartVisual` . */ gaugeChartOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a `GaugeChartVisual` . */ tooltipOptions?: pulumi.Input; /** * The visual palette configuration of a `GaugeChartVisual` . */ visualPalette?: pulumi.Input; } interface AnalysisGaugeChartFieldWellsArgs { /** * The target value field wells of a `GaugeChartVisual` . */ targetValues?: pulumi.Input[]>; /** * The value field wells of a `GaugeChartVisual` . */ values?: pulumi.Input[]>; } interface AnalysisGaugeChartOptionsArgs { /** * The arc configuration of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The arc axis configuration of a `GaugeChartVisual` . */ arcAxis?: pulumi.Input; /** * The comparison configuration of a `GaugeChartVisual` . */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; } interface AnalysisGaugeChartPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value text color. */ textColor?: pulumi.Input; } interface AnalysisGaugeChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `GaugeChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The conditional formatting of a `GaugeChartVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisGeospatialCategoricalColorArgs { /** * A list of categorical data colors for each category. */ categoryDataColors: pulumi.Input[]>; /** * The default opacity of a categorical color. */ defaultOpacity?: pulumi.Input; /** * The null data visualization settings. */ nullDataSettings?: pulumi.Input; /** * The state of visibility for null data. */ nullDataVisibility?: pulumi.Input; } interface AnalysisGeospatialCategoricalDataColorArgs { /** * The color and opacity values for the category data color. */ color: pulumi.Input; /** * The data value for the category data color. */ dataValue: pulumi.Input; } interface AnalysisGeospatialCircleRadiusArgs { /** * The positive value for the radius of a circle. */ radius?: pulumi.Input; } interface AnalysisGeospatialCircleSymbolStyleArgs { /** * The radius of the circle. */ circleRadius?: pulumi.Input; /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the stroke (border). */ strokeWidth?: pulumi.Input; } interface AnalysisGeospatialColorArgs { /** * The visualization properties for the categorical color. */ categorical?: pulumi.Input; /** * The visualization properties for the gradient color. */ gradient?: pulumi.Input; /** * The visualization properties for the solid color. */ solid?: pulumi.Input; } interface AnalysisGeospatialCoordinateBoundsArgs { /** * The longitude of the east bound of the geospatial coordinate bounds. */ east: pulumi.Input; /** * The latitude of the north bound of the geospatial coordinate bounds. */ north: pulumi.Input; /** * The latitude of the south bound of the geospatial coordinate bounds. */ south: pulumi.Input; /** * The longitude of the west bound of the geospatial coordinate bounds. */ west: pulumi.Input; } interface AnalysisGeospatialDataSourceItemArgs { /** * The static file data source properties for the geospatial data. */ staticFileDataSource?: pulumi.Input; } interface AnalysisGeospatialGradientColorArgs { /** * The default opacity for the gradient color. */ defaultOpacity?: pulumi.Input; /** * The null data visualization settings. */ nullDataSettings?: pulumi.Input; /** * The state of visibility for null data. */ nullDataVisibility?: pulumi.Input; /** * A list of gradient step colors for the gradient. */ stepColors: pulumi.Input[]>; } interface AnalysisGeospatialGradientStepColorArgs { /** * The color and opacity values for the gradient step color. */ color: pulumi.Input; /** * The data value for the gradient step color. */ dataValue: pulumi.Input; } interface AnalysisGeospatialHeatmapColorScaleArgs { /** * The list of colors to be used in heatmap point style. */ colors?: pulumi.Input[]>; } interface AnalysisGeospatialHeatmapConfigurationArgs { /** * The color scale specification for the heatmap point style. */ heatmapColor?: pulumi.Input; } interface AnalysisGeospatialHeatmapDataColorArgs { /** * The hex color to be used in the heatmap point style. */ color: pulumi.Input; } interface AnalysisGeospatialLayerColorFieldArgs { /** * A list of color dimension fields. */ colorDimensionsFields?: pulumi.Input[]>; /** * A list of color measure fields. */ colorValuesFields?: pulumi.Input[]>; } interface AnalysisGeospatialLayerDefinitionArgs { /** * The definition for a line layer. */ lineLayer?: pulumi.Input; /** * The definition for a point layer. */ pointLayer?: pulumi.Input; /** * The definition for a polygon layer. */ polygonLayer?: pulumi.Input; } interface AnalysisGeospatialLayerItemArgs { /** * A list of custom actions for a layer. */ actions?: pulumi.Input[]>; /** * The data source for the layer. */ dataSource?: pulumi.Input; /** * The join definition properties for a layer. */ joinDefinition?: pulumi.Input; /** * The label that is displayed for the layer. */ label?: pulumi.Input; /** * The definition properties for a layer. */ layerDefinition?: pulumi.Input; /** * The ID of the layer. */ layerId: pulumi.Input; /** * The layer type. */ layerType?: pulumi.Input; tooltip?: pulumi.Input; /** * The state of visibility for the layer. */ visibility?: pulumi.Input; } interface AnalysisGeospatialLayerJoinDefinitionArgs { /** * The geospatial color field for the join definition. */ colorField?: pulumi.Input; datasetKeyField?: pulumi.Input; /** * The name of the field or property in the geospatial data source. */ shapeKeyField?: pulumi.Input; } interface AnalysisGeospatialLayerMapConfigurationArgs { interactions?: pulumi.Input; legend?: pulumi.Input; /** * The geospatial layers to visualize on the map. */ mapLayers?: pulumi.Input[]>; /** * The map state properties for the map. */ mapState?: pulumi.Input; /** * The map style properties for the map. */ mapStyle?: pulumi.Input; } interface AnalysisGeospatialLineLayerArgs { /** * The visualization style for a line layer. */ style: pulumi.Input; } interface AnalysisGeospatialLineStyleArgs { /** * The symbol style for a line style. */ lineSymbolStyle?: pulumi.Input; } interface AnalysisGeospatialLineSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The width value for a line. */ lineWidth?: pulumi.Input; } interface AnalysisGeospatialLineWidthArgs { /** * The positive value for the width of a line. */ lineWidth?: pulumi.Input; } interface AnalysisGeospatialMapAggregatedFieldWellsArgs { /** * The color field wells of a geospatial map. */ colors?: pulumi.Input[]>; /** * The geospatial field wells of a geospatial map. Values are grouped by geospatial fields. */ geospatial?: pulumi.Input[]>; /** * The size field wells of a geospatial map. Values are aggregated based on geospatial fields. */ values?: pulumi.Input[]>; } interface AnalysisGeospatialMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the geospatial map. */ mapStyleOptions?: pulumi.Input; /** * The point style options of the geospatial map. */ pointStyleOptions?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; visualPalette?: pulumi.Input; /** * The window options of the geospatial map. */ windowOptions?: pulumi.Input; } interface AnalysisGeospatialMapFieldWellsArgs { /** * The aggregated field well for a geospatial map. */ geospatialMapAggregatedFieldWells?: pulumi.Input; } interface AnalysisGeospatialMapStateArgs { bounds?: pulumi.Input; /** * Enables or disables map navigation for a map. */ mapNavigation?: pulumi.Input; } interface AnalysisGeospatialMapStyleArgs { /** * The background color and opacity values for a map. */ backgroundColor?: pulumi.Input; /** * The selected base map style. */ baseMapStyle?: pulumi.Input; /** * The state of visibility for the base map. */ baseMapVisibility?: pulumi.Input; } interface AnalysisGeospatialMapStyleOptionsArgs { /** * The base map style of the geospatial map. */ baseMapStyle?: pulumi.Input; } interface AnalysisGeospatialMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisGeospatialNullDataSettingsArgs { /** * The symbol style for null data. */ symbolStyle: pulumi.Input; } interface AnalysisGeospatialNullSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the border stroke. */ strokeWidth?: pulumi.Input; } interface AnalysisGeospatialPointLayerArgs { /** * The visualization style for a point layer. */ style: pulumi.Input; } interface AnalysisGeospatialPointStyleArgs { /** * The circle symbol style for a point layer. */ circleSymbolStyle?: pulumi.Input; } interface AnalysisGeospatialPointStyleOptionsArgs { /** * The cluster marker configuration of the geospatial point style. */ clusterMarkerConfiguration?: pulumi.Input; /** * The heatmap configuration of the geospatial point style. */ heatmapConfiguration?: pulumi.Input; /** * The selected point styles (point, cluster) of the geospatial map. */ selectedPointStyle?: pulumi.Input; } interface AnalysisGeospatialPolygonLayerArgs { /** * The visualization style for a polygon layer. */ style: pulumi.Input; } interface AnalysisGeospatialPolygonStyleArgs { /** * The polygon symbol style for a polygon layer. */ polygonSymbolStyle?: pulumi.Input; } interface AnalysisGeospatialPolygonSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the border stroke. */ strokeWidth?: pulumi.Input; } /** * Describes the properties for a solid color */ interface AnalysisGeospatialSolidColorArgs { /** * The color and opacity values for the color. */ color: pulumi.Input; /** * Enables and disables the view state of the color. */ state?: pulumi.Input; } interface AnalysisGeospatialStaticFileSourceArgs { /** * The ID of the static file. */ staticFileId: pulumi.Input; } interface AnalysisGeospatialWindowOptionsArgs { /** * The bounds options (north, south, west, east) of the geospatial window options. */ bounds?: pulumi.Input; /** * The map zoom modes (manual, auto) of the geospatial window options. */ mapZoomMode?: pulumi.Input; } interface AnalysisGlobalTableBorderOptionsArgs { /** * Determines the options for side specific border. */ sideSpecificBorder?: pulumi.Input; /** * Determines the options for uniform border. */ uniformBorder?: pulumi.Input; } interface AnalysisGradientColorArgs { /** * The list of gradient color stops. */ stops?: pulumi.Input[]>; } interface AnalysisGradientStopArgs { /** * Determines the color. */ color?: pulumi.Input; /** * Determines the data value. */ dataValue?: pulumi.Input; /** * Determines gradient offset value. */ gradientOffset: pulumi.Input; } interface AnalysisGridLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a grid layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface AnalysisGridLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a grid layout. */ elements: pulumi.Input[]>; } interface AnalysisGridLayoutElementArgs { /** * The column index for the upper left corner of an element. */ columnIndex?: pulumi.Input; /** * The width of a grid element expressed as a number of grid columns. */ columnSpan: pulumi.Input; /** * A unique identifier for an element within a grid layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; /** * The row index for the upper left corner of an element. */ rowIndex?: pulumi.Input; /** * The height of a grid element expressed as a number of grid rows. */ rowSpan: pulumi.Input; } interface AnalysisGridLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth?: pulumi.Input; /** * This value determines the layout behavior when the viewport is resized. * * - `FIXED` : A fixed width will be used when optimizing the layout. In the Quick Sight console, this option is called `Classic` . * - `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Quick Sight console, this option is called `Tiled` . */ resizeOption: pulumi.Input; } interface AnalysisGrowthRateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The period size setup of a growth rate computation. */ periodSize?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisHeaderFooterSectionConfigurationArgs { /** * The layout configuration of the header or footer section. */ layout: pulumi.Input; /** * The unique identifier of the header or footer section. */ sectionId: pulumi.Input; /** * The style options of a header or footer section. */ style?: pulumi.Input; } interface AnalysisHeatMapAggregatedFieldWellsArgs { /** * The columns field well of a heat map. */ columns?: pulumi.Input[]>; /** * The rows field well of a heat map. */ rows?: pulumi.Input[]>; /** * The values field well of a heat map. */ values?: pulumi.Input[]>; } interface AnalysisHeatMapConfigurationArgs { /** * The color options (gradient color, point of divergence) in a heat map. */ colorScale?: pulumi.Input; /** * The label options of the column that is displayed in a heat map. */ columnLabelOptions?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options of the row that is displayed in a `heat map` . */ rowLabelOptions?: pulumi.Input; /** * The sort configuration of a heat map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface AnalysisHeatMapFieldWellsArgs { /** * The aggregated field wells of a heat map. */ heatMapAggregatedFieldWells?: pulumi.Input; } interface AnalysisHeatMapSortConfigurationArgs { /** * The limit on the number of columns that are displayed in a heat map. */ heatMapColumnItemsLimitConfiguration?: pulumi.Input; /** * The column sort configuration for heat map for columns that aren't a part of a field well. */ heatMapColumnSort?: pulumi.Input[]>; /** * The limit on the number of rows that are displayed in a heat map. */ heatMapRowItemsLimitConfiguration?: pulumi.Input; /** * The field sort configuration of the rows fields. */ heatMapRowSort?: pulumi.Input[]>; } interface AnalysisHeatMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a heat map. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisHistogramAggregatedFieldWellsArgs { /** * The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` . */ values?: pulumi.Input[]>; } interface AnalysisHistogramBinOptionsArgs { /** * The options that determine the bin count of a histogram. */ binCount?: pulumi.Input; /** * The options that determine the bin width of a histogram. */ binWidth?: pulumi.Input; /** * The options that determine the selected bin type. */ selectedBinType?: pulumi.Input; /** * The options that determine the bin start value. */ startValue?: pulumi.Input; } interface AnalysisHistogramConfigurationArgs { /** * The options that determine the presentation of histogram bins. */ binOptions?: pulumi.Input; /** * The data label configuration of a histogram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a histogram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a histogram. */ tooltip?: pulumi.Input; /** * The visual palette configuration of a histogram. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ yAxisDisplayOptions?: pulumi.Input; } interface AnalysisHistogramFieldWellsArgs { /** * The field well configuration of a histogram. */ histogramAggregatedFieldWells?: pulumi.Input; } interface AnalysisHistogramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a `HistogramVisual` . */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisImageCustomActionArgs { /** * A list of `ImageCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the custom action. */ customActionId: pulumi.Input; /** * The name of the custom action. */ name: pulumi.Input; /** * The status of the custom action. */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `CLICK` : Initiates a custom action by a left pointer click on a data point. * - `MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface AnalysisImageCustomActionOperationArgs { navigationOperation?: pulumi.Input; setParametersOperation?: pulumi.Input; urlOperation?: pulumi.Input; } interface AnalysisImageInteractionOptionsArgs { /** * The menu options for the image. */ imageMenuOption?: pulumi.Input; } interface AnalysisImageMenuOptionArgs { /** * The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu. */ availabilityStatus?: pulumi.Input; } interface AnalysisImageStaticFileArgs { /** * The source of the image static file. */ source?: pulumi.Input; /** * The ID of the static file that contains an image. */ staticFileId: pulumi.Input; } interface AnalysisInnerFilterArgs { /** * A `CategoryInnerFilter` filters text values for the `NestedFilter` . */ categoryInnerFilter?: pulumi.Input; } interface AnalysisInsightConfigurationArgs { /** * The computations configurations of the insight visual */ computations?: pulumi.Input[]>; /** * The custom narrative of the insight visual. */ customNarrative?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface AnalysisInsightVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The dataset that is used in the insight visual. */ dataSetIdentifier: pulumi.Input; /** * The configuration of an insight visual. */ insightConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisIntegerDefaultValuesArgs { /** * The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `IntegerDefaultValues` . */ staticValues?: pulumi.Input[]>; } /** *

An integer parameter.

*/ interface AnalysisIntegerParameterArgs { /** *

The name of the integer parameter.

*/ name: pulumi.Input; /** *

The values for the integer parameter.

*/ values: pulumi.Input[]>; } interface AnalysisIntegerParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ valueWhenUnset?: pulumi.Input; } interface AnalysisIntegerValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface AnalysisItemsLimitConfigurationArgs { /** * The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart. */ itemsLimit?: pulumi.Input; /** * The `Show other` of an axis in the chart. Choose one of the following options: * * - `INCLUDE` * - `EXCLUDE` */ otherCategories?: pulumi.Input; } interface AnalysisKpiActualValueConditionalFormattingArgs { /** * The conditional formatting of the actual value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the actual value's text color. */ textColor?: pulumi.Input; } interface AnalysisKpiComparisonValueConditionalFormattingArgs { /** * The conditional formatting of the comparison value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the comparison value's text color. */ textColor?: pulumi.Input; } interface AnalysisKpiConditionalFormattingArgs { /** * The conditional formatting options of a KPI visual. */ conditionalFormattingOptions?: pulumi.Input[]>; } interface AnalysisKpiConditionalFormattingOptionArgs { /** * The conditional formatting for the actual value of a KPI visual. */ actualValue?: pulumi.Input; /** * The conditional formatting for the comparison value of a KPI visual. */ comparisonValue?: pulumi.Input; /** * The conditional formatting for the primary value of a KPI visual. */ primaryValue?: pulumi.Input; /** * The conditional formatting for the progress bar of a KPI visual. */ progressBar?: pulumi.Input; } interface AnalysisKpiConfigurationArgs { /** * The field well configuration of a KPI visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The options that determine the presentation of a KPI visual. */ kpiOptions?: pulumi.Input; /** * The sort configuration of a KPI visual. */ sortConfiguration?: pulumi.Input; } interface AnalysisKpiFieldWellsArgs { /** * The target value field wells of a KPI visual. */ targetValues?: pulumi.Input[]>; /** * The trend group field wells of a KPI visual. */ trendGroups?: pulumi.Input[]>; /** * The value field wells of a KPI visual. */ values?: pulumi.Input[]>; } interface AnalysisKpiOptionsArgs { /** * The comparison configuration of a KPI visual. */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the presentation of the progress bar of a KPI visual. */ progressBar?: pulumi.Input; /** * The options that determine the presentation of the secondary value of a KPI visual. */ secondaryValue?: pulumi.Input; /** * The options that determine the secondary value font configuration. */ secondaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual. */ sparkline?: pulumi.Input; /** * The options that determine the presentation of trend arrows in a KPI visual. */ trendArrows?: pulumi.Input; /** * The options that determine the layout a KPI visual. */ visualLayoutOptions?: pulumi.Input; } interface AnalysisKpiPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value's text color. */ textColor?: pulumi.Input; } interface AnalysisKpiProgressBarConditionalFormattingArgs { /** * The conditional formatting of the progress bar's foreground color. */ foregroundColor?: pulumi.Input; } interface AnalysisKpiSortConfigurationArgs { /** * The sort configuration of the trend group fields. */ trendGroupSort?: pulumi.Input[]>; } interface AnalysisKpiSparklineOptionsArgs { /** * The color of the sparkline. */ color?: pulumi.Input; /** * The tooltip visibility of the sparkline. */ tooltipVisibility?: pulumi.Input; /** * The type of the sparkline. */ type: pulumi.Input; /** * The visibility of the sparkline. */ visibility?: pulumi.Input; } interface AnalysisKpiVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a KPI visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a KPI visual. */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisKpiVisualLayoutOptionsArgs { /** * The standard layout of the KPI visual. */ standardLayout?: pulumi.Input; } interface AnalysisKpiVisualStandardLayoutArgs { /** * The standard layout type. */ type: pulumi.Input; } interface AnalysisLabelOptionsArgs { /** * The text for the label. */ customLabel?: pulumi.Input; /** * The font configuration of the label. */ fontConfiguration?: pulumi.Input; /** * Determines whether or not the label is visible. */ visibility?: pulumi.Input; } interface AnalysisLayerCustomActionArgs { /** * A list of `LayerCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the custom action. */ customActionId: pulumi.Input; /** * The name of the custom action. */ name: pulumi.Input; /** * The status of the `LayerCustomAction` . */ status?: pulumi.Input; /** * The trigger of the `LayerCustomAction` . * * Valid values are defined as follows: * * - `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point. * - `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface AnalysisLayerCustomActionOperationArgs { filterOperation?: pulumi.Input; navigationOperation?: pulumi.Input; setParametersOperation?: pulumi.Input; urlOperation?: pulumi.Input; } interface AnalysisLayerMapVisualArgs { /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The dataset that is used to create the layer map visual. You can't create a visual without a dataset. */ dataSetIdentifier: pulumi.Input; subtitle?: pulumi.Input; title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The ID of the visual. */ visualId: pulumi.Input; } interface AnalysisLayoutArgs { /** * The configuration that determines what the type of layout for a sheet. */ configuration: pulumi.Input; } interface AnalysisLayoutConfigurationArgs { /** * A free-form is optimized for a fixed width and has more control over the exact placement of layout elements. */ freeFormLayout?: pulumi.Input; /** * A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` . */ gridLayout?: pulumi.Input; /** * A section based layout organizes visuals into multiple sections and has customized header, footer and page break. */ sectionBasedLayout?: pulumi.Input; } interface AnalysisLegendOptionsArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The positions for the legend. Choose one of the following options: * * - `AUTO` * - `RIGHT` * - `BOTTOM` * - `LEFT` */ position?: pulumi.Input; /** * The custom title for the legend. */ title?: pulumi.Input; valueFontConfiguration?: pulumi.Input; /** * Determines whether or not the legend is visible. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface AnalysisLineChartAggregatedFieldWellsArgs { /** * The category field wells of a line chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The color field wells of a line chart. Values are grouped by category fields. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a line chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a line chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface AnalysisLineChartConfigurationArgs { /** * The default configuration of a line chart's contribution analysis. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The data label configuration of a line chart. */ dataLabels?: pulumi.Input; /** * The options that determine the default presentation of all line series in `LineChartVisual` . */ defaultSeriesSettings?: pulumi.Input; /** * The field well configuration of a line chart. */ fieldWells?: pulumi.Input; /** * The forecast configuration of a line chart. */ forecastConfigurations?: pulumi.Input[]>; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a line chart. */ legend?: pulumi.Input; /** * The series axis configuration of a line chart. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference lines configuration of a line chart. */ referenceLines?: pulumi.Input[]>; /** * The series axis configuration of a line chart. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the secondary y-axis label. */ secondaryYAxisLabelOptions?: pulumi.Input; /** * The series item configuration of a line chart. */ series?: pulumi.Input[]>; singleAxisOptions?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a line chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a line chart. */ tooltip?: pulumi.Input; /** * Determines the type of the line chart. */ type?: pulumi.Input; /** * The visual palette configuration of a line chart. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; } interface AnalysisLineChartDefaultSeriesSettingsArgs { /** * The axis to which you are binding all line series to. */ axisBinding?: pulumi.Input; /** * Line styles options for all line series in the visual. */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for all line series in the visual. */ markerStyleSettings?: pulumi.Input; } interface AnalysisLineChartFieldWellsArgs { /** * The field well configuration of a line chart. */ lineChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisLineChartLineStyleSettingsArgs { /** * Interpolation style for line series. * * - `LINEAR` : Show as default, linear style. * - `SMOOTH` : Show as a smooth curve. * - `STEPPED` : Show steps in line. */ lineInterpolation?: pulumi.Input; /** * Line style for line series. * * - `SOLID` : Show as a solid line. * - `DOTTED` : Show as a dotted line. * - `DASHED` : Show as a dashed line. */ lineStyle?: pulumi.Input; /** * Configuration option that determines whether to show the line for the series. */ lineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ lineWidth?: pulumi.Input; } interface AnalysisLineChartMarkerStyleSettingsArgs { /** * Color of marker in the series. */ markerColor?: pulumi.Input; /** * Shape option for markers in the series. * * - `CIRCLE` : Show marker as a circle. * - `TRIANGLE` : Show marker as a triangle. * - `SQUARE` : Show marker as a square. * - `DIAMOND` : Show marker as a diamond. * - `ROUNDED_SQUARE` : Show marker as a rounded square. */ markerShape?: pulumi.Input; /** * String based length that is composed of value and unit in px */ markerSize?: pulumi.Input; /** * Configuration option that determines whether to show the markers in the series. */ markerVisibility?: pulumi.Input; } interface AnalysisLineChartSeriesSettingsArgs { /** * Line styles options for a line series in `LineChartVisual` . */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for a line series in `LineChartVisual` . */ markerStyleSettings?: pulumi.Input; } interface AnalysisLineChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a line chart. */ categoryItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of lines that are displayed in a line chart. */ colorItemsLimitConfiguration?: pulumi.Input; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface AnalysisLineChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a line chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisLineSeriesAxisDisplayOptionsArgs { /** * The options that determine the presentation of the line series axis. */ axisOptions?: pulumi.Input; /** * The configuration options that determine how missing data is treated during the rendering of a line chart. */ missingDataConfigurations?: pulumi.Input[]>; } interface AnalysisListControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the search options in a list control. */ searchOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a list control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisListControlSearchOptionsArgs { /** * The visibility configuration of the search options in a list control. */ visibility?: pulumi.Input; } interface AnalysisListControlSelectAllOptionsArgs { /** * The visibility configuration of the `Select all` options in a list control. */ visibility?: pulumi.Input; } interface AnalysisLoadingAnimationArgs { /** * The visibility configuration of `LoadingAnimation` . */ visibility?: pulumi.Input; } interface AnalysisLocalNavigationConfigurationArgs { /** * The sheet that is targeted for navigation in the same analysis. */ targetSheetId: pulumi.Input; } interface AnalysisLongFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface AnalysisMappedDataSetParameterArgs { /** * A unique name that identifies a dataset within the analysis or dashboard. */ dataSetIdentifier: pulumi.Input; /** * The name of the dataset parameter. */ dataSetParameterName: pulumi.Input; } interface AnalysisMaximumLabelTypeArgs { /** * The visibility of the maximum label. */ visibility?: pulumi.Input; } interface AnalysisMaximumMinimumComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The type of computation. Choose one of the following options: * * - MAXIMUM: A maximum computation. * - MINIMUM: A minimum computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisMeasureFieldArgs { /** * The calculated measure field only used in pivot tables. */ calculatedMeasureField?: pulumi.Input; /** * The measure type field with categorical type columns. */ categoricalMeasureField?: pulumi.Input; /** * The measure type field with date type columns. */ dateMeasureField?: pulumi.Input; /** * The measure type field with numerical type columns. */ numericalMeasureField?: pulumi.Input; } interface AnalysisMetricComparisonComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The field that is used in a metric comparison from value setup. */ fromValue?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The field that is used in a metric comparison to value setup. */ targetValue?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; } interface AnalysisMinimumLabelTypeArgs { /** * The visibility of the minimum label. */ visibility?: pulumi.Input; } interface AnalysisMissingDataConfigurationArgs { /** * The treatment option that determines how missing data should be rendered. Choose from the following options: * * - `INTERPOLATE` : Interpolate missing values between the prior and the next known value. * - `SHOW_AS_ZERO` : Show missing values as the value `0` . * - `SHOW_AS_BLANK` : Display a blank space when rendering missing data. */ treatmentOption?: pulumi.Input; } interface AnalysisNegativeValueConfigurationArgs { /** * Determines the display mode of the negative value configuration. */ displayMode: pulumi.Input; } interface AnalysisNestedFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter. */ includeInnerSet: pulumi.Input; /** * The `InnerFilter` defines the subset of data to be used with the `NestedFilter` . */ innerFilter: pulumi.Input; } interface AnalysisNullValueFormatConfigurationArgs { /** * Determines the null string of null values. */ nullString: pulumi.Input; } interface AnalysisNumberDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value of the number format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the number format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the number format. */ suffix?: pulumi.Input; } interface AnalysisNumberFormatConfigurationArgs { /** * The options that determine the numeric format configuration. */ formatConfiguration?: pulumi.Input; } interface AnalysisNumericAxisOptionsArgs { /** * The range setup of a numeric axis. */ range?: pulumi.Input; /** * The scale setup of a numeric axis. */ scale?: pulumi.Input; } interface AnalysisNumericEqualityDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The value of the double input numeric drill down filter. */ value: pulumi.Input; } interface AnalysisNumericEqualityFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; /** * The input value. */ value?: pulumi.Input; } interface AnalysisNumericFormatConfigurationArgs { /** * The options that determine the currency display format configuration. */ currencyDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the number display format configuration. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the percentage display format configuration. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface AnalysisNumericRangeFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface AnalysisNumericRangeFilterValueArgs { /** * The parameter that is used in the numeric range. */ parameter?: pulumi.Input; /** * The static value of the numeric range filter. */ staticValue?: pulumi.Input; } interface AnalysisNumericSeparatorConfigurationArgs { /** * Determines the decimal separator. */ decimalSeparator?: pulumi.Input; /** * The options that determine the thousands separator configuration. */ thousandsSeparator?: pulumi.Input; } interface AnalysisNumericalAggregationFunctionArgs { /** * An aggregation based on the percentile of values in a dimension or measure. */ percentileAggregation?: pulumi.Input; /** * Built-in aggregation functions for numerical values. * * - `SUM` : The sum of a dimension or measure. * - `AVERAGE` : The average of a dimension or measure. * - `MIN` : The minimum value of a dimension or measure. * - `MAX` : The maximum value of a dimension or measure. * - `COUNT` : The count of a dimension or measure. * - `DISTINCT_COUNT` : The count of distinct values in a dimension or measure. * - `VAR` : The variance of a dimension or measure. * - `VARP` : The partitioned variance of a dimension or measure. * - `STDEV` : The standard deviation of a dimension or measure. * - `STDEVP` : The partitioned standard deviation of a dimension or measure. * - `MEDIAN` : The median value of a dimension or measure. */ simpleNumericalAggregation?: pulumi.Input; } interface AnalysisNumericalDimensionFieldArgs { /** * The column that is used in the `NumericalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface AnalysisNumericalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `NumericalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface AnalysisPaginationConfigurationArgs { /** * Indicates the page number. */ pageNumber: pulumi.Input; /** * Indicates how many items render in one page. */ pageSize: pulumi.Input; } interface AnalysisPanelConfigurationArgs { /** * Sets the background color for each panel. */ backgroundColor?: pulumi.Input; /** * Determines whether or not a background for each small multiples panel is rendered. */ backgroundVisibility?: pulumi.Input; /** * Sets the line color of panel borders. */ borderColor?: pulumi.Input; /** * Sets the line style of panel borders. */ borderStyle?: pulumi.Input; /** * String based length that is composed of value and unit in px */ borderThickness?: pulumi.Input; /** * Determines whether or not each panel displays a border. */ borderVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ gutterSpacing?: pulumi.Input; /** * Determines whether or not negative space between sibling panels is rendered. */ gutterVisibility?: pulumi.Input; /** * Configures the title display within each small multiples panel. */ title?: pulumi.Input; } interface AnalysisPanelTitleOptionsArgs { fontConfiguration?: pulumi.Input; /** * Sets the horizontal text alignment of the title within each panel. */ horizontalTextAlignment?: pulumi.Input; /** * Determines whether or not panel titles are displayed. */ visibility?: pulumi.Input; } interface AnalysisParameterControlArgs { /** * A control from a date parameter that specifies date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list with buttons or boxes that are used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface AnalysisParameterDateTimePickerControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDateTimePickerControl` . */ parameterControlId: pulumi.Input; /** * The name of the `ParameterDateTimePickerControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDateTimePickerControl` . */ title: pulumi.Input; } interface AnalysisParameterDeclarationArgs { /** * A parameter declaration for the `DateTime` data type. */ dateTimeParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Decimal` data type. */ decimalParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ integerParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `String` data type. */ stringParameterDeclaration?: pulumi.Input; } interface AnalysisParameterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `ParameterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDropDownControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterDropDownControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDropDownControl` . */ title: pulumi.Input; /** * The type parameter name of the `ParameterDropDownControl` . */ type?: pulumi.Input; } interface AnalysisParameterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterListControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterListControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterListControl` . */ title: pulumi.Input; /** * The type of `ParameterListControl` . */ type?: pulumi.Input; } interface AnalysisParameterSelectableValuesArgs { /** * The column identifier that fetches values from the data set. */ linkToDataSetColumn?: pulumi.Input; /** * The values that are used in `ParameterSelectableValues` . */ values?: pulumi.Input[]>; } interface AnalysisParameterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The ID of the `ParameterSliderControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterSliderControl` . */ sourceParameterName: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `ParameterSliderControl` . */ title: pulumi.Input; } interface AnalysisParameterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextAreaControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextAreaControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextAreaControl` . */ title: pulumi.Input; } interface AnalysisParameterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextFieldControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextFieldControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextFieldControl` . */ title: pulumi.Input; } /** *

A list of Amazon QuickSight parameters and the list's override values.

*/ interface AnalysisParametersArgs { /** *

The parameters that have a data type of date-time.

*/ dateTimeParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of decimal.

*/ decimalParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of integer.

*/ integerParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of string.

*/ stringParameters?: pulumi.Input[]>; } interface AnalysisPercentVisibleRangeArgs { /** * The lower bound of the range. */ from?: pulumi.Input; /** * The top bound of the range. */ to?: pulumi.Input; } interface AnalysisPercentageDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the prefix value of the percentage format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the percentage format. */ suffix?: pulumi.Input; } interface AnalysisPercentileAggregationArgs { /** * The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure. */ percentileValue?: pulumi.Input; } interface AnalysisPeriodOverPeriodComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisPeriodToDateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time granularity setup of period to date computation. Choose from the following options: * * - YEAR: Year to date. * - MONTH: Month to date. */ periodTimeGranularity?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisPieChartAggregatedFieldWellsArgs { /** * The category (group/color) field wells of a pie chart. */ category?: pulumi.Input[]>; /** * The small multiples field well of a pie chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a pie chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface AnalysisPieChartConfigurationArgs { /** * The label options of the group/color that is displayed in a pie chart. */ categoryLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart. */ donutOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a pie chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label options for the value that is displayed in a pie chart. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface AnalysisPieChartFieldWellsArgs { /** * The field well configuration of a pie chart. */ pieChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisPieChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a pie chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface AnalysisPieChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a pie chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisPivotFieldSortOptionsArgs { /** * The field ID for the field sort options. */ fieldId: pulumi.Input; /** * The sort by field for the field sort options. */ sortBy: pulumi.Input; } interface AnalysisPivotTableAggregatedFieldWellsArgs { /** * The columns field well for a pivot table. Values are grouped by columns fields. */ columns?: pulumi.Input[]>; /** * The rows field well for a pivot table. Values are grouped by rows fields. */ rows?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on rows and columns fields. */ values?: pulumi.Input[]>; } interface AnalysisPivotTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The scope of the cell for conditional formatting. */ scope?: pulumi.Input; /** * A list of cell scopes for conditional formatting. */ scopes?: pulumi.Input[]>; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface AnalysisPivotTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface AnalysisPivotTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a pivot table. */ cell?: pulumi.Input; } interface AnalysisPivotTableConditionalFormattingScopeArgs { /** * The role (field, field total, grand total) of the cell for conditional formatting. */ role?: pulumi.Input; } interface AnalysisPivotTableConfigurationArgs { /** * The field options for a pivot table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a pivot table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `PivotTableVisual` . */ sortConfiguration?: pulumi.Input; /** * The table options for a pivot table visual. */ tableOptions?: pulumi.Input; /** * The total options for a pivot table visual. */ totalOptions?: pulumi.Input; } interface AnalysisPivotTableDataPathOptionArgs { /** * The list of data path values for the data path options. */ dataPathList: pulumi.Input[]>; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface AnalysisPivotTableFieldCollapseStateOptionArgs { /** * The state of the field target of a pivot table. Choose one of the following options: * * - `COLLAPSED` * - `EXPANDED` */ state?: pulumi.Input; /** * A tagged-union object that sets the collapse state. */ target: pulumi.Input; } interface AnalysisPivotTableFieldCollapseStateTargetArgs { /** * The data path of the pivot table's header. Used to set the collapse state. */ fieldDataPathValues?: pulumi.Input[]>; /** * The field ID of the pivot table that the collapse state needs to be set to. */ fieldId?: pulumi.Input; } interface AnalysisPivotTableFieldOptionArgs { /** * The custom label of the pivot table field. */ customLabel?: pulumi.Input; /** * The field ID of the pivot table field. */ fieldId: pulumi.Input; /** * The visibility of the pivot table field. */ visibility?: pulumi.Input; } interface AnalysisPivotTableFieldOptionsArgs { /** * The collapse state options for the pivot table field options. */ collapseStateOptions?: pulumi.Input[]>; /** * The data path options for the pivot table field options. */ dataPathOptions?: pulumi.Input[]>; /** * The selected field options for the pivot table field options. */ selectedFieldOptions?: pulumi.Input[]>; } interface AnalysisPivotTableFieldSubtotalOptionsArgs { /** * The field ID of the subtotal options. */ fieldId?: pulumi.Input; } interface AnalysisPivotTableFieldWellsArgs { /** * The aggregated field well for the pivot table. */ pivotTableAggregatedFieldWells?: pulumi.Input; } interface AnalysisPivotTableOptionsArgs { /** * The table cell style of cells. */ cellStyle?: pulumi.Input; /** * The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` . */ collapsedRowDimensionsVisibility?: pulumi.Input; /** * The table cell style of the column header. */ columnHeaderStyle?: pulumi.Input; /** * The visibility of the column names. */ columnNamesVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ defaultCellWidth?: pulumi.Input; /** * The metric placement (row, column) options. */ metricPlacement?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors). */ rowAlternateColorOptions?: pulumi.Input; /** * The table cell style of row field names. */ rowFieldNamesStyle?: pulumi.Input; /** * The table cell style of the row headers. */ rowHeaderStyle?: pulumi.Input; /** * The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` . */ rowsLabelOptions?: pulumi.Input; /** * The layout for the row dimension headers of a pivot table. Choose one of the following options. * * - `TABULAR` : (Default) Each row field is displayed in a separate column. * - `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields. */ rowsLayout?: pulumi.Input; /** * The visibility of the single metric options. */ singleMetricVisibility?: pulumi.Input; /** * Determines the visibility of the pivot table. */ toggleButtonsVisibility?: pulumi.Input; } interface AnalysisPivotTablePaginatedReportOptionsArgs { /** * The visibility of the repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of the printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface AnalysisPivotTableRowsLabelOptionsArgs { /** * The custom label string for the rows label. */ customLabel?: pulumi.Input; /** * The visibility of the rows label. */ visibility?: pulumi.Input; } interface AnalysisPivotTableSortByArgs { /** * The column sort (field id, direction) for the pivot table sort by options. */ column?: pulumi.Input; /** * The data path sort (data path value, direction) for the pivot table sort by options. */ dataPath?: pulumi.Input; /** * The field sort (field id, direction) for the pivot table sort by options. */ field?: pulumi.Input; } interface AnalysisPivotTableSortConfigurationArgs { /** * The field sort options for a pivot table sort configuration. */ fieldSortOptions?: pulumi.Input[]>; } interface AnalysisPivotTableTotalOptionsArgs { /** * The column subtotal options. */ columnSubtotalOptions?: pulumi.Input; /** * The column total options. */ columnTotalOptions?: pulumi.Input; /** * The row subtotal options. */ rowSubtotalOptions?: pulumi.Input; /** * The row total options. */ rowTotalOptions?: pulumi.Input; } interface AnalysisPivotTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisPivotTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The cell styling options for the total of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation options for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * The cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the totals of value cells. */ valueCellStyle?: pulumi.Input; } interface AnalysisPluginVisualArgs { /** * A description of the plugin field wells and their persisted properties. */ chartConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) that reflects the plugin and version. */ pluginArn: pulumi.Input; subtitle?: pulumi.Input; title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The ID of the visual that you want to use. */ visualId: pulumi.Input; } interface AnalysisPluginVisualConfigurationArgs { /** * The field wells configuration of the plugin visual. */ fieldWells?: pulumi.Input[]>; /** * The sort configuration of the plugin visual. */ sortConfiguration?: pulumi.Input; /** * The persisted properties of the plugin visual. */ visualOptions?: pulumi.Input; } interface AnalysisPluginVisualFieldWellArgs { /** * The semantic axis name for the field well. */ axisName?: pulumi.Input; /** * A list of dimensions for the field well. */ dimensions?: pulumi.Input[]>; /** * A list of measures that exist in the field well. */ measures?: pulumi.Input[]>; /** * A list of unaggregated fields that exist in the field well. */ unaggregated?: pulumi.Input[]>; } interface AnalysisPluginVisualItemsLimitConfigurationArgs { /** * Determines how many values are be fetched at once. */ itemsLimit?: pulumi.Input; } interface AnalysisPluginVisualOptionsArgs { /** * The persisted properties and their values. */ visualProperties?: pulumi.Input[]>; } interface AnalysisPluginVisualPropertyArgs { /** * The name of the plugin visual property. */ name?: pulumi.Input; /** * The value of the plugin visual property. */ value?: pulumi.Input; } interface AnalysisPluginVisualSortConfigurationArgs { /** * The table query sorting options for the plugin visual. */ pluginVisualTableQuerySort?: pulumi.Input; } interface AnalysisPluginVisualTableQuerySortArgs { /** * The maximum amount of data to be returned by a query. */ itemsLimitConfiguration?: pulumi.Input; /** * Determines how data is sorted in the response. */ rowSort?: pulumi.Input[]>; } interface AnalysisPredefinedHierarchyArgs { /** * The list of columns that define the predefined hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the predefined hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the predefined hierarchy. */ hierarchyId: pulumi.Input; } interface AnalysisProgressBarOptionsArgs { /** * The visibility of the progress bar. */ visibility?: pulumi.Input; } interface AnalysisQueryExecutionOptionsArgs { /** * A structure that describes the query execution mode. */ queryExecutionMode?: pulumi.Input; } interface AnalysisRadarChartAggregatedFieldWellsArgs { /** * The aggregated field well categories of a radar chart. */ category?: pulumi.Input[]>; /** * The color that are assigned to the aggregated field wells of a radar chart. */ color?: pulumi.Input[]>; /** * The values that are assigned to the aggregated field wells of a radar chart. */ values?: pulumi.Input[]>; } interface AnalysisRadarChartAreaStyleSettingsArgs { /** * The visibility settings of a radar chart. */ visibility?: pulumi.Input; } interface AnalysisRadarChartConfigurationArgs { /** * Determines the visibility of the colors of alternatign bands in a radar chart. */ alternateBandColorsVisibility?: pulumi.Input; /** * The color of the even-numbered alternate bands of a radar chart. */ alternateBandEvenColor?: pulumi.Input; /** * The color of the odd-numbered alternate bands of a radar chart. */ alternateBandOddColor?: pulumi.Input; /** * The axis behavior options of a radar chart. */ axesRangeScale?: pulumi.Input; /** * The base sreies settings of a radar chart. */ baseSeriesSettings?: pulumi.Input; /** * The category axis of a radar chart. */ categoryAxis?: pulumi.Input; /** * The category label options of a radar chart. */ categoryLabelOptions?: pulumi.Input; /** * The color axis of a radar chart. */ colorAxis?: pulumi.Input; /** * The color label options of a radar chart. */ colorLabelOptions?: pulumi.Input; /** * The field well configuration of a `RadarChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The shape of the radar chart. */ shape?: pulumi.Input; /** * The sort configuration of a `RadarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The start angle of a radar chart's axis. */ startAngle?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface AnalysisRadarChartFieldWellsArgs { /** * The aggregated field wells of a radar chart visual. */ radarChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisRadarChartSeriesSettingsArgs { /** * The area style settings of a radar chart. */ areaStyleSettings?: pulumi.Input; } interface AnalysisRadarChartSortConfigurationArgs { /** * The category items limit for a radar chart. */ categoryItemsLimit?: pulumi.Input; /** * The category sort options of a radar chart. */ categorySort?: pulumi.Input[]>; /** * The color items limit of a radar chart. */ colorItemsLimit?: pulumi.Input; /** * The color sort configuration of a radar chart. */ colorSort?: pulumi.Input[]>; } interface AnalysisRadarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisRangeEndsLabelTypeArgs { /** * The visibility of the range ends label. */ visibility?: pulumi.Input; } interface AnalysisReferenceLineArgs { /** * The data configuration of the reference line. */ dataConfiguration: pulumi.Input; /** * The label configuration of the reference line. */ labelConfiguration?: pulumi.Input; /** * The status of the reference line. Choose one of the following options: * * - `ENABLE` * - `DISABLE` */ status?: pulumi.Input; /** * The style configuration of the reference line. */ styleConfiguration?: pulumi.Input; } interface AnalysisReferenceLineCustomLabelConfigurationArgs { /** * The string text of the custom label. */ customLabel: pulumi.Input; } interface AnalysisReferenceLineDataConfigurationArgs { /** * The axis binding type of the reference line. Choose one of the following options: * * - `PrimaryY` * - `SecondaryY` */ axisBinding?: pulumi.Input; /** * The dynamic configuration of the reference line data configuration. */ dynamicConfiguration?: pulumi.Input; /** * The series type of the reference line data configuration. Choose one of the following options: * * - `BAR` * - `LINE` */ seriesType?: pulumi.Input; /** * The static data configuration of the reference line data configuration. */ staticConfiguration?: pulumi.Input; } interface AnalysisReferenceLineDynamicDataConfigurationArgs { /** * The calculation that is used in the dynamic data. */ calculation: pulumi.Input; /** * The column that the dynamic data targets. */ column: pulumi.Input; /** * The aggregation function that is used in the dynamic data. */ measureAggregationFunction?: pulumi.Input; } interface AnalysisReferenceLineLabelConfigurationArgs { /** * The custom label configuration of the label in a reference line. */ customLabelConfiguration?: pulumi.Input; /** * The font color configuration of the label in a reference line. */ fontColor?: pulumi.Input; /** * The font configuration of the label in a reference line. */ fontConfiguration?: pulumi.Input; /** * The horizontal position configuration of the label in a reference line. Choose one of the following options: * * - `LEFT` * - `CENTER` * - `RIGHT` */ horizontalPosition?: pulumi.Input; /** * The value label configuration of the label in a reference line. */ valueLabelConfiguration?: pulumi.Input; /** * The vertical position configuration of the label in a reference line. Choose one of the following options: * * - `ABOVE` * - `BELOW` */ verticalPosition?: pulumi.Input; } interface AnalysisReferenceLineStaticDataConfigurationArgs { /** * The double input of the static data. */ value: pulumi.Input; } interface AnalysisReferenceLineStyleConfigurationArgs { /** * The hex color of the reference line. */ color?: pulumi.Input; /** * The pattern type of the line style. Choose one of the following options: * * - `SOLID` * - `DASHED` * - `DOTTED` */ pattern?: pulumi.Input; } interface AnalysisReferenceLineValueLabelConfigurationArgs { /** * The format configuration of the value label. */ formatConfiguration?: pulumi.Input; /** * The relative position of the value label. Choose one of the following options: * * - `BEFORE_CUSTOM_LABEL` * - `AFTER_CUSTOM_LABEL` */ relativePosition?: pulumi.Input; } interface AnalysisRelativeDateTimeControlDisplayOptionsArgs { /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisRelativeDatesFilterArgs { /** * The date configuration of the filter. */ anchorDateConfiguration: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The configuration for the exclude period of the filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The minimum granularity (period granularity) of the relative dates filter. */ minimumGranularity?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The range date type of the filter. Choose one of the options below: * * - `PREVIOUS` * - `THIS` * - `LAST` * - `NOW` * - `NEXT` */ relativeDateType: pulumi.Input; /** * The date value of the filter. */ relativeDateValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } /** *

Permission for the resource.

*/ interface AnalysisResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface AnalysisRollingDateConfigurationArgs { /** * The data set that is used in the rolling date configuration. */ dataSetIdentifier?: pulumi.Input; /** * The expression of the rolling date configuration. */ expression: pulumi.Input; } interface AnalysisRowAlternateColorOptionsArgs { /** * Determines the list of row alternate colors. */ rowAlternateColors?: pulumi.Input[]>; /** * Determines the widget status. */ status?: pulumi.Input; /** * The primary background color options for alternate rows. */ usePrimaryBackgroundColor?: pulumi.Input; } interface AnalysisSameSheetTargetVisualConfigurationArgs { /** * The options that choose the target visual in the same sheet. * * Valid values are defined as follows: * * - `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet. */ targetVisualOptions?: pulumi.Input; /** * A list of the target visual IDs that are located in the same sheet of the analysis. */ targetVisuals?: pulumi.Input[]>; } interface AnalysisSankeyDiagramAggregatedFieldWellsArgs { /** * The destination field wells of a sankey diagram. */ destination?: pulumi.Input[]>; /** * The source field wells of a sankey diagram. */ source?: pulumi.Input[]>; /** * The weight field wells of a sankey diagram. */ weight?: pulumi.Input[]>; } interface AnalysisSankeyDiagramChartConfigurationArgs { /** * The data label configuration of a sankey diagram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a sankey diagram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a sankey diagram. */ sortConfiguration?: pulumi.Input; } interface AnalysisSankeyDiagramFieldWellsArgs { /** * The field well configuration of a sankey diagram. */ sankeyDiagramAggregatedFieldWells?: pulumi.Input; } interface AnalysisSankeyDiagramSortConfigurationArgs { /** * The limit on the number of destination nodes that are displayed in a sankey diagram. */ destinationItemsLimit?: pulumi.Input; /** * The limit on the number of source nodes that are displayed in a sankey diagram. */ sourceItemsLimit?: pulumi.Input; /** * The sort configuration of the weight fields. */ weightSort?: pulumi.Input[]>; } interface AnalysisSankeyDiagramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a sankey diagram. */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisScatterPlotCategoricallyAggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is aggregated by category. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is aggregated by category. */ yAxis?: pulumi.Input[]>; } interface AnalysisScatterPlotConfigurationArgs { /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The sort configuration of a scatter plot. */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis. */ xAxisLabelOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis. */ yAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis. */ yAxisLabelOptions?: pulumi.Input; } interface AnalysisScatterPlotFieldWellsArgs { /** * The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both. */ scatterPlotCategoricallyAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated. */ scatterPlotUnaggregatedFieldWells?: pulumi.Input; } interface AnalysisScatterPlotSortConfigurationArgs { scatterPlotLimitConfiguration?: pulumi.Input; } interface AnalysisScatterPlotUnaggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is a dimension field and cannot be aggregated. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is a dimension field and cannot be aggregated. */ yAxis?: pulumi.Input[]>; } interface AnalysisScatterPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisScrollBarOptionsArgs { /** * The visibility of the data zoom scroll bar. */ visibility?: pulumi.Input; /** * The visibility range for the data zoom scroll bar. */ visibleRange?: pulumi.Input; } interface AnalysisSecondaryValueOptionsArgs { /** * Determines the visibility of the secondary value. */ visibility?: pulumi.Input; } interface AnalysisSectionAfterPageBreakArgs { /** * The option that enables or disables a page break at the end of a section. */ status?: pulumi.Input; } interface AnalysisSectionBasedLayoutCanvasSizeOptionsArgs { /** * The options for a paper canvas of a section-based layout. */ paperCanvasSizeOptions?: pulumi.Input; } interface AnalysisSectionBasedLayoutConfigurationArgs { /** * A list of body section configurations. */ bodySections: pulumi.Input[]>; /** * The options for the canvas of a section-based layout. */ canvasSizeOptions: pulumi.Input; /** * A list of footer section configurations. */ footerSections: pulumi.Input[]>; /** * A list of header section configurations. */ headerSections: pulumi.Input[]>; } interface AnalysisSectionBasedLayoutPaperCanvasSizeOptionsArgs { /** * Defines the spacing between the canvas content and the top, bottom, left, and right edges. */ paperMargin?: pulumi.Input; /** * The paper orientation that is used to define canvas dimensions. Choose one of the following options: * * - PORTRAIT * - LANDSCAPE */ paperOrientation?: pulumi.Input; /** * The paper size that is used to define canvas dimensions. */ paperSize?: pulumi.Input; } interface AnalysisSectionLayoutConfigurationArgs { /** * The free-form layout configuration of a section. */ freeFormLayout: pulumi.Input; } interface AnalysisSectionPageBreakConfigurationArgs { /** * The configuration of a page break after a section. */ after?: pulumi.Input; } interface AnalysisSectionStyleArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The spacing between section content and its top, bottom, left, and right edges. * * There is no padding by default. */ padding?: pulumi.Input; } interface AnalysisSelectedSheetsFilterScopeConfigurationArgs { /** * The sheet ID and visual IDs of the sheet and visuals that the filter is applied to. */ sheetVisualScopingConfigurations?: pulumi.Input[]>; } interface AnalysisSeriesItemArgs { /** * The data field series item configuration of a line chart. */ dataFieldSeriesItem?: pulumi.Input; /** * The field series item configuration of a line chart. */ fieldSeriesItem?: pulumi.Input; } interface AnalysisSetParameterValueConfigurationArgs { /** * The destination parameter name of the `SetParameterValueConfiguration` . */ destinationParameterName: pulumi.Input; value: pulumi.Input; } interface AnalysisShapeConditionalFormatArgs { /** * The conditional formatting for the shape background color of a filled map visual. */ backgroundColor: pulumi.Input; } /** *

A sheet, which is an object that contains a set of visuals that * are viewed together on one page in Amazon QuickSight. Every analysis and dashboard * contains at least one sheet. Each sheet contains at least one visualization widget, for * example a chart, pivot table, or narrative insight. Sheets can be associated with other * components, such as controls, filters, and so on.

*/ interface AnalysisSheetArgs { /** *

The name of a sheet. This name is displayed on the sheet's tab in the Amazon QuickSight * console.

*/ name?: pulumi.Input; /** *

The unique identifier associated with a sheet.

*/ sheetId?: pulumi.Input; } interface AnalysisSheetControlInfoIconLabelOptionsArgs { /** * The text content of info icon. */ infoIconText?: pulumi.Input; /** * The visibility configuration of info icon label options. */ visibility?: pulumi.Input; } interface AnalysisSheetControlLayoutArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ configuration: pulumi.Input; } interface AnalysisSheetControlLayoutConfigurationArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ gridLayout?: pulumi.Input; } interface AnalysisSheetDefinitionArgs { /** * The layout content type of the sheet. Choose one of the following options: * * - `PAGINATED` : Creates a sheet for a paginated report. * - `INTERACTIVE` : Creates a sheet for an interactive dashboard. */ contentType?: pulumi.Input; /** * A description of the sheet. */ description?: pulumi.Input; /** * The list of filter controls that are on a sheet. * * For more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon Quick Suite User Guide* . */ filterControls?: pulumi.Input[]>; /** * A list of images on a sheet. */ images?: pulumi.Input[]>; /** * Layouts define how the components of a sheet are arranged. * * For more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon Quick Suite User Guide* . */ layouts?: pulumi.Input[]>; /** * The name of the sheet. This name is displayed on the sheet's tab in the Quick Suite console. */ name?: pulumi.Input; /** * The list of parameter controls that are on a sheet. * * For more information, see [Using a Control with a Parameter in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon Quick Suite User Guide* . */ parameterControls?: pulumi.Input[]>; /** * The control layouts of the sheet. */ sheetControlLayouts?: pulumi.Input[]>; /** * The unique identifier of a sheet. */ sheetId: pulumi.Input; /** * The text boxes that are on a sheet. */ textBoxes?: pulumi.Input[]>; /** * The title of the sheet. */ title?: pulumi.Input; /** * A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet. */ visuals?: pulumi.Input[]>; } interface AnalysisSheetElementConfigurationOverridesArgs { /** * Determines whether or not the overrides are visible. Choose one of the following options: * * - `VISIBLE` * - `HIDDEN` */ visibility?: pulumi.Input; } interface AnalysisSheetElementRenderingRuleArgs { /** * The override configuration of the rendering rules of a sheet. */ configurationOverrides: pulumi.Input; /** * The expression of the rendering rules of a sheet. */ expression: pulumi.Input; } interface AnalysisSheetImageArgs { /** * A list of custom actions that are configured for an image. */ actions?: pulumi.Input[]>; /** * The alt text for the image. */ imageContentAltText?: pulumi.Input; /** * The general image interactions setup for an image. */ interactions?: pulumi.Input; /** * Determines how the image is scaled. */ scaling?: pulumi.Input; /** * The ID of the sheet image. */ sheetImageId: pulumi.Input; /** * The source of the image. */ source: pulumi.Input; /** * The tooltip to be shown when hovering over the image. */ tooltip?: pulumi.Input; } interface AnalysisSheetImageScalingConfigurationArgs { /** * The scaling option to use when fitting the image inside the container. * * Valid values are defined as follows: * * - `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved. * - `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved. * - `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved. * - `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container. */ scalingType?: pulumi.Input; } interface AnalysisSheetImageSourceArgs { /** * The source of the static file that contains the image. */ sheetImageStaticFileSource?: pulumi.Input; } interface AnalysisSheetImageStaticFileSourceArgs { /** * The ID of the static file that contains the image. */ staticFileId: pulumi.Input; } interface AnalysisSheetImageTooltipConfigurationArgs { /** * The text that appears in the tooltip. */ tooltipText?: pulumi.Input; /** * The visibility of the tooltip. */ visibility?: pulumi.Input; } interface AnalysisSheetImageTooltipTextArgs { /** * The plain text format. */ plainText?: pulumi.Input; } interface AnalysisSheetTextBoxArgs { /** * The content that is displayed in the text box. */ content?: pulumi.Input; /** * The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers. */ sheetTextBoxId: pulumi.Input; } interface AnalysisSheetVisualScopingConfigurationArgs { /** * The scope of the applied entities. Choose one of the following options: * * - `ALL_VISUALS` * - `SELECTED_VISUALS` */ scope: pulumi.Input; /** * The selected sheet that the filter is applied to. */ sheetId: pulumi.Input; /** * The selected visuals that the filter is applied to. */ visualIds?: pulumi.Input[]>; } interface AnalysisShortFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface AnalysisSimpleClusterMarkerArgs { /** * The color of the simple cluster marker. */ color?: pulumi.Input; } interface AnalysisSingleAxisOptionsArgs { /** * The Y axis options of a single axis configuration. */ yAxisOptions?: pulumi.Input; } interface AnalysisSliderControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisSmallMultiplesAxisPropertiesArgs { /** * Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels. */ placement?: pulumi.Input; /** * Determines whether scale of the axes are shared or independent. The default value is `SHARED` . */ scale?: pulumi.Input; } interface AnalysisSmallMultiplesOptionsArgs { /** * Sets the maximum number of visible columns to display in the grid of small multiples panels. * * The default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart. */ maxVisibleColumns?: pulumi.Input; /** * Sets the maximum number of visible rows to display in the grid of small multiples panels. * * The default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart. */ maxVisibleRows?: pulumi.Input; /** * Configures the display options for each small multiples panel. */ panelConfiguration?: pulumi.Input; /** * The properties of a small multiples X axis. */ xAxis?: pulumi.Input; /** * The properties of a small multiples Y axis. */ yAxis?: pulumi.Input; } /** *

The source entity of an analysis.

*/ interface AnalysisSourceEntityArgs { /** * The source template for the source entity of the analysis. */ sourceTemplate?: pulumi.Input; } /** *

The source template of an analysis.

*/ interface AnalysisSourceTemplateArgs { /** *

The Amazon Resource Name (ARN) of the source template of an analysis.

*/ arn: pulumi.Input; /** *

The dataset references of the source template of an analysis.

*/ dataSetReferences: pulumi.Input[]>; } interface AnalysisSpacingArgs { /** * String based length that is composed of value and unit */ bottom?: pulumi.Input; /** * String based length that is composed of value and unit */ left?: pulumi.Input; /** * String based length that is composed of value and unit */ right?: pulumi.Input; /** * String based length that is composed of value and unit */ top?: pulumi.Input; } interface AnalysisSpatialStaticFileArgs { /** * The source of the spatial static file. */ source?: pulumi.Input; /** * The ID of the spatial static file. */ staticFileId: pulumi.Input; } interface AnalysisStaticFileArgs { /** * The image static file. */ imageStaticFile?: pulumi.Input; /** * The spacial static file. */ spatialStaticFile?: pulumi.Input; } interface AnalysisStaticFileS3SourceOptionsArgs { /** * The name of the Amazon S3 bucket. */ bucketName: pulumi.Input; /** * The identifier of the static file in the Amazon S3 bucket. */ objectKey: pulumi.Input; /** * The Region of the Amazon S3 account that contains the bucket. */ region: pulumi.Input; } interface AnalysisStaticFileSourceArgs { /** * The structure that contains the Amazon S3 location to download the static file from. */ s3Options?: pulumi.Input; /** * The structure that contains the URL to download the static file from. */ urlOptions?: pulumi.Input; } interface AnalysisStaticFileUrlSourceOptionsArgs { /** * The URL to download the static file from. */ url: pulumi.Input; } interface AnalysisStringDefaultValuesArgs { /** * The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface AnalysisStringFormatConfigurationArgs { /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric strings. */ numericFormatConfiguration?: pulumi.Input; } /** *

A string parameter.

*/ interface AnalysisStringParameterArgs { /** *

A display name for a string parameter.

*/ name: pulumi.Input; /** *

The values of a string parameter.

*/ values: pulumi.Input[]>; } interface AnalysisStringParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `String` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface AnalysisStringValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface AnalysisSubtotalOptionsArgs { /** * The custom label string for the subtotal cells. */ customLabel?: pulumi.Input; /** * The field level (all, custom, last) for the subtotal cells. */ fieldLevel?: pulumi.Input; /** * The optional configuration of subtotal cells. */ fieldLevelOptions?: pulumi.Input[]>; /** * The cell styling options for the subtotals of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The style targets options for subtotals. */ styleTargets?: pulumi.Input[]>; /** * The cell styling options for the subtotal cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the subtotal cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the subtotals of value cells. */ valueCellStyle?: pulumi.Input; } interface AnalysisTableAggregatedFieldWellsArgs { /** * The group by field well for a pivot table. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface AnalysisTableBorderOptionsArgs { /** * The color of a table border. */ color?: pulumi.Input; /** * The style (none, solid) of a table border. */ style?: pulumi.Input; /** * The thickness of a table border. */ thickness?: pulumi.Input; } interface AnalysisTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface AnalysisTableCellImageSizingConfigurationArgs { /** * The cell scaling configuration of the sizing options for the table image configuration. */ tableCellImageScalingConfiguration?: pulumi.Input; } interface AnalysisTableCellStyleArgs { /** * The background color for the table cells. */ backgroundColor?: pulumi.Input; /** * The borders for the table cells. */ border?: pulumi.Input; /** * The font configuration of the table cells. */ fontConfiguration?: pulumi.Input; /** * The height color for the table cells. */ height?: pulumi.Input; /** * The horizontal text alignment (left, center, right, auto) for the table cells. */ horizontalTextAlignment?: pulumi.Input; /** * The text wrap (none, wrap) for the table cells. */ textWrap?: pulumi.Input; /** * The vertical text alignment (top, middle, bottom) for the table cells. */ verticalTextAlignment?: pulumi.Input; /** * The visibility of the table cells. */ visibility?: pulumi.Input; } interface AnalysisTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface AnalysisTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a table. */ cell?: pulumi.Input; /** * The row conditional formatting option for a table. */ row?: pulumi.Input; } interface AnalysisTableConfigurationArgs { /** * The field options for a table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `TableVisual` . */ sortConfiguration?: pulumi.Input; /** * A collection of inline visualizations to display within a chart. */ tableInlineVisualizations?: pulumi.Input[]>; /** * The table options for a table visual. */ tableOptions?: pulumi.Input; /** * The total options for a table visual. */ totalOptions?: pulumi.Input; } interface AnalysisTableFieldCustomIconContentArgs { /** * The icon set type (link) of the custom icon content for table URL link content. */ icon?: pulumi.Input; } interface AnalysisTableFieldCustomTextContentArgs { /** * The font configuration of the custom text content for the table URL link content. */ fontConfiguration: pulumi.Input; /** * The string value of the custom text content for the table URL link content. */ value?: pulumi.Input; } interface AnalysisTableFieldImageConfigurationArgs { /** * The sizing options for the table image configuration. */ sizingOptions?: pulumi.Input; } interface AnalysisTableFieldLinkConfigurationArgs { /** * The URL content (text, icon) for the table link configuration. */ content: pulumi.Input; /** * The URL target (new tab, new window, same tab) for the table link configuration. */ target: pulumi.Input; } interface AnalysisTableFieldLinkContentConfigurationArgs { /** * The custom icon content for the table link content configuration. */ customIconContent?: pulumi.Input; /** * The custom text content (value, font configuration) for the table link content configuration. */ customTextContent?: pulumi.Input; } interface AnalysisTableFieldOptionArgs { /** * The custom label for a table field. */ customLabel?: pulumi.Input; /** * The field ID for a table field. */ fieldId: pulumi.Input; /** * The URL configuration for a table field. */ urlStyling?: pulumi.Input; /** * The visibility of a table field. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface AnalysisTableFieldOptionsArgs { /** * The order of the field IDs that are configured as field options for a table visual. */ order?: pulumi.Input[]>; /** * The settings for the pinned columns of a table visual. */ pinnedFieldOptions?: pulumi.Input; /** * The field options to be configured to a table. */ selectedFieldOptions?: pulumi.Input[]>; /** * The `TableOptions` of a transposed table. */ transposedTableOptions?: pulumi.Input[]>; } interface AnalysisTableFieldUrlConfigurationArgs { /** * The image configuration of a table field URL. */ imageConfiguration?: pulumi.Input; /** * The link configuration of a table field URL. */ linkConfiguration?: pulumi.Input; } interface AnalysisTableFieldWellsArgs { /** * The aggregated field well for the table. */ tableAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field well for the table. */ tableUnaggregatedFieldWells?: pulumi.Input; } interface AnalysisTableInlineVisualizationArgs { /** * The configuration of the inline visualization of the data bars within a chart. */ dataBars?: pulumi.Input; } interface AnalysisTableOptionsArgs { /** * The table cell style of table cells. */ cellStyle?: pulumi.Input; /** * The table cell style of a table header. */ headerStyle?: pulumi.Input; /** * The orientation (vertical, horizontal) for a table. */ orientation?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors) for a table. */ rowAlternateColorOptions?: pulumi.Input; } interface AnalysisTablePaginatedReportOptionsArgs { /** * The visibility of repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface AnalysisTablePinnedFieldOptionsArgs { /** * A list of columns to be pinned to the left of a table visual. */ pinnedLeftFields?: pulumi.Input[]>; } interface AnalysisTableRowConditionalFormattingArgs { /** * The conditional formatting color (solid, gradient) of the background for a table row. */ backgroundColor?: pulumi.Input; /** * The conditional formatting color (solid, gradient) of the text for a table row. */ textColor?: pulumi.Input; } interface AnalysisTableSideBorderOptionsArgs { /** * The table border options of the bottom border. */ bottom?: pulumi.Input; /** * The table border options of the inner horizontal border. */ innerHorizontal?: pulumi.Input; /** * The table border options of the inner vertical border. */ innerVertical?: pulumi.Input; /** * The table border options of the left border. */ left?: pulumi.Input; /** * The table border options of the right border. */ right?: pulumi.Input; /** * The table border options of the top border. */ top?: pulumi.Input; } interface AnalysisTableSortConfigurationArgs { /** * The pagination configuration (page size, page number) for the table. */ paginationConfiguration?: pulumi.Input; /** * The field sort options for rows in the table. */ rowSort?: pulumi.Input[]>; } interface AnalysisTableStyleTargetArgs { /** * The cell type of the table style target. */ cellType: pulumi.Input; } interface AnalysisTableUnaggregatedFieldWellsArgs { /** * The values field well for a pivot table. Values are unaggregated for an unaggregated table. */ values?: pulumi.Input[]>; } interface AnalysisTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisTextAreaControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text area control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisTextConditionalFormatArgs { /** * The conditional formatting for the text background color. */ backgroundColor?: pulumi.Input; /** * The conditional formatting for the icon. */ icon?: pulumi.Input; /** * The conditional formatting for the text color. */ textColor?: pulumi.Input; } interface AnalysisTextControlPlaceholderOptionsArgs { /** * The visibility configuration of the placeholder options in a text control. */ visibility?: pulumi.Input; } interface AnalysisTextFieldControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text field control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface AnalysisThousandSeparatorOptionsArgs { /** * Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores. */ groupingStyle?: pulumi.Input; /** * Determines the thousands separator symbol. */ symbol?: pulumi.Input; /** * Determines the visibility of the thousands separator. */ visibility?: pulumi.Input; } interface AnalysisTimeBasedForecastPropertiesArgs { /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `NULL` : The input is set to `NULL` . * - `NON_NULL` : The input is set to a custom value. */ seasonality?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; } interface AnalysisTimeEqualityFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `Value` and `RollingDate` . */ parameterName?: pulumi.Input; /** * The rolling date input for the `TimeEquality` filter. * * This field is mutually exclusive to `Value` and `ParameterName` . */ rollingDate?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The value of a `TimeEquality` filter. * * This field is mutually exclusive to `RollingDate` and `ParameterName` . */ value?: pulumi.Input; } interface AnalysisTimeRangeDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } interface AnalysisTimeRangeFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The exclude period of the time range filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximumValue?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimumValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface AnalysisTimeRangeFilterValueArgs { /** * The parameter type input value. */ parameter?: pulumi.Input; /** * The rolling date input value. */ rollingDate?: pulumi.Input; /** * The static input value. */ staticValue?: pulumi.Input; } interface AnalysisTooltipItemArgs { /** * The tooltip item for the columns that are not part of a field well. */ columnTooltipItem?: pulumi.Input; /** * The tooltip item for the fields. */ fieldTooltipItem?: pulumi.Input; } interface AnalysisTooltipOptionsArgs { /** * The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type. */ fieldBasedTooltip?: pulumi.Input; /** * The selected type for the tooltip. Choose one of the following options: * * - `BASIC` : A basic tooltip. * - `DETAILED` : A detailed tooltip. */ selectedTooltipType?: pulumi.Input; /** * Determines whether or not the tooltip is visible. */ tooltipVisibility?: pulumi.Input; } interface AnalysisTopBottomFilterArgs { /** * The aggregation and sort configuration of the top bottom filter. */ aggregationSortConfigurations: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The number of items to include in the top bottom filter results. */ limit?: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface AnalysisTopBottomMoversComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The mover size setup of the top and bottom movers computation. */ moverSize?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The sort order setup of the top and bottom movers computation. */ sortOrder?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The computation type. Choose from the following options: * * - TOP: Top movers computation. * - BOTTOM: Bottom movers computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisTopBottomRankedComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The result size of a top and bottom ranked computation. */ resultSize?: pulumi.Input; /** * The computation type. Choose one of the following options: * * - TOP: A top ranked computation. * - BOTTOM: A bottom ranked computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisTotalAggregationComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface AnalysisTotalAggregationFunctionArgs { /** * A built in aggregation function for total values. */ simpleTotalAggregationFunction?: pulumi.Input; } interface AnalysisTotalAggregationOptionArgs { /** * The field id that's associated with the total aggregation option. */ fieldId: pulumi.Input; /** * The total aggregation function that you want to set for a specified field id. */ totalAggregationFunction: pulumi.Input; } interface AnalysisTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation settings for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * Cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; } interface AnalysisTransposedTableOptionArgs { /** * The index of a columns in a transposed table. The index range is 0-9999. */ columnIndex?: pulumi.Input; /** * The column type of the column in a transposed table. Choose one of the following options: * * - `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table. * - `VALUE_COLUMN` : Refers to all value columns in the transposed table. */ columnType: pulumi.Input; /** * String based length that is composed of value and unit in px */ columnWidth?: pulumi.Input; } interface AnalysisTreeMapAggregatedFieldWellsArgs { /** * The color field well of a tree map. Values are grouped by aggregations based on group by fields. */ colors?: pulumi.Input[]>; /** * The group by field well of a tree map. Values are grouped based on group by fields. */ groups?: pulumi.Input[]>; /** * The size field well of a tree map. Values are aggregated based on group by fields. */ sizes?: pulumi.Input[]>; } interface AnalysisTreeMapConfigurationArgs { /** * The label options (label text, label visibility) for the colors displayed in a tree map. */ colorLabelOptions?: pulumi.Input; /** * The color options (gradient color, point of divergence) of a tree map. */ colorScale?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The label options (label text, label visibility) of the groups that are displayed in a tree map. */ groupLabelOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options (label text, label visibility) of the sizes that are displayed in a tree map. */ sizeLabelOptions?: pulumi.Input; /** * The sort configuration of a tree map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface AnalysisTreeMapFieldWellsArgs { /** * The aggregated field wells of a tree map. */ treeMapAggregatedFieldWells?: pulumi.Input; } interface AnalysisTreeMapSortConfigurationArgs { /** * The limit on the number of groups that are displayed. */ treeMapGroupItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of group by fields. */ treeMapSort?: pulumi.Input[]>; } interface AnalysisTreeMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisTrendArrowOptionsArgs { /** * The visibility of the trend arrows. */ visibility?: pulumi.Input; } interface AnalysisUnaggregatedFieldArgs { /** * The column that is used in the `UnaggregatedField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface AnalysisUniqueValuesComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; } /** *

The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to LENIENT, validation is skipped for specific errors.

*/ interface AnalysisValidationStrategyArgs { /** * The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors. */ mode: pulumi.Input; } interface AnalysisVisibleRangeOptionsArgs { /** * The percent range in the visible range. */ percentRange?: pulumi.Input; } interface AnalysisVisualArgs { /** * A bar chart. * * For more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon Quick Suite User Guide* . */ barChartVisual?: pulumi.Input; /** * A box plot. * * For more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon Quick Suite User Guide* . */ boxPlotVisual?: pulumi.Input; /** * A combo chart. * * For more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon Quick Suite User Guide* . */ comboChartVisual?: pulumi.Input; /** * A visual that contains custom content. * * For more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon Quick Suite User Guide* . */ customContentVisual?: pulumi.Input; /** * An empty visual. */ emptyVisual?: pulumi.Input; /** * A filled map. * * For more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon Quick Suite User Guide* . */ filledMapVisual?: pulumi.Input; /** * A funnel chart. * * For more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon Quick Suite User Guide* . */ funnelChartVisual?: pulumi.Input; /** * A gauge chart. * * For more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon Quick Suite User Guide* . */ gaugeChartVisual?: pulumi.Input; /** * A geospatial map or a points on map visual. * * For more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon Quick Suite User Guide* . */ geospatialMapVisual?: pulumi.Input; /** * A heat map. * * For more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon Quick Suite User Guide* . */ heatMapVisual?: pulumi.Input; /** * A histogram. * * For more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon Quick Suite User Guide* . */ histogramVisual?: pulumi.Input; /** * An insight visual. * * For more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon Quick Suite User Guide* . */ insightVisual?: pulumi.Input; /** * A key performance indicator (KPI). * * For more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon Quick Suite User Guide* . */ kpiVisual?: pulumi.Input; /** * The properties for a layer map visual */ layerMapVisual?: pulumi.Input; /** * A line chart. * * For more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon Quick Suite User Guide* . */ lineChartVisual?: pulumi.Input; /** * A pie or donut chart. * * For more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon Quick Suite User Guide* . */ pieChartVisual?: pulumi.Input; /** * A pivot table. * * For more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon Quick Suite User Guide* . */ pivotTableVisual?: pulumi.Input; /** * The custom plugin visual type. */ pluginVisual?: pulumi.Input; /** * A radar chart visual. * * For more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon Quick Suite User Guide* . */ radarChartVisual?: pulumi.Input; /** * A sankey diagram. * * For more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon Quick Suite User Guide* . */ sankeyDiagramVisual?: pulumi.Input; /** * A scatter plot. * * For more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon Quick Suite User Guide* . */ scatterPlotVisual?: pulumi.Input; /** * A table visual. * * For more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon Quick Suite User Guide* . */ tableVisual?: pulumi.Input; /** * A tree map. * * For more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon Quick Suite User Guide* . */ treeMapVisual?: pulumi.Input; /** * A waterfall chart. * * For more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon Quick Suite User Guide* . */ waterfallVisual?: pulumi.Input; /** * A word cloud. * * For more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon Quick Suite User Guide* . */ wordCloudVisual?: pulumi.Input; } interface AnalysisVisualCustomActionArgs { /** * A list of `VisualCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the `VisualCustomAction` . */ customActionId: pulumi.Input; /** * The name of the `VisualCustomAction` . */ name: pulumi.Input; /** * The status of the `VisualCustomAction` . */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point. * - `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface AnalysisVisualCustomActionOperationArgs { /** * The filter operation that filters data included in a visual or in an entire sheet. */ filterOperation?: pulumi.Input; /** * The navigation operation that navigates between different sheets in the same analysis. */ navigationOperation?: pulumi.Input; /** * The set parameter operation that sets parameters in custom action. */ setParametersOperation?: pulumi.Input; /** * The URL operation that opens a link to another webpage. */ urlOperation?: pulumi.Input; } interface AnalysisVisualInteractionOptionsArgs { /** * The context menu options for a visual. */ contextMenuOption?: pulumi.Input; /** * The on-visual menu options for a visual. */ visualMenuOption?: pulumi.Input; } interface AnalysisVisualMenuOptionArgs { /** * The availaiblity status of a visual's menu options. */ availabilityStatus?: pulumi.Input; } interface AnalysisVisualPaletteArgs { /** * The chart color options for the visual palette. */ chartColor?: pulumi.Input; /** * The color map options for the visual palette. */ colorMap?: pulumi.Input[]>; } interface AnalysisVisualSubtitleLabelOptionsArgs { /** * The long text format of the subtitle label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the subtitle label. */ visibility?: pulumi.Input; } interface AnalysisVisualTitleLabelOptionsArgs { /** * The short text format of the title label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the title label. */ visibility?: pulumi.Input; } interface AnalysisWaterfallChartAggregatedFieldWellsArgs { /** * The breakdown field wells of a waterfall visual. */ breakdowns?: pulumi.Input[]>; /** * The category field wells of a waterfall visual. */ categories?: pulumi.Input[]>; /** * The value field wells of a waterfall visual. */ values?: pulumi.Input[]>; } interface AnalysisWaterfallChartColorConfigurationArgs { /** * The color configuration for individual groups within a waterfall visual. */ groupColorConfiguration?: pulumi.Input; } interface AnalysisWaterfallChartConfigurationArgs { /** * The options that determine the presentation of the category axis. */ categoryAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the category axis label. */ categoryAxisLabelOptions?: pulumi.Input; /** * The color configuration of a waterfall visual. */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a waterfall visual. */ dataLabels?: pulumi.Input; /** * The field well configuration of a waterfall visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a waterfall visual. */ legend?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The sort configuration of a waterfall visual. */ sortConfiguration?: pulumi.Input; /** * The visual palette configuration of a waterfall visual. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of a waterfall visual. */ waterfallChartOptions?: pulumi.Input; } interface AnalysisWaterfallChartFieldWellsArgs { /** * The field well configuration of a waterfall visual. */ waterfallChartAggregatedFieldWells?: pulumi.Input; } interface AnalysisWaterfallChartGroupColorConfigurationArgs { /** * Defines the color for the negative bars of a waterfall chart. */ negativeBarColor?: pulumi.Input; /** * Defines the color for the positive bars of a waterfall chart. */ positiveBarColor?: pulumi.Input; /** * Defines the color for the total bars of a waterfall chart. */ totalBarColor?: pulumi.Input; } interface AnalysisWaterfallChartOptionsArgs { /** * This option determines the total bar label of a waterfall visual. */ totalBarLabel?: pulumi.Input; } interface AnalysisWaterfallChartSortConfigurationArgs { /** * The limit on the number of bar groups that are displayed. */ breakdownItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface AnalysisWaterfallVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a waterfall visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface AnalysisWhatIfPointScenarioArgs { /** * The date that you need the forecast results for. */ date: pulumi.Input; /** * The target value that you want to meet for the provided date. */ value: pulumi.Input; } interface AnalysisWhatIfRangeScenarioArgs { /** * The end date in the date range that you need the forecast results for. */ endDate: pulumi.Input; /** * The start date in the date range that you need the forecast results for. */ startDate: pulumi.Input; /** * The target value that you want to meet for the provided date range. */ value: pulumi.Input; } interface AnalysisWordCloudAggregatedFieldWellsArgs { /** * The group by field well of a word cloud. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The size field well of a word cloud. Values are aggregated based on group by fields. */ size?: pulumi.Input[]>; } interface AnalysisWordCloudChartConfigurationArgs { /** * The label options (label text, label visibility, and sort icon visibility) for the word cloud category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a word cloud visual. */ sortConfiguration?: pulumi.Input; /** * The options for a word cloud visual. */ wordCloudOptions?: pulumi.Input; } interface AnalysisWordCloudFieldWellsArgs { /** * The aggregated field wells of a word cloud. */ wordCloudAggregatedFieldWells?: pulumi.Input; } interface AnalysisWordCloudOptionsArgs { /** * The cloud layout options (fluid, normal) of a word cloud. */ cloudLayout?: pulumi.Input; /** * The length limit of each word from 1-100. */ maximumStringLength?: pulumi.Input; /** * The word casing options (lower_case, existing_case) for the words in a word cloud. */ wordCasing?: pulumi.Input; /** * The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud. */ wordOrientation?: pulumi.Input; /** * The word padding options (none, small, medium, large) for the words in a word cloud. */ wordPadding?: pulumi.Input; /** * The word scaling options (emphasize, normal) for the words in a word cloud. */ wordScaling?: pulumi.Input; } interface AnalysisWordCloudSortConfigurationArgs { /** * The limit on the number of groups that are displayed in a word cloud. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of group by fields. */ categorySort?: pulumi.Input[]>; } interface AnalysisWordCloudVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface AnalysisYAxisOptionsArgs { /** * The Y axis type to be used in the chart. * * If you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart. */ yAxis: pulumi.Input; } interface CustomPermissionsCapabilitiesArgs { action?: pulumi.Input; /** * The ability to add or run anomaly detection. */ addOrRunAnomalyDetectionForAnalyses?: pulumi.Input; amazonBedrockArsAction?: pulumi.Input; amazonBedrockFsAction?: pulumi.Input; amazonBedrockKrsAction?: pulumi.Input; amazonSThreeAction?: pulumi.Input; /** * The ability to perform analysis-related actions. */ analysis?: pulumi.Input; approveFlowShareRequests?: pulumi.Input; asanaAction?: pulumi.Input; automate?: pulumi.Input; bambooHrAction?: pulumi.Input; boxAgentAction?: pulumi.Input; buildCalculatedFieldWithQ?: pulumi.Input; canvaAgentAction?: pulumi.Input; chatAgent?: pulumi.Input; comprehendAction?: pulumi.Input; comprehendMedicalAction?: pulumi.Input; confluenceAction?: pulumi.Input; createAndUpdateAmazonBedrockArsAction?: pulumi.Input; createAndUpdateAmazonBedrockFsAction?: pulumi.Input; createAndUpdateAmazonBedrockKrsAction?: pulumi.Input; createAndUpdateAmazonSThreeAction?: pulumi.Input; createAndUpdateAsanaAction?: pulumi.Input; createAndUpdateBambooHrAction?: pulumi.Input; createAndUpdateBoxAgentAction?: pulumi.Input; createAndUpdateCanvaAgentAction?: pulumi.Input; createAndUpdateComprehendAction?: pulumi.Input; createAndUpdateComprehendMedicalAction?: pulumi.Input; createAndUpdateConfluenceAction?: pulumi.Input; /** * The ability to create and update email reports. */ createAndUpdateDashboardEmailReports?: pulumi.Input; /** * The ability to create and update data sources. */ createAndUpdateDataSources?: pulumi.Input; /** * The ability to create and update datasets. */ createAndUpdateDatasets?: pulumi.Input; createAndUpdateFactSetAction?: pulumi.Input; createAndUpdateGenericHttpAction?: pulumi.Input; createAndUpdateGithubAction?: pulumi.Input; createAndUpdateGoogleCalendarAction?: pulumi.Input; createAndUpdateHubspotAction?: pulumi.Input; createAndUpdateHuggingFaceAction?: pulumi.Input; createAndUpdateIntercomAction?: pulumi.Input; createAndUpdateJiraAction?: pulumi.Input; createAndUpdateKnowledgeBases?: pulumi.Input; createAndUpdateLinearAction?: pulumi.Input; createAndUpdateMcpAction?: pulumi.Input; createAndUpdateMondayAction?: pulumi.Input; createAndUpdateMsExchangeAction?: pulumi.Input; createAndUpdateMsTeamsAction?: pulumi.Input; createAndUpdateNewRelicAction?: pulumi.Input; createAndUpdateNotionAction?: pulumi.Input; createAndUpdateOneDriveAction?: pulumi.Input; createAndUpdateOpenApiAction?: pulumi.Input; createAndUpdatePagerDutyAction?: pulumi.Input; createAndUpdateSalesforceAction?: pulumi.Input; createAndUpdateSandPGlobalEnergyAction?: pulumi.Input; createAndUpdateSandPgmiAction?: pulumi.Input; createAndUpdateSapBillOfMaterialAction?: pulumi.Input; createAndUpdateSapBusinessPartnerAction?: pulumi.Input; createAndUpdateSapMaterialStockAction?: pulumi.Input; createAndUpdateSapPhysicalInventoryAction?: pulumi.Input; createAndUpdateSapProductMasterDataAction?: pulumi.Input; createAndUpdateServiceNowAction?: pulumi.Input; createAndUpdateSharePointAction?: pulumi.Input; createAndUpdateSlackAction?: pulumi.Input; createAndUpdateSmartsheetAction?: pulumi.Input; createAndUpdateTextractAction?: pulumi.Input; /** * The ability to export to Create and Update themes. */ createAndUpdateThemes?: pulumi.Input; /** * The ability to create and update threshold alerts. */ createAndUpdateThresholdAlerts?: pulumi.Input; createAndUpdateZendeskAction?: pulumi.Input; createChatAgents?: pulumi.Input; createDashboardExecutiveSummaryWithQ?: pulumi.Input; /** * The ability to create shared folders. */ createSharedFolders?: pulumi.Input; /** * The ability to create a SPICE dataset. */ createSpiceDataset?: pulumi.Input; /** * The ability to perform dashboard-related actions. */ dashboard?: pulumi.Input; editVisualWithQ?: pulumi.Input; /** * The ability to export to CSV files from the UI. */ exportToCsv?: pulumi.Input; /** * The ability to export to CSV files in scheduled email reports. */ exportToCsvInScheduledReports?: pulumi.Input; /** * The ability to export to Excel files from the UI. */ exportToExcel?: pulumi.Input; /** * The ability to export to Excel files in scheduled email reports. */ exportToExcelInScheduledReports?: pulumi.Input; /** * The ability to export to PDF files from the UI. */ exportToPdf?: pulumi.Input; /** * The ability to export to PDF files in scheduled email reports. */ exportToPdfInScheduledReports?: pulumi.Input; extension?: pulumi.Input; factSetAction?: pulumi.Input; flow?: pulumi.Input; genericHttpAction?: pulumi.Input; githubAction?: pulumi.Input; googleCalendarAction?: pulumi.Input; hubspotAction?: pulumi.Input; huggingFaceAction?: pulumi.Input; /** * The ability to include content in scheduled email reports. */ includeContentInScheduledReportsEmail?: pulumi.Input; intercomAction?: pulumi.Input; jiraAction?: pulumi.Input; knowledgeBase?: pulumi.Input; linearAction?: pulumi.Input; manageSharedFolders?: pulumi.Input; mcpAction?: pulumi.Input; mondayAction?: pulumi.Input; msExchangeAction?: pulumi.Input; msTeamsAction?: pulumi.Input; newRelicAction?: pulumi.Input; notionAction?: pulumi.Input; oneDriveAction?: pulumi.Input; openApiAction?: pulumi.Input; pagerDutyAction?: pulumi.Input; performFlowUiTask?: pulumi.Input; /** * The ability to print reports. */ printReports?: pulumi.Input; publishWithoutApproval?: pulumi.Input; /** * The ability to rename shared folders. */ renameSharedFolders?: pulumi.Input; research?: pulumi.Input; salesforceAction?: pulumi.Input; sandPGlobalEnergyAction?: pulumi.Input; sandPgmiAction?: pulumi.Input; sapBillOfMaterialAction?: pulumi.Input; sapBusinessPartnerAction?: pulumi.Input; sapMaterialStockAction?: pulumi.Input; sapPhysicalInventoryAction?: pulumi.Input; sapProductMasterDataAction?: pulumi.Input; serviceNowAction?: pulumi.Input; shareAmazonBedrockArsAction?: pulumi.Input; shareAmazonBedrockFsAction?: pulumi.Input; shareAmazonBedrockKrsAction?: pulumi.Input; shareAmazonSThreeAction?: pulumi.Input; /** * The ability to share analyses. */ shareAnalyses?: pulumi.Input; shareAsanaAction?: pulumi.Input; shareBambooHrAction?: pulumi.Input; shareBoxAgentAction?: pulumi.Input; shareCanvaAgentAction?: pulumi.Input; shareComprehendAction?: pulumi.Input; shareComprehendMedicalAction?: pulumi.Input; shareConfluenceAction?: pulumi.Input; /** * The ability to share dashboards. */ shareDashboards?: pulumi.Input; /** * The ability to share data sources. */ shareDataSources?: pulumi.Input; /** * The ability to share datasets. */ shareDatasets?: pulumi.Input; shareFactSetAction?: pulumi.Input; shareGenericHttpAction?: pulumi.Input; shareGithubAction?: pulumi.Input; shareGoogleCalendarAction?: pulumi.Input; shareHubspotAction?: pulumi.Input; shareHuggingFaceAction?: pulumi.Input; shareIntercomAction?: pulumi.Input; shareJiraAction?: pulumi.Input; shareKnowledgeBases?: pulumi.Input; shareLinearAction?: pulumi.Input; shareMcpAction?: pulumi.Input; shareMondayAction?: pulumi.Input; shareMsExchangeAction?: pulumi.Input; shareMsTeamsAction?: pulumi.Input; shareNewRelicAction?: pulumi.Input; shareNotionAction?: pulumi.Input; shareOneDriveAction?: pulumi.Input; shareOpenApiAction?: pulumi.Input; sharePagerDutyAction?: pulumi.Input; sharePointAction?: pulumi.Input; shareSalesforceAction?: pulumi.Input; shareSandPGlobalEnergyAction?: pulumi.Input; shareSandPgmiAction?: pulumi.Input; shareSapBillOfMaterialAction?: pulumi.Input; shareSapBusinessPartnerAction?: pulumi.Input; shareSapMaterialStockAction?: pulumi.Input; shareSapPhysicalInventoryAction?: pulumi.Input; shareSapProductMasterDataAction?: pulumi.Input; shareServiceNowAction?: pulumi.Input; shareSharePointAction?: pulumi.Input; shareSlackAction?: pulumi.Input; shareSmartsheetAction?: pulumi.Input; shareTextractAction?: pulumi.Input; shareZendeskAction?: pulumi.Input; slackAction?: pulumi.Input; smartsheetAction?: pulumi.Input; space?: pulumi.Input; /** * The ability to subscribe to email reports. */ subscribeDashboardEmailReports?: pulumi.Input; textractAction?: pulumi.Input; topic?: pulumi.Input; useAgentWebSearch?: pulumi.Input; useAmazonBedrockArsAction?: pulumi.Input; useAmazonBedrockFsAction?: pulumi.Input; useAmazonBedrockKrsAction?: pulumi.Input; useAmazonSThreeAction?: pulumi.Input; useAsanaAction?: pulumi.Input; useBambooHrAction?: pulumi.Input; useBedrockModels?: pulumi.Input; useBoxAgentAction?: pulumi.Input; useCanvaAgentAction?: pulumi.Input; useComprehendAction?: pulumi.Input; useComprehendMedicalAction?: pulumi.Input; useConfluenceAction?: pulumi.Input; useFactSetAction?: pulumi.Input; useGenericHttpAction?: pulumi.Input; useGithubAction?: pulumi.Input; useGoogleCalendarAction?: pulumi.Input; useHubspotAction?: pulumi.Input; useHuggingFaceAction?: pulumi.Input; useIntercomAction?: pulumi.Input; useJiraAction?: pulumi.Input; useLinearAction?: pulumi.Input; useMcpAction?: pulumi.Input; useMondayAction?: pulumi.Input; useMsExchangeAction?: pulumi.Input; useMsTeamsAction?: pulumi.Input; useNewRelicAction?: pulumi.Input; useNotionAction?: pulumi.Input; useOneDriveAction?: pulumi.Input; useOpenApiAction?: pulumi.Input; usePagerDutyAction?: pulumi.Input; useSalesforceAction?: pulumi.Input; useSandPGlobalEnergyAction?: pulumi.Input; useSandPgmiAction?: pulumi.Input; useSapBillOfMaterialAction?: pulumi.Input; useSapBusinessPartnerAction?: pulumi.Input; useSapMaterialStockAction?: pulumi.Input; useSapPhysicalInventoryAction?: pulumi.Input; useSapProductMasterDataAction?: pulumi.Input; useServiceNowAction?: pulumi.Input; useSharePointAction?: pulumi.Input; useSlackAction?: pulumi.Input; useSmartsheetAction?: pulumi.Input; useTextractAction?: pulumi.Input; useZendeskAction?: pulumi.Input; /** * The ability to view account SPICE capacity. */ viewAccountSpiceCapacity?: pulumi.Input; zendeskAction?: pulumi.Input; } /** *

An ad hoc (one-time) filtering option.

*/ interface DashboardAdHocFilteringOptionArgs { /** * Availability status. */ availabilityStatus?: pulumi.Input; } interface DashboardAggregationFunctionArgs { /** * Aggregation for attributes. */ attributeAggregationFunction?: pulumi.Input; /** * Aggregation for categorical values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. */ categoricalAggregationFunction?: pulumi.Input; /** * Aggregation for date values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. * - `MIN` : Select the smallest date value. * - `MAX` : Select the largest date value. */ dateAggregationFunction?: pulumi.Input; /** * Aggregation for numerical values. */ numericalAggregationFunction?: pulumi.Input; } interface DashboardAggregationSortConfigurationArgs { /** * The function that aggregates the values in `Column` . */ aggregationFunction?: pulumi.Input; /** * The column that determines the sort order of aggregated values. */ column: pulumi.Input; /** * The sort direction of values. * * - `ASC` : Sort in ascending order. * - `DESC` : Sort in descending order. */ sortDirection: pulumi.Input; } interface DashboardAllSheetsFilterScopeConfigurationArgs { } interface DashboardAnalysisDefaultsArgs { /** * The configuration for default new sheet settings. */ defaultNewSheetConfiguration: pulumi.Input; } interface DashboardAnchorDateConfigurationArgs { /** * The options for the date configuration. Choose one of the options below: * * - `NOW` */ anchorOption?: pulumi.Input; /** * The name of the parameter that is used for the anchor date configuration. */ parameterName?: pulumi.Input; } interface DashboardArcAxisConfigurationArgs { /** * The arc axis range of a `GaugeChartVisual` . */ range?: pulumi.Input; /** * The reserved range of the arc axis. */ reserveRange?: pulumi.Input; } interface DashboardArcAxisDisplayRangeArgs { /** * The maximum value of the arc axis range. */ max?: pulumi.Input; /** * The minimum value of the arc axis range. */ min?: pulumi.Input; } interface DashboardArcConfigurationArgs { /** * The option that determines the arc angle of a `GaugeChartVisual` . */ arcAngle?: pulumi.Input; /** * The options that determine the arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface DashboardArcOptionsArgs { /** * The arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface DashboardAssetOptionsArgs { /** * A list of dataset ARNS to exclude from Dashboard Q&A. */ excludedDataSetArns?: pulumi.Input[]>; /** * Determines whether insight summaries from Amazon Q Business are allowed in Dashboard Q&A. */ qBusinessInsightsStatus?: pulumi.Input; /** * Determines the timezone for the analysis. */ timezone?: pulumi.Input; /** * Determines the week start day for an analysis. */ weekStart?: pulumi.Input; } interface DashboardAttributeAggregationFunctionArgs { /** * The built-in aggregation functions for attributes. * * - `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields. */ simpleAttributeAggregation?: pulumi.Input; /** * Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'. */ valueForMultipleValues?: pulumi.Input; } interface DashboardAxisDataOptionsArgs { /** * The options for an axis with a date field. */ dateAxisOptions?: pulumi.Input; /** * The options for an axis with a numeric field. */ numericAxisOptions?: pulumi.Input; } interface DashboardAxisDisplayDataDrivenRangeArgs { } interface DashboardAxisDisplayMinMaxRangeArgs { /** * The maximum setup for an axis display range. */ maximum?: pulumi.Input; /** * The minimum setup for an axis display range. */ minimum?: pulumi.Input; } interface DashboardAxisDisplayOptionsArgs { /** * Determines whether or not the axis line is visible. */ axisLineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ axisOffset?: pulumi.Input; /** * The data options for an axis. */ dataOptions?: pulumi.Input; /** * Determines whether or not the grid line is visible. */ gridLineVisibility?: pulumi.Input; /** * The scroll bar options for an axis. */ scrollbarOptions?: pulumi.Input; /** * The tick label options of an axis. */ tickLabelOptions?: pulumi.Input; } interface DashboardAxisDisplayRangeArgs { /** * The data-driven setup of an axis display range. */ dataDriven?: pulumi.Input; /** * The minimum and maximum setup of an axis display range. */ minMax?: pulumi.Input; } interface DashboardAxisLabelOptionsArgs { /** * The options that indicate which field the label belongs to. */ applyTo?: pulumi.Input; /** * The text for the axis label. */ customLabel?: pulumi.Input; /** * The font configuration of the axis label. */ fontConfiguration?: pulumi.Input; } interface DashboardAxisLabelReferenceOptionsArgs { /** * The column that the axis label is targeted to. */ column: pulumi.Input; /** * The field that the axis label is targeted to. */ fieldId: pulumi.Input; } interface DashboardAxisLinearScaleArgs { /** * The step count setup of a linear axis. */ stepCount?: pulumi.Input; /** * The step size setup of a linear axis. */ stepSize?: pulumi.Input; } interface DashboardAxisLogarithmicScaleArgs { /** * The base setup of a logarithmic axis scale. */ base?: pulumi.Input; } interface DashboardAxisScaleArgs { /** * The linear axis scale setup. */ linear?: pulumi.Input; /** * The logarithmic axis scale setup. */ logarithmic?: pulumi.Input; } interface DashboardAxisTickLabelOptionsArgs { /** * Determines whether or not the axis ticks are visible. */ labelOptions?: pulumi.Input; /** * The rotation angle of the axis tick labels. */ rotationAngle?: pulumi.Input; } interface DashboardBarChartAggregatedFieldWellsArgs { /** * The category (y-axis) field well of a bar chart. */ category?: pulumi.Input[]>; /** * The color (group/color) field well of a bar chart. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a bar chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a bar chart. Values are aggregated by category. */ values?: pulumi.Input[]>; } interface DashboardBarChartConfigurationArgs { /** * Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual. */ barsArrangement?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for bar chart category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart. */ colorLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The orientation of the bars in a bar chart visual. There are two valid values in this structure: * * - `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts. * - `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts. */ orientation?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a `BarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for a bar chart value. */ valueAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart value. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface DashboardBarChartFieldWellsArgs { /** * The aggregated field wells of a bar chart. */ barChartAggregatedFieldWells?: pulumi.Input; } interface DashboardBarChartSortConfigurationArgs { /** * The limit on the number of categories displayed in a bar chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of values displayed in a bar chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of color fields in a bar chart. */ colorSort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface DashboardBarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardBinCountOptionsArgs { /** * The options that determine the bin count value. */ value?: pulumi.Input; } interface DashboardBinWidthOptionsArgs { /** * The options that determine the bin count limit. */ binCountLimit?: pulumi.Input; /** * The options that determine the bin width value. */ value?: pulumi.Input; } interface DashboardBodySectionConfigurationArgs { /** * The configuration of content in a body section. */ content: pulumi.Input; /** * The configuration of a page break for a section. */ pageBreakConfiguration?: pulumi.Input; /** * Describes the configurations that are required to declare a section as repeating. */ repeatConfiguration?: pulumi.Input; /** * The unique identifier of a body section. */ sectionId: pulumi.Input; /** * The style options of a body section. */ style?: pulumi.Input; } interface DashboardBodySectionContentArgs { /** * The layout configuration of a body section. */ layout?: pulumi.Input; } interface DashboardBodySectionDynamicCategoryDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface DashboardBodySectionDynamicNumericDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface DashboardBodySectionRepeatConfigurationArgs { /** * List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section. */ dimensionConfigurations?: pulumi.Input[]>; /** * List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances. */ nonRepeatingVisuals?: pulumi.Input[]>; /** * Page break configuration to apply for each repeating instance. */ pageBreakConfiguration?: pulumi.Input; } interface DashboardBodySectionRepeatDimensionConfigurationArgs { /** * Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents. */ dynamicCategoryDimensionConfiguration?: pulumi.Input; /** * Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section. */ dynamicNumericDimensionConfiguration?: pulumi.Input; } interface DashboardBodySectionRepeatPageBreakConfigurationArgs { after?: pulumi.Input; } interface DashboardBoxPlotAggregatedFieldWellsArgs { /** * The group by field well of a box plot chart. Values are grouped based on group by fields. */ groupBy?: pulumi.Input[]>; /** * The value field well of a box plot chart. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface DashboardBoxPlotChartConfigurationArgs { /** * The box plot chart options for a box plot visual */ boxPlotOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort Icon visibility) of a box plot category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; legend?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) of a box plot value. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The sort configuration of a `BoxPlotVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface DashboardBoxPlotFieldWellsArgs { /** * The aggregated field wells of a box plot. */ boxPlotAggregatedFieldWells?: pulumi.Input; } interface DashboardBoxPlotOptionsArgs { /** * Determines the visibility of all data points of the box plot. */ allDataPointsVisibility?: pulumi.Input; /** * Determines the visibility of the outlier in a box plot. */ outlierVisibility?: pulumi.Input; /** * The style options of the box plot. */ styleOptions?: pulumi.Input; } interface DashboardBoxPlotSortConfigurationArgs { /** * The sort configuration of a group by fields. */ categorySort?: pulumi.Input[]>; /** * The pagination configuration of a table visual or box plot. */ paginationConfiguration?: pulumi.Input; } interface DashboardBoxPlotStyleOptionsArgs { /** * The fill styles (solid, transparent) of the box plot. */ fillStyle?: pulumi.Input; } interface DashboardBoxPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardCalculatedFieldArgs { /** * The data set that is used in this calculated field. */ dataSetIdentifier: pulumi.Input; /** * The expression of the calculated field. */ expression: pulumi.Input; /** * The name of the calculated field. */ name: pulumi.Input; } interface DashboardCalculatedMeasureFieldArgs { /** * The expression in the table calculation. */ expression: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; } interface DashboardCascadingControlConfigurationArgs { /** * A list of source controls that determine the values that are used in the current control. */ sourceControls?: pulumi.Input[]>; } interface DashboardCascadingControlSourceArgs { /** * The column identifier that determines which column to look up for the source sheet control. */ columnToMatch?: pulumi.Input; /** * The source sheet control ID of a `CascadingControlSource` . */ sourceSheetControlId?: pulumi.Input; } interface DashboardCategoricalDimensionFieldArgs { /** * The column that is used in the `CategoricalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface DashboardCategoricalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `CategoricalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface DashboardCategoryDrillDownFilterArgs { /** * A list of the string inputs that are the values of the category drill down filter. */ categoryValues: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; } interface DashboardCategoryFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The configuration for a `CategoryFilter` . */ configuration: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; } interface DashboardCategoryFilterConfigurationArgs { /** * A custom filter that filters based on a single value. This filter can be partially matched. */ customFilterConfiguration?: pulumi.Input; /** * A list of custom filter values. In the Quick Sight console, this filter type is called a custom filter list. */ customFilterListConfiguration?: pulumi.Input; /** * A list of filter configurations. In the Quick Sight console, this filter type is called a filter list. */ filterListConfiguration?: pulumi.Input; } interface DashboardCategoryInnerFilterArgs { column: pulumi.Input; configuration: pulumi.Input; defaultFilterControlConfiguration?: pulumi.Input; } interface DashboardChartAxisLabelOptionsArgs { /** * The label options for a chart axis. */ axisLabelOptions?: pulumi.Input[]>; /** * The visibility configuration of the sort icon on a chart's axis label. */ sortIconVisibility?: pulumi.Input; /** * The visibility of an axis label on a chart. Choose one of the following options: * * - `VISIBLE` : Shows the axis. * - `HIDDEN` : Hides the axis. */ visibility?: pulumi.Input; } interface DashboardClusterMarkerArgs { /** * The simple cluster marker of the cluster marker. */ simpleClusterMarker?: pulumi.Input; } interface DashboardClusterMarkerConfigurationArgs { /** * The cluster marker that is a part of the cluster marker configuration. */ clusterMarker?: pulumi.Input; } interface DashboardColorScaleArgs { /** * Determines the color fill type. */ colorFillType: pulumi.Input; /** * Determines the list of colors that are applied to the visual. */ colors: pulumi.Input[]>; /** * Determines the color that is applied to null values. */ nullValueColor?: pulumi.Input; } interface DashboardColorsConfigurationArgs { /** * A list of up to 50 custom colors. */ customColors?: pulumi.Input[]>; } interface DashboardColumnConfigurationArgs { /** * The color configurations of the column. */ colorsConfiguration?: pulumi.Input; /** * The column. */ column: pulumi.Input; /** * The format configuration of a column. */ formatConfiguration?: pulumi.Input; /** * The role of the column. */ role?: pulumi.Input; } interface DashboardColumnHierarchyArgs { /** * The option that determines the hierarchy of any `DateTime` fields. */ dateTimeHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals. */ explicitHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source. */ predefinedHierarchy?: pulumi.Input; } interface DashboardColumnIdentifierArgs { /** * The name of the column. */ columnName: pulumi.Input; /** * The data set that the column belongs to. */ dataSetIdentifier: pulumi.Input; } interface DashboardColumnSortArgs { /** * The aggregation function that is defined in the column sort. */ aggregationFunction?: pulumi.Input; /** * The sort direction. */ direction: pulumi.Input; sortBy: pulumi.Input; } interface DashboardColumnTooltipItemArgs { /** * The aggregation function of the column tooltip item. */ aggregation?: pulumi.Input; /** * The target column of the tooltip item. */ column: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the column tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface DashboardComboChartAggregatedFieldWellsArgs { /** * The aggregated `BarValues` field well of a combo chart. */ barValues?: pulumi.Input[]>; /** * The aggregated category field wells of a combo chart. */ category?: pulumi.Input[]>; /** * The aggregated colors field well of a combo chart. */ colors?: pulumi.Input[]>; /** * The aggregated `LineValues` field well of a combo chart. */ lineValues?: pulumi.Input[]>; } interface DashboardComboChartConfigurationArgs { /** * The options that determine if visual data labels are displayed. * * The data label options for a bar in a combo chart. */ barDataLabels?: pulumi.Input; /** * Determines the bar arrangement in a combo chart. The following are valid values in this structure: * * - `CLUSTERED` : For clustered bar combo charts. * - `STACKED` : For stacked bar combo charts. * - `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error. */ barsArrangement?: pulumi.Input; /** * The category axis of a combo chart. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well. */ colorLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The options that determine if visual data labels are displayed. * * The data label options for a line in a combo chart. */ lineDataLabels?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well. */ secondaryYAxisLabelOptions?: pulumi.Input; singleAxisOptions?: pulumi.Input; /** * The sort configuration of a `ComboChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface DashboardComboChartFieldWellsArgs { /** * The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category. */ comboChartAggregatedFieldWells?: pulumi.Input; } interface DashboardComboChartSortConfigurationArgs { /** * The item limit configuration for the category field well of a combo chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category field well in a combo chart. */ categorySort?: pulumi.Input[]>; /** * The item limit configuration of the color field well in a combo chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of the color field well in a combo chart. */ colorSort?: pulumi.Input[]>; } interface DashboardComboChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardComparisonConfigurationArgs { /** * The format of the comparison. */ comparisonFormat?: pulumi.Input; /** * The method of the comparison. Choose from the following options: * * - `DIFFERENCE` * - `PERCENT_DIFFERENCE` * - `PERCENT` */ comparisonMethod?: pulumi.Input; } interface DashboardComparisonFormatConfigurationArgs { /** * The number display format. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The percentage display format. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface DashboardComputationArgs { /** * The forecast computation configuration. */ forecast?: pulumi.Input; /** * The growth rate computation configuration. */ growthRate?: pulumi.Input; /** * The maximum and minimum computation configuration. */ maximumMinimum?: pulumi.Input; /** * The metric comparison computation configuration. */ metricComparison?: pulumi.Input; /** * The period over period computation configuration. */ periodOverPeriod?: pulumi.Input; /** * The period to `DataSetIdentifier` computation configuration. */ periodToDate?: pulumi.Input; /** * The top movers and bottom movers computation configuration. */ topBottomMovers?: pulumi.Input; /** * The top ranked and bottom ranked computation configuration. */ topBottomRanked?: pulumi.Input; /** * The total aggregation computation configuration. */ totalAggregation?: pulumi.Input; /** * The unique values computation configuration. */ uniqueValues?: pulumi.Input; } interface DashboardConditionalFormattingColorArgs { /** * Formatting configuration for gradient color. */ gradient?: pulumi.Input; /** * Formatting configuration for solid color. */ solid?: pulumi.Input; } interface DashboardConditionalFormattingCustomIconConditionArgs { /** * Determines the color of the icon. */ color?: pulumi.Input; /** * Determines the icon display configuration. */ displayConfiguration?: pulumi.Input; /** * The expression that determines the condition of the icon set. */ expression: pulumi.Input; /** * Custom icon options for an icon set. */ iconOptions: pulumi.Input; } interface DashboardConditionalFormattingCustomIconOptionsArgs { /** * Determines the type of icon. */ icon?: pulumi.Input; /** * Determines the Unicode icon type. */ unicodeIcon?: pulumi.Input; } interface DashboardConditionalFormattingGradientColorArgs { /** * Determines the color. */ color: pulumi.Input; /** * The expression that determines the formatting configuration for gradient color. */ expression: pulumi.Input; } interface DashboardConditionalFormattingIconArgs { /** * Determines the custom condition for an icon set. */ customCondition?: pulumi.Input; /** * Formatting configuration for icon set. */ iconSet?: pulumi.Input; } interface DashboardConditionalFormattingIconDisplayConfigurationArgs { /** * Determines the icon display configuration. */ iconDisplayOption?: pulumi.Input; } interface DashboardConditionalFormattingIconSetArgs { /** * The expression that determines the formatting configuration for the icon set. */ expression: pulumi.Input; /** * Determines the icon set type. */ iconSetType?: pulumi.Input; } interface DashboardConditionalFormattingSolidColorArgs { /** * Determines the color. */ color?: pulumi.Input; /** * The expression that determines the formatting configuration for solid color. */ expression: pulumi.Input; } interface DashboardContextMenuOptionArgs { /** * The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu. */ availabilityStatus?: pulumi.Input; } interface DashboardContributionAnalysisDefaultArgs { /** * The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` . */ contributorDimensions: pulumi.Input[]>; /** * The measure field that is used in the contribution analysis. */ measureFieldId: pulumi.Input; } interface DashboardCurrencyDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value for the currency format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the currency format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the currency format. */ suffix?: pulumi.Input; /** * Determines the symbol for the currency format. */ symbol?: pulumi.Input; } interface DashboardCustomActionFilterOperationArgs { /** * The configuration that chooses the fields to be filtered. */ selectedFieldsConfiguration: pulumi.Input; /** * The configuration that chooses the target visuals to be filtered. */ targetVisualsConfiguration: pulumi.Input; } interface DashboardCustomActionNavigationOperationArgs { /** * The configuration that chooses the navigation target. */ localNavigationConfiguration?: pulumi.Input; } interface DashboardCustomActionSetParametersOperationArgs { /** * The parameter that determines the value configuration. */ parameterValueConfigurations: pulumi.Input[]>; } interface DashboardCustomActionUrlOperationArgs { /** * The target of the `CustomActionURLOperation` . * * Valid values are defined as follows: * * - `NEW_TAB` : Opens the target URL in a new browser tab. * - `NEW_WINDOW` : Opens the target URL in a new browser window. * - `SAME_TAB` : Opens the target URL in the same browser tab. */ urlTarget: pulumi.Input; /** * THe URL link of the `CustomActionURLOperation` . */ urlTemplate: pulumi.Input; } interface DashboardCustomColorArgs { /** * The color that is applied to the data value. */ color: pulumi.Input; /** * The data value that the color is applied to. */ fieldValue?: pulumi.Input; /** * The value of a special data value. */ specialValue?: pulumi.Input; } interface DashboardCustomContentConfigurationArgs { /** * The content type of the custom content visual. You can use this to have the visual render as an image. */ contentType?: pulumi.Input; /** * The input URL that links to the custom content that you want in the custom visual. */ contentUrl?: pulumi.Input; /** * The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` . */ imageScaling?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface DashboardCustomContentVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `CustomContentVisual` . */ chartConfiguration?: pulumi.Input; /** * The dataset that is used to create the custom content visual. You can't create a visual without a dataset. */ dataSetIdentifier: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardCustomFilterConfigurationArgs { /** * The category value for the filter. * * This field is mutually exclusive to `ParameterName` . */ categoryValue?: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `CategoryValue` . */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface DashboardCustomFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface DashboardCustomNarrativeOptionsArgs { /** * The string input of custom narrative. */ narrative: pulumi.Input; } interface DashboardCustomParameterValuesArgs { /** * A list of datetime-type parameter values. */ dateTimeValues?: pulumi.Input[]>; /** * A list of decimal-type parameter values. */ decimalValues?: pulumi.Input[]>; /** * A list of integer-type parameter values. */ integerValues?: pulumi.Input[]>; /** * A list of string-type parameter values. */ stringValues?: pulumi.Input[]>; } interface DashboardCustomValuesConfigurationArgs { customValues: pulumi.Input; /** * Includes the null value in custom action parameter values. */ includeNullValue?: pulumi.Input; } interface DashboardDataBarsOptionsArgs { /** * The field ID for the data bars options. */ fieldId: pulumi.Input; /** * The color of the negative data bar. */ negativeColor?: pulumi.Input; /** * The color of the positive data bar. */ positiveColor?: pulumi.Input; } interface DashboardDataColorArgs { /** * The color that is applied to the data value. */ color?: pulumi.Input; /** * The data value that the color is applied to. */ dataValue?: pulumi.Input; } interface DashboardDataFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field that you are setting the axis binding to. */ fieldId: pulumi.Input; /** * The field value of the field that you are setting the axis binding to. */ fieldValue?: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface DashboardDataLabelOptionsArgs { /** * Determines the visibility of the category field labels. */ categoryLabelVisibility?: pulumi.Input; /** * The option that determines the data label type. */ dataLabelTypes?: pulumi.Input[]>; /** * Determines the color of the data labels. */ labelColor?: pulumi.Input; /** * Determines the content of the data labels. */ labelContent?: pulumi.Input; /** * Determines the font configuration of the data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the visibility of the measure field labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines whether overlap is enabled or disabled for the data labels. */ overlap?: pulumi.Input; /** * Determines the position of the data labels. */ position?: pulumi.Input; /** * Determines the visibility of the total. */ totalsVisibility?: pulumi.Input; /** * Determines the visibility of the data labels. */ visibility?: pulumi.Input; } interface DashboardDataLabelTypeArgs { /** * The option that specifies individual data values for labels. */ dataPathLabelType?: pulumi.Input; /** * Determines the label configuration for the entire field. */ fieldLabelType?: pulumi.Input; /** * Determines the label configuration for the maximum value in a visual. */ maximumLabelType?: pulumi.Input; /** * Determines the label configuration for the minimum value in a visual. */ minimumLabelType?: pulumi.Input; /** * Determines the label configuration for range end value in a visual. */ rangeEndsLabelType?: pulumi.Input; } interface DashboardDataPathColorArgs { /** * The color that needs to be applied to the element. */ color: pulumi.Input; /** * The element that the color needs to be applied to. */ element: pulumi.Input; /** * The time granularity of the field that the color needs to be applied to. */ timeGranularity?: pulumi.Input; } interface DashboardDataPathLabelTypeArgs { /** * The field ID of the field that the data label needs to be applied to. */ fieldId?: pulumi.Input; /** * The actual value of the field that is labeled. */ fieldValue?: pulumi.Input; /** * The visibility of the data label. */ visibility?: pulumi.Input; } interface DashboardDataPathSortArgs { /** * Determines the sort direction. */ direction: pulumi.Input; /** * The list of data paths that need to be sorted. */ sortPaths: pulumi.Input[]>; } interface DashboardDataPathTypeArgs { /** * The type of data path value utilized in a pivot table. Choose one of the following options: * * - `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` . * - `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement. * - `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement. * - `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` . */ pivotTableDataPathType?: pulumi.Input; } interface DashboardDataPathValueArgs { /** * The type configuration of the field. */ dataPathType?: pulumi.Input; /** * The field ID of the field that needs to be sorted. */ fieldId?: pulumi.Input; /** * The actual value of the field that needs to be sorted. */ fieldValue?: pulumi.Input; } /** *

The drill down options for data points in a dashbaord.

*/ interface DashboardDataPointDrillUpDownOptionArgs { /** * The status of the drill down options of data points. */ availabilityStatus?: pulumi.Input; } /** *

The data point menu options of a dashboard.

*/ interface DashboardDataPointMenuLabelOptionArgs { /** * The status of the data point menu options. */ availabilityStatus?: pulumi.Input; } /** *

The data point tooltip options.

*/ interface DashboardDataPointTooltipOptionArgs { /** * The status of the data point tool tip options. */ availabilityStatus?: pulumi.Input; } interface DashboardDataQaEnabledOptionArgs { /** * The status of the Data Q&A option on the dashboard. */ availabilityStatus?: pulumi.Input; } interface DashboardDataSetIdentifierDeclarationArgs { /** * The Amazon Resource Name (ARN) of the data set. */ dataSetArn: pulumi.Input; /** * The identifier of the data set, typically the data set's name. */ identifier: pulumi.Input; } /** *

Dataset reference.

*/ interface DashboardDataSetReferenceArgs { /** *

Dataset Amazon Resource Name (ARN).

*/ dataSetArn: pulumi.Input; /** *

Dataset placeholder.

*/ dataSetPlaceholder: pulumi.Input; } interface DashboardDataStoriesSharingOptionArgs { /** * Availability status. */ availabilityStatus?: pulumi.Input; } interface DashboardDateAxisOptionsArgs { /** * Determines whether or not missing dates are displayed. */ missingDateVisibility?: pulumi.Input; } interface DashboardDateDimensionFieldArgs { /** * The column that is used in the `DateDimensionField` . */ column: pulumi.Input; /** * The date granularity of the `DateDimensionField` . Choose one of the following options: * * - `YEAR` * - `QUARTER` * - `MONTH` * - `WEEK` * - `DAY` * - `HOUR` * - `MINUTE` * - `SECOND` * - `MILLISECOND` */ dateGranularity?: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface DashboardDateMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `DateMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface DashboardDateTimeDefaultValuesArgs { /** * The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression. */ rollingDate?: pulumi.Input; /** * The static values of the `DataTimeDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface DashboardDateTimeFormatConfigurationArgs { /** * Determines the `DateTime` format. */ dateTimeFormat?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric `DateTime` fields. */ numericFormatConfiguration?: pulumi.Input; } interface DashboardDateTimeHierarchyArgs { /** * The option that determines the drill down filters for the `DateTime` hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the `DateTime` hierarchy. */ hierarchyId: pulumi.Input; } /** *

A date-time parameter.

*/ interface DashboardDateTimeParameterArgs { /** *

A display name for the date-time parameter.

*/ name: pulumi.Input; /** *

The values for the date-time parameter.

*/ values: pulumi.Input[]>; } interface DashboardDateTimeParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The configuration that defines the default value of a `DateTime` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface DashboardDateTimePickerControlDisplayOptionsArgs { /** * The date icon visibility of the `DateTimePickerControlDisplayOptions` . */ dateIconVisibility?: pulumi.Input; /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The helper text visibility of the `DateTimePickerControlDisplayOptions` . */ helperTextVisibility?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardDateTimeValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface DashboardDecimalDefaultValuesArgs { /** * The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } /** *

A decimal parameter.

*/ interface DashboardDecimalParameterArgs { /** *

A display name for the decimal parameter.

*/ name: pulumi.Input; /** *

The values for the decimal parameter.

*/ values: pulumi.Input[]>; } interface DashboardDecimalParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `Decimal` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface DashboardDecimalPlacesConfigurationArgs { /** * The values of the decimal places. */ decimalPlaces: pulumi.Input; } interface DashboardDecimalValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface DashboardDefaultDateTimePickerControlOptionsArgs { /** * The visibility configuration of the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options: * * - `SINGLE_VALUED` : The filter condition is a fixed date. * - `DATE_RANGE` : The filter condition is a date time range. */ type?: pulumi.Input; } interface DashboardDefaultFilterControlConfigurationArgs { /** * The control option for the `DefaultFilterControlConfiguration` . */ controlOptions: pulumi.Input; /** * The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter. */ title: pulumi.Input; } interface DashboardDefaultFilterControlOptionsArgs { /** * The default options that correspond to the filter control type of a `DateTimePicker` . */ defaultDateTimePickerOptions?: pulumi.Input; /** * The default options that correspond to the `Dropdown` filter control type. */ defaultDropdownOptions?: pulumi.Input; /** * The default options that correspond to the `List` filter control type. */ defaultListOptions?: pulumi.Input; /** * The default options that correspond to the `RelativeDateTime` filter control type. */ defaultRelativeDateTimeOptions?: pulumi.Input; /** * The default options that correspond to the `Slider` filter control type. */ defaultSliderOptions?: pulumi.Input; /** * The default options that correspond to the `TextArea` filter control type. */ defaultTextAreaOptions?: pulumi.Input; /** * The default options that correspond to the `TextField` filter control type. */ defaultTextFieldOptions?: pulumi.Input; } interface DashboardDefaultFilterDropDownControlOptionsArgs { /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface DashboardDefaultFilterListControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `DefaultFilterListControlOptions` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface DashboardDefaultFreeFormLayoutConfigurationArgs { /** * Determines the screen canvas size options for a free-form layout. */ canvasSizeOptions: pulumi.Input; } interface DashboardDefaultGridLayoutConfigurationArgs { /** * Determines the screen canvas size options for a grid layout. */ canvasSizeOptions: pulumi.Input; } interface DashboardDefaultInteractiveLayoutConfigurationArgs { /** * The options that determine the default settings of a free-form layout configuration. */ freeForm?: pulumi.Input; /** * The options that determine the default settings for a grid layout configuration. */ grid?: pulumi.Input; } interface DashboardDefaultNewSheetConfigurationArgs { /** * The options that determine the default settings for interactive layout configuration. */ interactiveLayoutConfiguration?: pulumi.Input; /** * The options that determine the default settings for a paginated layout configuration. */ paginatedLayoutConfiguration?: pulumi.Input; /** * The option that determines the sheet content type. */ sheetContentType?: pulumi.Input; } interface DashboardDefaultPaginatedLayoutConfigurationArgs { /** * The options that determine the default settings for a section-based layout configuration. */ sectionBased?: pulumi.Input; } interface DashboardDefaultRelativeDateTimeControlOptionsArgs { /** * The visibility configuration of the Apply button on a `RelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface DashboardDefaultSectionBasedLayoutConfigurationArgs { /** * Determines the screen canvas size options for a section-based layout. */ canvasSizeOptions: pulumi.Input; } interface DashboardDefaultSliderControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The type of the `DefaultSliderControlOptions` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface DashboardDefaultTextAreaControlOptionsArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface DashboardDefaultTextFieldControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface DashboardDestinationParameterValueConfigurationArgs { /** * The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` . */ customValuesConfiguration?: pulumi.Input; /** * The configuration that selects all options. */ selectAllValueOptions?: pulumi.Input; /** * A column of a data set. */ sourceColumn?: pulumi.Input; /** * The source field ID of the destination parameter. */ sourceField?: pulumi.Input; /** * The source parameter name of the destination parameter. */ sourceParameterName?: pulumi.Input; } interface DashboardDimensionFieldArgs { /** * The dimension type field with categorical type columns. */ categoricalDimensionField?: pulumi.Input; /** * The dimension type field with date type columns. */ dateDimensionField?: pulumi.Input; /** * The dimension type field with numerical type columns. */ numericalDimensionField?: pulumi.Input; } interface DashboardDonutCenterOptionsArgs { /** * Determines the visibility of the label in a donut chart. In the Quick Sight console, this option is called `'Show total'` . */ labelVisibility?: pulumi.Input; } interface DashboardDonutOptionsArgs { /** * The option for define the arc of the chart shape. Valid values are as follows: * * - `WHOLE` - A pie chart * - `SMALL` - A small-sized donut chart * - `MEDIUM` - A medium-sized donut chart * - `LARGE` - A large-sized donut chart */ arcOptions?: pulumi.Input; /** * The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts. */ donutCenterOptions?: pulumi.Input; } interface DashboardDrillDownFilterArgs { /** * The category type drill down filter. This filter is used for string type columns. */ categoryFilter?: pulumi.Input; /** * The numeric equality type drill down filter. This filter is used for number type columns. */ numericEqualityFilter?: pulumi.Input; /** * The time range drill down filter. This filter is used for date time columns. */ timeRangeFilter?: pulumi.Input; } interface DashboardDropDownControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a dropdown control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardDynamicDefaultValueArgs { /** * The column that contains the default value of each user or group. */ defaultValueColumn: pulumi.Input; /** * The column that contains the group name. */ groupNameColumn?: pulumi.Input; /** * The column that contains the username. */ userNameColumn?: pulumi.Input; } interface DashboardEmptyVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The data set that is used in the empty visual. Every visual requires a dataset to render. */ dataSetIdentifier: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardExcludePeriodConfigurationArgs { /** * The amount or number of the exclude period. */ amount: pulumi.Input; /** * The granularity or unit (day, month, year) of the exclude period. */ granularity: pulumi.Input; /** * The status of the exclude period. Choose from the following options: * * - `ENABLED` * - `DISABLED` */ status?: pulumi.Input; } interface DashboardExecutiveSummaryOptionArgs { /** * Availability status. */ availabilityStatus?: pulumi.Input; } interface DashboardExplicitHierarchyArgs { /** * The list of columns that define the explicit hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the explicit hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the explicit hierarchy. */ hierarchyId: pulumi.Input; } /** *

Determines if hidden fields are included in an exported dashboard.

*/ interface DashboardExportHiddenFieldsOptionArgs { /** * The status of the export hidden fields options of a dashbaord. */ availabilityStatus?: pulumi.Input; } /** *

Export to .csv option.

*/ interface DashboardExportToCsvOptionArgs { /** * Availability status. */ availabilityStatus?: pulumi.Input; } /** *

Determines whether or not hidden fields are visible on exported dashbaords.

*/ interface DashboardExportWithHiddenFieldsOptionArgs { /** * The status of the export with hidden fields options. */ availabilityStatus?: pulumi.Input; } interface DashboardFieldBasedTooltipArgs { /** * The visibility of `Show aggregations` . */ aggregationVisibility?: pulumi.Input; /** * The fields configuration in the tooltip. */ tooltipFields?: pulumi.Input[]>; /** * The type for the >tooltip title. Choose one of the following options: * * - `NONE` : Doesn't use the primary value as the title. * - `PRIMARY_VALUE` : Uses primary value as the title. */ tooltipTitleType?: pulumi.Input; } interface DashboardFieldLabelTypeArgs { /** * Indicates the field that is targeted by the field label. */ fieldId?: pulumi.Input; /** * The visibility of the field label. */ visibility?: pulumi.Input; } interface DashboardFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field for which you are setting the axis binding. */ fieldId: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface DashboardFieldSortArgs { /** * The sort direction. Choose one of the following options: * * - `ASC` : Ascending * - `DESC` : Descending */ direction: pulumi.Input; /** * The sort configuration target field. */ fieldId: pulumi.Input; } interface DashboardFieldSortOptionsArgs { /** * The sort configuration for a column that is not used in a field well. */ columnSort?: pulumi.Input; /** * The sort configuration for a field in a field well. */ fieldSort?: pulumi.Input; } interface DashboardFieldTooltipItemArgs { /** * The unique ID of the field that is targeted by the tooltip. */ fieldId: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the field tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface DashboardFilledMapAggregatedFieldWellsArgs { /** * The aggregated location field well of the filled map. Values are grouped by location fields. */ geospatial?: pulumi.Input[]>; /** * The aggregated color field well of a filled map. Values are aggregated based on location fields. */ values?: pulumi.Input[]>; } interface DashboardFilledMapConditionalFormattingArgs { /** * Conditional formatting options of a `FilledMapVisual` . */ conditionalFormattingOptions: pulumi.Input[]>; } interface DashboardFilledMapConditionalFormattingOptionArgs { /** * The conditional formatting that determines the shape of the filled map. */ shape: pulumi.Input; } interface DashboardFilledMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the filled map visual. */ mapStyleOptions?: pulumi.Input; /** * The sort configuration of a `FilledMapVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The window options of the filled map visual. */ windowOptions?: pulumi.Input; } interface DashboardFilledMapFieldWellsArgs { /** * The aggregated field well of the filled map. */ filledMapAggregatedFieldWells?: pulumi.Input; } interface DashboardFilledMapShapeConditionalFormattingArgs { /** * The field ID of the filled map shape. */ fieldId: pulumi.Input; /** * The conditional formatting that determines the background color of a filled map's shape. */ format?: pulumi.Input; } interface DashboardFilledMapSortConfigurationArgs { /** * The sort configuration of the location fields. */ categorySort?: pulumi.Input[]>; } interface DashboardFilledMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a `FilledMapVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardFilterArgs { /** * A `CategoryFilter` filters text values. * * For more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon Quick Suite User Guide* . */ categoryFilter?: pulumi.Input; /** * A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter. */ nestedFilter?: pulumi.Input; /** * A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value. */ numericEqualityFilter?: pulumi.Input; /** * A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range. */ numericRangeFilter?: pulumi.Input; /** * A `RelativeDatesFilter` filters date values that are relative to a given date. */ relativeDatesFilter?: pulumi.Input; /** * A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value. */ timeEqualityFilter?: pulumi.Input; /** * A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range. */ timeRangeFilter?: pulumi.Input; /** * A `TopBottomFilter` filters data to the top or bottom values for a given column. */ topBottomFilter?: pulumi.Input; } interface DashboardFilterControlArgs { /** * A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet */ crossSheet?: pulumi.Input; /** * A control from a date filter that is used to specify date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list of buttons or boxes. This is used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control from a date filter that is used to specify the relative date. */ relativeDateTime?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface DashboardFilterCrossSheetControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The ID of the `FilterCrossSheetControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterCrossSheetControl` . */ sourceFilterId: pulumi.Input; } interface DashboardFilterDateTimePickerControlArgs { /** * The visibility configurationof the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDateTimePickerControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterDateTimePickerControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDateTimePickerControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface DashboardFilterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of the `FilterDropDownControl` . */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDropDownControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterDropDownControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDropDownControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface DashboardFilterGroupArgs { /** * The filter new feature which can apply filter group to all data sets. Choose one of the following options: * * - `ALL_DATASETS` * - `SINGLE_DATASET` */ crossDataset: pulumi.Input; /** * The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis. */ filterGroupId: pulumi.Input; /** * The list of filters that are present in a `FilterGroup` . */ filters: pulumi.Input[]>; /** * The configuration that specifies what scope to apply to a `FilterGroup` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ scopeConfiguration: pulumi.Input; /** * The status of the `FilterGroup` . */ status?: pulumi.Input; } interface DashboardFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface DashboardFilterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterListControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterListControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterListControl` . */ title: pulumi.Input; /** * The type of the `FilterListControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface DashboardFilterOperationSelectedFieldsConfigurationArgs { /** *

The selected columns of a dataset.

*/ selectedColumns?: pulumi.Input[]>; /** * A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` . * * Valid values are defined as follows: * * - `ALL_FIELDS` : Applies the filter operation to all fields. */ selectedFieldOptions?: pulumi.Input; /** * Chooses the fields that are filtered in `CustomActionFilterOperation` . */ selectedFields?: pulumi.Input[]>; } interface DashboardFilterOperationTargetVisualsConfigurationArgs { /** * The configuration of the same-sheet target visuals that you want to be filtered. */ sameSheetTargetVisualConfiguration?: pulumi.Input; } interface DashboardFilterRelativeDateTimeControlArgs { /** * The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface DashboardFilterScopeConfigurationArgs { /** * The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen. */ allSheets?: pulumi.Input; /** * The configuration for applying a filter to specific sheets. */ selectedSheets?: pulumi.Input; } interface DashboardFilterSelectableValuesArgs { /** * The values that are used in the `FilterSelectableValues` . */ values?: pulumi.Input[]>; } interface DashboardFilterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterSliderControl` . */ filterControlId: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The source filter ID of the `FilterSliderControl` . */ sourceFilterId: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `FilterSliderControl` . */ title: pulumi.Input; /** * The type of the `FilterSliderControl` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface DashboardFilterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface DashboardFilterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextFieldControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextFieldControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextFieldControl` . */ title: pulumi.Input; } interface DashboardFontConfigurationArgs { /** * Determines the color of the text. */ fontColor?: pulumi.Input; /** * Determines the appearance of decorative lines on the text. */ fontDecoration?: pulumi.Input; /** * The font family that you want to use. */ fontFamily?: pulumi.Input; /** * The option that determines the text display size. */ fontSize?: pulumi.Input; /** * Determines the text display face that is inherited by the given font family. */ fontStyle?: pulumi.Input; /** * The option that determines the text display weight, or boldness. */ fontWeight?: pulumi.Input; } interface DashboardFontSizeArgs { /** * String based length that is composed of value and unit in px */ absolute?: pulumi.Input; /** * The lexical name for the text size, proportional to its surrounding context. */ relative?: pulumi.Input; } interface DashboardFontWeightArgs { /** * The lexical name for the level of boldness of the text display. */ name?: pulumi.Input; } interface DashboardForecastComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The custom seasonality value setup of a forecast computation. */ customSeasonalityValue?: pulumi.Input; /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `AUTOMATIC` * - `CUSTOM` : Checks the custom seasonality value. */ seasonality?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardForecastConfigurationArgs { /** * The forecast properties setup of a forecast in the line chart. */ forecastProperties?: pulumi.Input; /** * The forecast scenario of a forecast in the line chart. */ scenario?: pulumi.Input; } interface DashboardForecastScenarioArgs { /** * The what-if analysis forecast setup with the target date. */ whatIfPointScenario?: pulumi.Input; /** * The what-if analysis forecast setup with the date range. */ whatIfRangeScenario?: pulumi.Input; } interface DashboardFormatConfigurationArgs { /** * Formatting configuration for `DateTime` fields. */ dateTimeFormatConfiguration?: pulumi.Input; /** * Formatting configuration for number fields. */ numberFormatConfiguration?: pulumi.Input; /** * Formatting configuration for string fields. */ stringFormatConfiguration?: pulumi.Input; } interface DashboardFreeFormLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a free-form layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface DashboardFreeFormLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a free-form layout. */ elements: pulumi.Input[]>; } interface DashboardFreeFormLayoutElementArgs { /** * The background style configuration of a free-form layout element. */ backgroundStyle?: pulumi.Input; /** * The border radius of a free-form layout element. */ borderRadius?: pulumi.Input; /** * The border style configuration of a free-form layout element. */ borderStyle?: pulumi.Input; /** * A unique identifier for an element within a free-form layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; /** * String based length that is composed of value and unit in px */ height: pulumi.Input; /** * The loading animation configuration of a free-form layout element. */ loadingAnimation?: pulumi.Input; /** * The padding of a free-form layout element. */ padding?: pulumi.Input; /** * The rendering rules that determine when an element should be displayed within a free-form layout. */ renderingRules?: pulumi.Input[]>; /** * The border style configuration of a free-form layout element. This border style is used when the element is selected. */ selectedBorderStyle?: pulumi.Input; /** * The visibility of an element within a free-form layout. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width: pulumi.Input; /** * String based length that is composed of value and unit in px */ xAxisLocation: pulumi.Input; /** * String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value */ yAxisLocation: pulumi.Input; } interface DashboardFreeFormLayoutElementBackgroundStyleArgs { /** * The background color of a free-form layout element. */ color?: pulumi.Input; /** * The background visibility of a free-form layout element. */ visibility?: pulumi.Input; } interface DashboardFreeFormLayoutElementBorderStyleArgs { /** * The border color of a free-form layout element. */ color?: pulumi.Input; /** * The border visibility of a free-form layout element. */ visibility?: pulumi.Input; /** * String to encapsulate the most generic way Width can be formatted with whatever units (px, em etc) */ width?: pulumi.Input; } interface DashboardFreeFormLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth: pulumi.Input; } interface DashboardFreeFormSectionLayoutConfigurationArgs { /** * The elements that are included in the free-form layout. */ elements: pulumi.Input[]>; } interface DashboardFunnelChartAggregatedFieldWellsArgs { /** * The category field wells of a funnel chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The value field wells of a funnel chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface DashboardFunnelChartConfigurationArgs { /** * The label options of the categories that are displayed in a `FunnelChartVisual` . */ categoryLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the data labels. */ dataLabelOptions?: pulumi.Input; /** * The field well configuration of a `FunnelChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a `FunnelChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a `FunnelChartVisual` . */ tooltip?: pulumi.Input; /** * The label options for the values that are displayed in a `FunnelChartVisual` . */ valueLabelOptions?: pulumi.Input; /** * The visual palette configuration of a `FunnelChartVisual` . */ visualPalette?: pulumi.Input; } interface DashboardFunnelChartDataLabelOptionsArgs { /** * The visibility of the category labels within the data labels. */ categoryLabelVisibility?: pulumi.Input; /** * The color of the data label text. */ labelColor?: pulumi.Input; /** * The font configuration for the data labels. * * Only the `FontSize` attribute of the font configuration is used for data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the style of the metric labels. */ measureDataLabelStyle?: pulumi.Input; /** * The visibility of the measure labels within the data labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines the positioning of the data label relative to a section of the funnel. */ position?: pulumi.Input; /** * The visibility option that determines if data labels are displayed. */ visibility?: pulumi.Input; } interface DashboardFunnelChartFieldWellsArgs { /** * The field well configuration of a `FunnelChartVisual` . */ funnelChartAggregatedFieldWells?: pulumi.Input; } interface DashboardFunnelChartSortConfigurationArgs { /** * The limit on the number of categories displayed. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface DashboardFunnelChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `FunnelChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardGaugeChartArcConditionalFormattingArgs { /** * The conditional formatting of the arc foreground color. */ foregroundColor?: pulumi.Input; } interface DashboardGaugeChartColorConfigurationArgs { /** * The background color configuration of a `GaugeChartVisual` . */ backgroundColor?: pulumi.Input; /** * The foreground color configuration of a `GaugeChartVisual` . */ foregroundColor?: pulumi.Input; } interface DashboardGaugeChartConditionalFormattingArgs { /** * Conditional formatting options of a `GaugeChartVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface DashboardGaugeChartConditionalFormattingOptionArgs { /** * The options that determine the presentation of the arc of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The conditional formatting for the primary value of a `GaugeChartVisual` . */ primaryValue?: pulumi.Input; } interface DashboardGaugeChartConfigurationArgs { /** * The color configuration of a `GaugeChartVisual` . */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a `GaugeChartVisual` . */ dataLabels?: pulumi.Input; /** * The field well configuration of a `GaugeChartVisual` . */ fieldWells?: pulumi.Input; /** * The options that determine the presentation of the `GaugeChartVisual` . */ gaugeChartOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a `GaugeChartVisual` . */ tooltipOptions?: pulumi.Input; /** * The visual palette configuration of a `GaugeChartVisual` . */ visualPalette?: pulumi.Input; } interface DashboardGaugeChartFieldWellsArgs { /** * The target value field wells of a `GaugeChartVisual` . */ targetValues?: pulumi.Input[]>; /** * The value field wells of a `GaugeChartVisual` . */ values?: pulumi.Input[]>; } interface DashboardGaugeChartOptionsArgs { /** * The arc configuration of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The arc axis configuration of a `GaugeChartVisual` . */ arcAxis?: pulumi.Input; /** * The comparison configuration of a `GaugeChartVisual` . */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; } interface DashboardGaugeChartPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value text color. */ textColor?: pulumi.Input; } interface DashboardGaugeChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `GaugeChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The conditional formatting of a `GaugeChartVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardGeospatialCategoricalColorArgs { /** * A list of categorical data colors for each category. */ categoryDataColors: pulumi.Input[]>; /** * The default opacity of a categorical color. */ defaultOpacity?: pulumi.Input; /** * The null data visualization settings. */ nullDataSettings?: pulumi.Input; /** * The state of visibility for null data. */ nullDataVisibility?: pulumi.Input; } interface DashboardGeospatialCategoricalDataColorArgs { /** * The color and opacity values for the category data color. */ color: pulumi.Input; /** * The data value for the category data color. */ dataValue: pulumi.Input; } interface DashboardGeospatialCircleRadiusArgs { /** * The positive value for the radius of a circle. */ radius?: pulumi.Input; } interface DashboardGeospatialCircleSymbolStyleArgs { /** * The radius of the circle. */ circleRadius?: pulumi.Input; /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the stroke (border). */ strokeWidth?: pulumi.Input; } interface DashboardGeospatialColorArgs { /** * The visualization properties for the categorical color. */ categorical?: pulumi.Input; /** * The visualization properties for the gradient color. */ gradient?: pulumi.Input; /** * The visualization properties for the solid color. */ solid?: pulumi.Input; } interface DashboardGeospatialCoordinateBoundsArgs { /** * The longitude of the east bound of the geospatial coordinate bounds. */ east: pulumi.Input; /** * The latitude of the north bound of the geospatial coordinate bounds. */ north: pulumi.Input; /** * The latitude of the south bound of the geospatial coordinate bounds. */ south: pulumi.Input; /** * The longitude of the west bound of the geospatial coordinate bounds. */ west: pulumi.Input; } interface DashboardGeospatialDataSourceItemArgs { /** * The static file data source properties for the geospatial data. */ staticFileDataSource?: pulumi.Input; } interface DashboardGeospatialGradientColorArgs { /** * The default opacity for the gradient color. */ defaultOpacity?: pulumi.Input; /** * The null data visualization settings. */ nullDataSettings?: pulumi.Input; /** * The state of visibility for null data. */ nullDataVisibility?: pulumi.Input; /** * A list of gradient step colors for the gradient. */ stepColors: pulumi.Input[]>; } interface DashboardGeospatialGradientStepColorArgs { /** * The color and opacity values for the gradient step color. */ color: pulumi.Input; /** * The data value for the gradient step color. */ dataValue: pulumi.Input; } interface DashboardGeospatialHeatmapColorScaleArgs { /** * The list of colors to be used in heatmap point style. */ colors?: pulumi.Input[]>; } interface DashboardGeospatialHeatmapConfigurationArgs { /** * The color scale specification for the heatmap point style. */ heatmapColor?: pulumi.Input; } interface DashboardGeospatialHeatmapDataColorArgs { /** * The hex color to be used in the heatmap point style. */ color: pulumi.Input; } interface DashboardGeospatialLayerColorFieldArgs { /** * A list of color dimension fields. */ colorDimensionsFields?: pulumi.Input[]>; /** * A list of color measure fields. */ colorValuesFields?: pulumi.Input[]>; } interface DashboardGeospatialLayerDefinitionArgs { /** * The definition for a line layer. */ lineLayer?: pulumi.Input; /** * The definition for a point layer. */ pointLayer?: pulumi.Input; /** * The definition for a polygon layer. */ polygonLayer?: pulumi.Input; } interface DashboardGeospatialLayerItemArgs { /** * A list of custom actions for a layer. */ actions?: pulumi.Input[]>; /** * The data source for the layer. */ dataSource?: pulumi.Input; /** * The join definition properties for a layer. */ joinDefinition?: pulumi.Input; /** * The label that is displayed for the layer. */ label?: pulumi.Input; /** * The definition properties for a layer. */ layerDefinition?: pulumi.Input; /** * The ID of the layer. */ layerId: pulumi.Input; /** * The layer type. */ layerType?: pulumi.Input; tooltip?: pulumi.Input; /** * The state of visibility for the layer. */ visibility?: pulumi.Input; } interface DashboardGeospatialLayerJoinDefinitionArgs { /** * The geospatial color field for the join definition. */ colorField?: pulumi.Input; datasetKeyField?: pulumi.Input; /** * The name of the field or property in the geospatial data source. */ shapeKeyField?: pulumi.Input; } interface DashboardGeospatialLayerMapConfigurationArgs { interactions?: pulumi.Input; legend?: pulumi.Input; /** * The geospatial layers to visualize on the map. */ mapLayers?: pulumi.Input[]>; /** * The map state properties for the map. */ mapState?: pulumi.Input; /** * The map style properties for the map. */ mapStyle?: pulumi.Input; } interface DashboardGeospatialLineLayerArgs { /** * The visualization style for a line layer. */ style: pulumi.Input; } interface DashboardGeospatialLineStyleArgs { /** * The symbol style for a line style. */ lineSymbolStyle?: pulumi.Input; } interface DashboardGeospatialLineSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The width value for a line. */ lineWidth?: pulumi.Input; } interface DashboardGeospatialLineWidthArgs { /** * The positive value for the width of a line. */ lineWidth?: pulumi.Input; } interface DashboardGeospatialMapAggregatedFieldWellsArgs { /** * The color field wells of a geospatial map. */ colors?: pulumi.Input[]>; /** * The geospatial field wells of a geospatial map. Values are grouped by geospatial fields. */ geospatial?: pulumi.Input[]>; /** * The size field wells of a geospatial map. Values are aggregated based on geospatial fields. */ values?: pulumi.Input[]>; } interface DashboardGeospatialMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the geospatial map. */ mapStyleOptions?: pulumi.Input; /** * The point style options of the geospatial map. */ pointStyleOptions?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; visualPalette?: pulumi.Input; /** * The window options of the geospatial map. */ windowOptions?: pulumi.Input; } interface DashboardGeospatialMapFieldWellsArgs { /** * The aggregated field well for a geospatial map. */ geospatialMapAggregatedFieldWells?: pulumi.Input; } interface DashboardGeospatialMapStateArgs { bounds?: pulumi.Input; /** * Enables or disables map navigation for a map. */ mapNavigation?: pulumi.Input; } interface DashboardGeospatialMapStyleArgs { /** * The background color and opacity values for a map. */ backgroundColor?: pulumi.Input; /** * The selected base map style. */ baseMapStyle?: pulumi.Input; /** * The state of visibility for the base map. */ baseMapVisibility?: pulumi.Input; } interface DashboardGeospatialMapStyleOptionsArgs { /** * The base map style of the geospatial map. */ baseMapStyle?: pulumi.Input; } interface DashboardGeospatialMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardGeospatialNullDataSettingsArgs { /** * The symbol style for null data. */ symbolStyle: pulumi.Input; } interface DashboardGeospatialNullSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the border stroke. */ strokeWidth?: pulumi.Input; } interface DashboardGeospatialPointLayerArgs { /** * The visualization style for a point layer. */ style: pulumi.Input; } interface DashboardGeospatialPointStyleArgs { /** * The circle symbol style for a point layer. */ circleSymbolStyle?: pulumi.Input; } interface DashboardGeospatialPointStyleOptionsArgs { /** * The cluster marker configuration of the geospatial point style. */ clusterMarkerConfiguration?: pulumi.Input; /** * The heatmap configuration of the geospatial point style. */ heatmapConfiguration?: pulumi.Input; /** * The selected point styles (point, cluster) of the geospatial map. */ selectedPointStyle?: pulumi.Input; } interface DashboardGeospatialPolygonLayerArgs { /** * The visualization style for a polygon layer. */ style: pulumi.Input; } interface DashboardGeospatialPolygonStyleArgs { /** * The polygon symbol style for a polygon layer. */ polygonSymbolStyle?: pulumi.Input; } interface DashboardGeospatialPolygonSymbolStyleArgs { /** * The color and opacity values for the fill color. */ fillColor?: pulumi.Input; /** * The color and opacity values for the stroke color. */ strokeColor?: pulumi.Input; /** * The width of the border stroke. */ strokeWidth?: pulumi.Input; } /** * Describes the properties for a solid color */ interface DashboardGeospatialSolidColorArgs { /** * The color and opacity values for the color. */ color: pulumi.Input; /** * Enables and disables the view state of the color. */ state?: pulumi.Input; } interface DashboardGeospatialStaticFileSourceArgs { /** * The ID of the static file. */ staticFileId: pulumi.Input; } interface DashboardGeospatialWindowOptionsArgs { /** * The bounds options (north, south, west, east) of the geospatial window options. */ bounds?: pulumi.Input; /** * The map zoom modes (manual, auto) of the geospatial window options. */ mapZoomMode?: pulumi.Input; } interface DashboardGlobalTableBorderOptionsArgs { /** * Determines the options for side specific border. */ sideSpecificBorder?: pulumi.Input; /** * Determines the options for uniform border. */ uniformBorder?: pulumi.Input; } interface DashboardGradientColorArgs { /** * The list of gradient color stops. */ stops?: pulumi.Input[]>; } interface DashboardGradientStopArgs { /** * Determines the color. */ color?: pulumi.Input; /** * Determines the data value. */ dataValue?: pulumi.Input; /** * Determines gradient offset value. */ gradientOffset: pulumi.Input; } interface DashboardGridLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a grid layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface DashboardGridLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a grid layout. */ elements: pulumi.Input[]>; } interface DashboardGridLayoutElementArgs { /** * The background style configuration of a grid layout element. */ backgroundStyle?: pulumi.Input; /** * The border radius of a grid layout element. */ borderRadius?: pulumi.Input; /** * The border style configuration of a grid layout element. */ borderStyle?: pulumi.Input; /** * The column index for the upper left corner of an element. */ columnIndex?: pulumi.Input; /** * The width of a grid element expressed as a number of grid columns. */ columnSpan: pulumi.Input; /** * A unique identifier for an element within a grid layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; loadingAnimation?: pulumi.Input; /** * The padding of a grid layout element. */ padding?: pulumi.Input; /** * The row index for the upper left corner of an element. */ rowIndex?: pulumi.Input; /** * The height of a grid element expressed as a number of grid rows. */ rowSpan: pulumi.Input; /** * The border style configuration of a grid layout element. This border style is used when the element is selected. */ selectedBorderStyle?: pulumi.Input; } interface DashboardGridLayoutElementBackgroundStyleArgs { /** * The background color of a grid layout element. */ color?: pulumi.Input; /** * The background visibility of a grid layout element. */ visibility?: pulumi.Input; } interface DashboardGridLayoutElementBorderStyleArgs { /** * The border color of a grid layout element. */ color?: pulumi.Input; /** * The border visibility of a grid layout element. */ visibility?: pulumi.Input; /** * String to encapsulate the most generic way Width can be formatted with whatever units (px, em etc) */ width?: pulumi.Input; } interface DashboardGridLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth?: pulumi.Input; /** * This value determines the layout behavior when the viewport is resized. * * - `FIXED` : A fixed width will be used when optimizing the layout. In the Quick Sight console, this option is called `Classic` . * - `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Quick Sight console, this option is called `Tiled` . */ resizeOption: pulumi.Input; } interface DashboardGrowthRateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The period size setup of a growth rate computation. */ periodSize?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardHeaderFooterSectionConfigurationArgs { /** * The layout configuration of the header or footer section. */ layout: pulumi.Input; /** * The unique identifier of the header or footer section. */ sectionId: pulumi.Input; /** * The style options of a header or footer section. */ style?: pulumi.Input; } interface DashboardHeatMapAggregatedFieldWellsArgs { /** * The columns field well of a heat map. */ columns?: pulumi.Input[]>; /** * The rows field well of a heat map. */ rows?: pulumi.Input[]>; /** * The values field well of a heat map. */ values?: pulumi.Input[]>; } interface DashboardHeatMapConfigurationArgs { /** * The color options (gradient color, point of divergence) in a heat map. */ colorScale?: pulumi.Input; /** * The label options of the column that is displayed in a heat map. */ columnLabelOptions?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options of the row that is displayed in a `heat map` . */ rowLabelOptions?: pulumi.Input; /** * The sort configuration of a heat map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface DashboardHeatMapFieldWellsArgs { /** * The aggregated field wells of a heat map. */ heatMapAggregatedFieldWells?: pulumi.Input; } interface DashboardHeatMapSortConfigurationArgs { /** * The limit on the number of columns that are displayed in a heat map. */ heatMapColumnItemsLimitConfiguration?: pulumi.Input; /** * The column sort configuration for heat map for columns that aren't a part of a field well. */ heatMapColumnSort?: pulumi.Input[]>; /** * The limit on the number of rows that are displayed in a heat map. */ heatMapRowItemsLimitConfiguration?: pulumi.Input; /** * The field sort configuration of the rows fields. */ heatMapRowSort?: pulumi.Input[]>; } interface DashboardHeatMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a heat map. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardHistogramAggregatedFieldWellsArgs { /** * The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` . */ values?: pulumi.Input[]>; } interface DashboardHistogramBinOptionsArgs { /** * The options that determine the bin count of a histogram. */ binCount?: pulumi.Input; /** * The options that determine the bin width of a histogram. */ binWidth?: pulumi.Input; /** * The options that determine the selected bin type. */ selectedBinType?: pulumi.Input; /** * The options that determine the bin start value. */ startValue?: pulumi.Input; } interface DashboardHistogramConfigurationArgs { /** * The options that determine the presentation of histogram bins. */ binOptions?: pulumi.Input; /** * The data label configuration of a histogram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a histogram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a histogram. */ tooltip?: pulumi.Input; /** * The visual palette configuration of a histogram. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ yAxisDisplayOptions?: pulumi.Input; } interface DashboardHistogramFieldWellsArgs { /** * The field well configuration of a histogram. */ histogramAggregatedFieldWells?: pulumi.Input; } interface DashboardHistogramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a `HistogramVisual` . */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardImageCustomActionArgs { /** * A list of `ImageCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the custom action. */ customActionId: pulumi.Input; /** * The name of the custom action. */ name: pulumi.Input; /** * The status of the custom action. */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `CLICK` : Initiates a custom action by a left pointer click on a data point. * - `MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface DashboardImageCustomActionOperationArgs { navigationOperation?: pulumi.Input; setParametersOperation?: pulumi.Input; urlOperation?: pulumi.Input; } interface DashboardImageInteractionOptionsArgs { /** * The menu options for the image. */ imageMenuOption?: pulumi.Input; } interface DashboardImageMenuOptionArgs { /** * The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu. */ availabilityStatus?: pulumi.Input; } interface DashboardImageStaticFileArgs { /** * The source of the image static file. */ source?: pulumi.Input; /** * The ID of the static file that contains an image. */ staticFileId: pulumi.Input; } interface DashboardInnerFilterArgs { /** * A `CategoryInnerFilter` filters text values for the `NestedFilter` . */ categoryInnerFilter?: pulumi.Input; } interface DashboardInsightConfigurationArgs { /** * The computations configurations of the insight visual */ computations?: pulumi.Input[]>; /** * The custom narrative of the insight visual. */ customNarrative?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface DashboardInsightVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The dataset that is used in the insight visual. */ dataSetIdentifier: pulumi.Input; /** * The configuration of an insight visual. */ insightConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardIntegerDefaultValuesArgs { /** * The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `IntegerDefaultValues` . */ staticValues?: pulumi.Input[]>; } /** *

An integer parameter.

*/ interface DashboardIntegerParameterArgs { /** *

The name of the integer parameter.

*/ name: pulumi.Input; /** *

The values for the integer parameter.

*/ values: pulumi.Input[]>; } interface DashboardIntegerParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ valueWhenUnset?: pulumi.Input; } interface DashboardIntegerValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface DashboardItemsLimitConfigurationArgs { /** * The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart. */ itemsLimit?: pulumi.Input; /** * The `Show other` of an axis in the chart. Choose one of the following options: * * - `INCLUDE` * - `EXCLUDE` */ otherCategories?: pulumi.Input; } interface DashboardKpiActualValueConditionalFormattingArgs { /** * The conditional formatting of the actual value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the actual value's text color. */ textColor?: pulumi.Input; } interface DashboardKpiComparisonValueConditionalFormattingArgs { /** * The conditional formatting of the comparison value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the comparison value's text color. */ textColor?: pulumi.Input; } interface DashboardKpiConditionalFormattingArgs { /** * The conditional formatting options of a KPI visual. */ conditionalFormattingOptions?: pulumi.Input[]>; } interface DashboardKpiConditionalFormattingOptionArgs { /** * The conditional formatting for the actual value of a KPI visual. */ actualValue?: pulumi.Input; /** * The conditional formatting for the comparison value of a KPI visual. */ comparisonValue?: pulumi.Input; /** * The conditional formatting for the primary value of a KPI visual. */ primaryValue?: pulumi.Input; /** * The conditional formatting for the progress bar of a KPI visual. */ progressBar?: pulumi.Input; } interface DashboardKpiConfigurationArgs { /** * The field well configuration of a KPI visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The options that determine the presentation of a KPI visual. */ kpiOptions?: pulumi.Input; /** * The sort configuration of a KPI visual. */ sortConfiguration?: pulumi.Input; } interface DashboardKpiFieldWellsArgs { /** * The target value field wells of a KPI visual. */ targetValues?: pulumi.Input[]>; /** * The trend group field wells of a KPI visual. */ trendGroups?: pulumi.Input[]>; /** * The value field wells of a KPI visual. */ values?: pulumi.Input[]>; } interface DashboardKpiOptionsArgs { /** * The comparison configuration of a KPI visual. */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the presentation of the progress bar of a KPI visual. */ progressBar?: pulumi.Input; /** * The options that determine the presentation of the secondary value of a KPI visual. */ secondaryValue?: pulumi.Input; /** * The options that determine the secondary value font configuration. */ secondaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual. */ sparkline?: pulumi.Input; /** * The options that determine the presentation of trend arrows in a KPI visual. */ trendArrows?: pulumi.Input; /** * The options that determine the layout a KPI visual. */ visualLayoutOptions?: pulumi.Input; } interface DashboardKpiPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value's text color. */ textColor?: pulumi.Input; } interface DashboardKpiProgressBarConditionalFormattingArgs { /** * The conditional formatting of the progress bar's foreground color. */ foregroundColor?: pulumi.Input; } interface DashboardKpiSortConfigurationArgs { /** * The sort configuration of the trend group fields. */ trendGroupSort?: pulumi.Input[]>; } interface DashboardKpiSparklineOptionsArgs { /** * The color of the sparkline. */ color?: pulumi.Input; /** * The tooltip visibility of the sparkline. */ tooltipVisibility?: pulumi.Input; /** * The type of the sparkline. */ type: pulumi.Input; /** * The visibility of the sparkline. */ visibility?: pulumi.Input; } interface DashboardKpiVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a KPI visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a KPI visual. */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardKpiVisualLayoutOptionsArgs { /** * The standard layout of the KPI visual. */ standardLayout?: pulumi.Input; } interface DashboardKpiVisualStandardLayoutArgs { /** * The standard layout type. */ type: pulumi.Input; } interface DashboardLabelOptionsArgs { /** * The text for the label. */ customLabel?: pulumi.Input; /** * The font configuration of the label. */ fontConfiguration?: pulumi.Input; /** * Determines whether or not the label is visible. */ visibility?: pulumi.Input; } interface DashboardLayerCustomActionArgs { /** * A list of `LayerCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the custom action. */ customActionId: pulumi.Input; /** * The name of the custom action. */ name: pulumi.Input; /** * The status of the `LayerCustomAction` . */ status?: pulumi.Input; /** * The trigger of the `LayerCustomAction` . * * Valid values are defined as follows: * * - `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point. * - `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface DashboardLayerCustomActionOperationArgs { filterOperation?: pulumi.Input; navigationOperation?: pulumi.Input; setParametersOperation?: pulumi.Input; urlOperation?: pulumi.Input; } interface DashboardLayerMapVisualArgs { /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The dataset that is used to create the layer map visual. You can't create a visual without a dataset. */ dataSetIdentifier: pulumi.Input; subtitle?: pulumi.Input; title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The ID of the visual. */ visualId: pulumi.Input; } interface DashboardLayoutArgs { /** * The configuration that determines what the type of layout for a sheet. */ configuration: pulumi.Input; } interface DashboardLayoutConfigurationArgs { /** * A free-form is optimized for a fixed width and has more control over the exact placement of layout elements. */ freeFormLayout?: pulumi.Input; /** * A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` . */ gridLayout?: pulumi.Input; /** * A section based layout organizes visuals into multiple sections and has customized header, footer and page break. */ sectionBasedLayout?: pulumi.Input; } interface DashboardLegendOptionsArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The positions for the legend. Choose one of the following options: * * - `AUTO` * - `RIGHT` * - `BOTTOM` * - `LEFT` */ position?: pulumi.Input; /** * The custom title for the legend. */ title?: pulumi.Input; valueFontConfiguration?: pulumi.Input; /** * Determines whether or not the legend is visible. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface DashboardLineChartAggregatedFieldWellsArgs { /** * The category field wells of a line chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The color field wells of a line chart. Values are grouped by category fields. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a line chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a line chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface DashboardLineChartConfigurationArgs { /** * The default configuration of a line chart's contribution analysis. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The data label configuration of a line chart. */ dataLabels?: pulumi.Input; /** * The options that determine the default presentation of all line series in `LineChartVisual` . */ defaultSeriesSettings?: pulumi.Input; /** * The field well configuration of a line chart. */ fieldWells?: pulumi.Input; /** * The forecast configuration of a line chart. */ forecastConfigurations?: pulumi.Input[]>; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a line chart. */ legend?: pulumi.Input; /** * The series axis configuration of a line chart. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference lines configuration of a line chart. */ referenceLines?: pulumi.Input[]>; /** * The series axis configuration of a line chart. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the secondary y-axis label. */ secondaryYAxisLabelOptions?: pulumi.Input; /** * The series item configuration of a line chart. */ series?: pulumi.Input[]>; singleAxisOptions?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a line chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a line chart. */ tooltip?: pulumi.Input; /** * Determines the type of the line chart. */ type?: pulumi.Input; /** * The visual palette configuration of a line chart. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; } interface DashboardLineChartDefaultSeriesSettingsArgs { /** * The axis to which you are binding all line series to. */ axisBinding?: pulumi.Input; /** * Line styles options for all line series in the visual. */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for all line series in the visual. */ markerStyleSettings?: pulumi.Input; } interface DashboardLineChartFieldWellsArgs { /** * The field well configuration of a line chart. */ lineChartAggregatedFieldWells?: pulumi.Input; } interface DashboardLineChartLineStyleSettingsArgs { /** * Interpolation style for line series. * * - `LINEAR` : Show as default, linear style. * - `SMOOTH` : Show as a smooth curve. * - `STEPPED` : Show steps in line. */ lineInterpolation?: pulumi.Input; /** * Line style for line series. * * - `SOLID` : Show as a solid line. * - `DOTTED` : Show as a dotted line. * - `DASHED` : Show as a dashed line. */ lineStyle?: pulumi.Input; /** * Configuration option that determines whether to show the line for the series. */ lineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ lineWidth?: pulumi.Input; } interface DashboardLineChartMarkerStyleSettingsArgs { /** * Color of marker in the series. */ markerColor?: pulumi.Input; /** * Shape option for markers in the series. * * - `CIRCLE` : Show marker as a circle. * - `TRIANGLE` : Show marker as a triangle. * - `SQUARE` : Show marker as a square. * - `DIAMOND` : Show marker as a diamond. * - `ROUNDED_SQUARE` : Show marker as a rounded square. */ markerShape?: pulumi.Input; /** * String based length that is composed of value and unit in px */ markerSize?: pulumi.Input; /** * Configuration option that determines whether to show the markers in the series. */ markerVisibility?: pulumi.Input; } interface DashboardLineChartSeriesSettingsArgs { /** * Line styles options for a line series in `LineChartVisual` . */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for a line series in `LineChartVisual` . */ markerStyleSettings?: pulumi.Input; } interface DashboardLineChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a line chart. */ categoryItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of lines that are displayed in a line chart. */ colorItemsLimitConfiguration?: pulumi.Input; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface DashboardLineChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a line chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardLineSeriesAxisDisplayOptionsArgs { /** * The options that determine the presentation of the line series axis. */ axisOptions?: pulumi.Input; /** * The configuration options that determine how missing data is treated during the rendering of a line chart. */ missingDataConfigurations?: pulumi.Input[]>; } interface DashboardLinkSharingConfigurationArgs { /** * A structure that contains the permissions of a shareable link. */ permissions?: pulumi.Input[]>; } interface DashboardListControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the search options in a list control. */ searchOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a list control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardListControlSearchOptionsArgs { /** * The visibility configuration of the search options in a list control. */ visibility?: pulumi.Input; } interface DashboardListControlSelectAllOptionsArgs { /** * The visibility configuration of the `Select all` options in a list control. */ visibility?: pulumi.Input; } interface DashboardLoadingAnimationArgs { /** * The visibility configuration of `LoadingAnimation` . */ visibility?: pulumi.Input; } interface DashboardLocalNavigationConfigurationArgs { /** * The sheet that is targeted for navigation in the same analysis. */ targetSheetId: pulumi.Input; } interface DashboardLongFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface DashboardMappedDataSetParameterArgs { /** * A unique name that identifies a dataset within the analysis or dashboard. */ dataSetIdentifier: pulumi.Input; /** * The name of the dataset parameter. */ dataSetParameterName: pulumi.Input; } interface DashboardMaximumLabelTypeArgs { /** * The visibility of the maximum label. */ visibility?: pulumi.Input; } interface DashboardMaximumMinimumComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The type of computation. Choose one of the following options: * * - MAXIMUM: A maximum computation. * - MINIMUM: A minimum computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardMeasureFieldArgs { /** * The calculated measure field only used in pivot tables. */ calculatedMeasureField?: pulumi.Input; /** * The measure type field with categorical type columns. */ categoricalMeasureField?: pulumi.Input; /** * The measure type field with date type columns. */ dateMeasureField?: pulumi.Input; /** * The measure type field with numerical type columns. */ numericalMeasureField?: pulumi.Input; } interface DashboardMetricComparisonComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The field that is used in a metric comparison from value setup. */ fromValue?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The field that is used in a metric comparison to value setup. */ targetValue?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; } interface DashboardMinimumLabelTypeArgs { /** * The visibility of the minimum label. */ visibility?: pulumi.Input; } interface DashboardMissingDataConfigurationArgs { /** * The treatment option that determines how missing data should be rendered. Choose from the following options: * * - `INTERPOLATE` : Interpolate missing values between the prior and the next known value. * - `SHOW_AS_ZERO` : Show missing values as the value `0` . * - `SHOW_AS_BLANK` : Display a blank space when rendering missing data. */ treatmentOption?: pulumi.Input; } interface DashboardNegativeValueConfigurationArgs { /** * Determines the display mode of the negative value configuration. */ displayMode: pulumi.Input; } interface DashboardNestedFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter. */ includeInnerSet: pulumi.Input; /** * The `InnerFilter` defines the subset of data to be used with the `NestedFilter` . */ innerFilter: pulumi.Input; } interface DashboardNullValueFormatConfigurationArgs { /** * Determines the null string of null values. */ nullString: pulumi.Input; } interface DashboardNumberDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value of the number format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the number format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the number format. */ suffix?: pulumi.Input; } interface DashboardNumberFormatConfigurationArgs { /** * The options that determine the numeric format configuration. */ formatConfiguration?: pulumi.Input; } interface DashboardNumericAxisOptionsArgs { /** * The range setup of a numeric axis. */ range?: pulumi.Input; /** * The scale setup of a numeric axis. */ scale?: pulumi.Input; } interface DashboardNumericEqualityDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The value of the double input numeric drill down filter. */ value: pulumi.Input; } interface DashboardNumericEqualityFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; /** * The input value. */ value?: pulumi.Input; } interface DashboardNumericFormatConfigurationArgs { /** * The options that determine the currency display format configuration. */ currencyDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the number display format configuration. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the percentage display format configuration. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface DashboardNumericRangeFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface DashboardNumericRangeFilterValueArgs { /** * The parameter that is used in the numeric range. */ parameter?: pulumi.Input; /** * The static value of the numeric range filter. */ staticValue?: pulumi.Input; } interface DashboardNumericSeparatorConfigurationArgs { /** * Determines the decimal separator. */ decimalSeparator?: pulumi.Input; /** * The options that determine the thousands separator configuration. */ thousandsSeparator?: pulumi.Input; } interface DashboardNumericalAggregationFunctionArgs { /** * An aggregation based on the percentile of values in a dimension or measure. */ percentileAggregation?: pulumi.Input; /** * Built-in aggregation functions for numerical values. * * - `SUM` : The sum of a dimension or measure. * - `AVERAGE` : The average of a dimension or measure. * - `MIN` : The minimum value of a dimension or measure. * - `MAX` : The maximum value of a dimension or measure. * - `COUNT` : The count of a dimension or measure. * - `DISTINCT_COUNT` : The count of distinct values in a dimension or measure. * - `VAR` : The variance of a dimension or measure. * - `VARP` : The partitioned variance of a dimension or measure. * - `STDEV` : The standard deviation of a dimension or measure. * - `STDEVP` : The partitioned standard deviation of a dimension or measure. * - `MEDIAN` : The median value of a dimension or measure. */ simpleNumericalAggregation?: pulumi.Input; } interface DashboardNumericalDimensionFieldArgs { /** * The column that is used in the `NumericalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface DashboardNumericalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `NumericalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface DashboardPaginationConfigurationArgs { /** * Indicates the page number. */ pageNumber: pulumi.Input; /** * Indicates how many items render in one page. */ pageSize: pulumi.Input; } interface DashboardPanelConfigurationArgs { /** * Sets the background color for each panel. */ backgroundColor?: pulumi.Input; /** * Determines whether or not a background for each small multiples panel is rendered. */ backgroundVisibility?: pulumi.Input; /** * Sets the line color of panel borders. */ borderColor?: pulumi.Input; /** * Sets the line style of panel borders. */ borderStyle?: pulumi.Input; /** * String based length that is composed of value and unit in px */ borderThickness?: pulumi.Input; /** * Determines whether or not each panel displays a border. */ borderVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ gutterSpacing?: pulumi.Input; /** * Determines whether or not negative space between sibling panels is rendered. */ gutterVisibility?: pulumi.Input; /** * Configures the title display within each small multiples panel. */ title?: pulumi.Input; } interface DashboardPanelTitleOptionsArgs { fontConfiguration?: pulumi.Input; /** * Sets the horizontal text alignment of the title within each panel. */ horizontalTextAlignment?: pulumi.Input; /** * Determines whether or not panel titles are displayed. */ visibility?: pulumi.Input; } interface DashboardParameterControlArgs { /** * A control from a date parameter that specifies date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list with buttons or boxes that are used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface DashboardParameterDateTimePickerControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDateTimePickerControl` . */ parameterControlId: pulumi.Input; /** * The name of the `ParameterDateTimePickerControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDateTimePickerControl` . */ title: pulumi.Input; } interface DashboardParameterDeclarationArgs { /** * A parameter declaration for the `DateTime` data type. */ dateTimeParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Decimal` data type. */ decimalParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ integerParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `String` data type. */ stringParameterDeclaration?: pulumi.Input; } interface DashboardParameterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `ParameterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDropDownControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterDropDownControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDropDownControl` . */ title: pulumi.Input; /** * The type parameter name of the `ParameterDropDownControl` . */ type?: pulumi.Input; } interface DashboardParameterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterListControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterListControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterListControl` . */ title: pulumi.Input; /** * The type of `ParameterListControl` . */ type?: pulumi.Input; } interface DashboardParameterSelectableValuesArgs { /** * The column identifier that fetches values from the data set. */ linkToDataSetColumn?: pulumi.Input; /** * The values that are used in `ParameterSelectableValues` . */ values?: pulumi.Input[]>; } interface DashboardParameterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The ID of the `ParameterSliderControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterSliderControl` . */ sourceParameterName: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `ParameterSliderControl` . */ title: pulumi.Input; } interface DashboardParameterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextAreaControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextAreaControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextAreaControl` . */ title: pulumi.Input; } interface DashboardParameterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextFieldControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextFieldControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextFieldControl` . */ title: pulumi.Input; } /** *

A list of Amazon QuickSight parameters and the list's override values.

*/ interface DashboardParametersArgs { /** *

The parameters that have a data type of date-time.

*/ dateTimeParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of decimal.

*/ decimalParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of integer.

*/ integerParameters?: pulumi.Input[]>; /** *

The parameters that have a data type of string.

*/ stringParameters?: pulumi.Input[]>; } interface DashboardPercentVisibleRangeArgs { /** * The lower bound of the range. */ from?: pulumi.Input; /** * The top bound of the range. */ to?: pulumi.Input; } interface DashboardPercentageDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the prefix value of the percentage format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the percentage format. */ suffix?: pulumi.Input; } interface DashboardPercentileAggregationArgs { /** * The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure. */ percentileValue?: pulumi.Input; } interface DashboardPeriodOverPeriodComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardPeriodToDateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time granularity setup of period to date computation. Choose from the following options: * * - YEAR: Year to date. * - MONTH: Month to date. */ periodTimeGranularity?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardPieChartAggregatedFieldWellsArgs { /** * The category (group/color) field wells of a pie chart. */ category?: pulumi.Input[]>; /** * The small multiples field well of a pie chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a pie chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface DashboardPieChartConfigurationArgs { /** * The label options of the group/color that is displayed in a pie chart. */ categoryLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart. */ donutOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a pie chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label options for the value that is displayed in a pie chart. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface DashboardPieChartFieldWellsArgs { /** * The field well configuration of a pie chart. */ pieChartAggregatedFieldWells?: pulumi.Input; } interface DashboardPieChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a pie chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface DashboardPieChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a pie chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardPivotFieldSortOptionsArgs { /** * The field ID for the field sort options. */ fieldId: pulumi.Input; /** * The sort by field for the field sort options. */ sortBy: pulumi.Input; } interface DashboardPivotTableAggregatedFieldWellsArgs { /** * The columns field well for a pivot table. Values are grouped by columns fields. */ columns?: pulumi.Input[]>; /** * The rows field well for a pivot table. Values are grouped by rows fields. */ rows?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on rows and columns fields. */ values?: pulumi.Input[]>; } interface DashboardPivotTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The scope of the cell for conditional formatting. */ scope?: pulumi.Input; /** * A list of cell scopes for conditional formatting. */ scopes?: pulumi.Input[]>; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface DashboardPivotTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface DashboardPivotTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a pivot table. */ cell?: pulumi.Input; } interface DashboardPivotTableConditionalFormattingScopeArgs { /** * The role (field, field total, grand total) of the cell for conditional formatting. */ role?: pulumi.Input; } interface DashboardPivotTableConfigurationArgs { /** * The field options for a pivot table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a pivot table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `PivotTableVisual` . */ sortConfiguration?: pulumi.Input; /** * The table options for a pivot table visual. */ tableOptions?: pulumi.Input; /** * The total options for a pivot table visual. */ totalOptions?: pulumi.Input; } interface DashboardPivotTableDataPathOptionArgs { /** * The list of data path values for the data path options. */ dataPathList: pulumi.Input[]>; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface DashboardPivotTableFieldCollapseStateOptionArgs { /** * The state of the field target of a pivot table. Choose one of the following options: * * - `COLLAPSED` * - `EXPANDED` */ state?: pulumi.Input; /** * A tagged-union object that sets the collapse state. */ target: pulumi.Input; } interface DashboardPivotTableFieldCollapseStateTargetArgs { /** * The data path of the pivot table's header. Used to set the collapse state. */ fieldDataPathValues?: pulumi.Input[]>; /** * The field ID of the pivot table that the collapse state needs to be set to. */ fieldId?: pulumi.Input; } interface DashboardPivotTableFieldOptionArgs { /** * The custom label of the pivot table field. */ customLabel?: pulumi.Input; /** * The field ID of the pivot table field. */ fieldId: pulumi.Input; /** * The visibility of the pivot table field. */ visibility?: pulumi.Input; } interface DashboardPivotTableFieldOptionsArgs { /** * The collapse state options for the pivot table field options. */ collapseStateOptions?: pulumi.Input[]>; /** * The data path options for the pivot table field options. */ dataPathOptions?: pulumi.Input[]>; /** * The selected field options for the pivot table field options. */ selectedFieldOptions?: pulumi.Input[]>; } interface DashboardPivotTableFieldSubtotalOptionsArgs { /** * The field ID of the subtotal options. */ fieldId?: pulumi.Input; } interface DashboardPivotTableFieldWellsArgs { /** * The aggregated field well for the pivot table. */ pivotTableAggregatedFieldWells?: pulumi.Input; } interface DashboardPivotTableOptionsArgs { /** * The table cell style of cells. */ cellStyle?: pulumi.Input; /** * The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` . */ collapsedRowDimensionsVisibility?: pulumi.Input; /** * The table cell style of the column header. */ columnHeaderStyle?: pulumi.Input; /** * The visibility of the column names. */ columnNamesVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ defaultCellWidth?: pulumi.Input; /** * The metric placement (row, column) options. */ metricPlacement?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors). */ rowAlternateColorOptions?: pulumi.Input; /** * The table cell style of row field names. */ rowFieldNamesStyle?: pulumi.Input; /** * The table cell style of the row headers. */ rowHeaderStyle?: pulumi.Input; /** * The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` . */ rowsLabelOptions?: pulumi.Input; /** * The layout for the row dimension headers of a pivot table. Choose one of the following options. * * - `TABULAR` : (Default) Each row field is displayed in a separate column. * - `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields. */ rowsLayout?: pulumi.Input; /** * The visibility of the single metric options. */ singleMetricVisibility?: pulumi.Input; /** * Determines the visibility of the pivot table. */ toggleButtonsVisibility?: pulumi.Input; } interface DashboardPivotTablePaginatedReportOptionsArgs { /** * The visibility of the repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of the printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface DashboardPivotTableRowsLabelOptionsArgs { /** * The custom label string for the rows label. */ customLabel?: pulumi.Input; /** * The visibility of the rows label. */ visibility?: pulumi.Input; } interface DashboardPivotTableSortByArgs { /** * The column sort (field id, direction) for the pivot table sort by options. */ column?: pulumi.Input; /** * The data path sort (data path value, direction) for the pivot table sort by options. */ dataPath?: pulumi.Input; /** * The field sort (field id, direction) for the pivot table sort by options. */ field?: pulumi.Input; } interface DashboardPivotTableSortConfigurationArgs { /** * The field sort options for a pivot table sort configuration. */ fieldSortOptions?: pulumi.Input[]>; } interface DashboardPivotTableTotalOptionsArgs { /** * The column subtotal options. */ columnSubtotalOptions?: pulumi.Input; /** * The column total options. */ columnTotalOptions?: pulumi.Input; /** * The row subtotal options. */ rowSubtotalOptions?: pulumi.Input; /** * The row total options. */ rowTotalOptions?: pulumi.Input; } interface DashboardPivotTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardPivotTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The cell styling options for the total of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation options for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * The cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the totals of value cells. */ valueCellStyle?: pulumi.Input; } interface DashboardPluginVisualArgs { /** * A description of the plugin field wells and their persisted properties. */ chartConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) that reflects the plugin and version. */ pluginArn: pulumi.Input; subtitle?: pulumi.Input; title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The ID of the visual that you want to use. */ visualId: pulumi.Input; } interface DashboardPluginVisualConfigurationArgs { /** * The field wells configuration of the plugin visual. */ fieldWells?: pulumi.Input[]>; /** * The sort configuration of the plugin visual. */ sortConfiguration?: pulumi.Input; /** * The persisted properties of the plugin visual. */ visualOptions?: pulumi.Input; } interface DashboardPluginVisualFieldWellArgs { /** * The semantic axis name for the field well. */ axisName?: pulumi.Input; /** * A list of dimensions for the field well. */ dimensions?: pulumi.Input[]>; /** * A list of measures that exist in the field well. */ measures?: pulumi.Input[]>; /** * A list of unaggregated fields that exist in the field well. */ unaggregated?: pulumi.Input[]>; } interface DashboardPluginVisualItemsLimitConfigurationArgs { /** * Determines how many values are be fetched at once. */ itemsLimit?: pulumi.Input; } interface DashboardPluginVisualOptionsArgs { /** * The persisted properties and their values. */ visualProperties?: pulumi.Input[]>; } interface DashboardPluginVisualPropertyArgs { /** * The name of the plugin visual property. */ name?: pulumi.Input; /** * The value of the plugin visual property. */ value?: pulumi.Input; } interface DashboardPluginVisualSortConfigurationArgs { /** * The table query sorting options for the plugin visual. */ pluginVisualTableQuerySort?: pulumi.Input; } interface DashboardPluginVisualTableQuerySortArgs { /** * The maximum amount of data to be returned by a query. */ itemsLimitConfiguration?: pulumi.Input; /** * Determines how data is sorted in the response. */ rowSort?: pulumi.Input[]>; } interface DashboardPredefinedHierarchyArgs { /** * The list of columns that define the predefined hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the predefined hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the predefined hierarchy. */ hierarchyId: pulumi.Input; } interface DashboardProgressBarOptionsArgs { /** * The visibility of the progress bar. */ visibility?: pulumi.Input; } /** *

Dashboard publish options.

*/ interface DashboardPublishOptionsArgs { /** * Ad hoc (one-time) filtering option. */ adHocFilteringOption?: pulumi.Input; /** * The drill-down options of data points in a dashboard. */ dataPointDrillUpDownOption?: pulumi.Input; /** * The data point menu label options of a dashboard. */ dataPointMenuLabelOption?: pulumi.Input; /** * The data point tool tip options of a dashboard. */ dataPointTooltipOption?: pulumi.Input; /** * Adds Q&A capabilities to an Quick Sight dashboard. If no topic is linked, Dashboard Q&A uses the data values that are rendered on the dashboard. End users can use Dashboard Q&A to ask for different slices of the data that they see on the dashboard. If a topic is linked, Topic Q&A is used. */ dataQaEnabledOption?: pulumi.Input; /** * Data stories sharing option. */ dataStoriesSharingOption?: pulumi.Input; /** * Executive summary option. */ executiveSummaryOption?: pulumi.Input; /** * Export to .csv option. */ exportToCsvOption?: pulumi.Input; /** * Determines if hidden fields are exported with a dashboard. */ exportWithHiddenFieldsOption?: pulumi.Input; /** * Determines if Actions in Amazon Quick Suite are enabled in a dashboard. */ quickSuiteActionsOption?: pulumi.Input; /** * Sheet controls option. */ sheetControlsOption?: pulumi.Input; /** * The sheet layout maximization options of a dashbaord. */ sheetLayoutElementMaximizationOption?: pulumi.Input; /** * The axis sort options of a dashboard. */ visualAxisSortOption?: pulumi.Input; /** * The menu options of a visual in a dashboard. */ visualMenuOption?: pulumi.Input; /** * The visual publish options of a visual in a dashboard. */ visualPublishOptions?: pulumi.Input; } interface DashboardQuickSuiteActionsOptionArgs { /** * Availability status. */ availabilityStatus?: pulumi.Input; } interface DashboardRadarChartAggregatedFieldWellsArgs { /** * The aggregated field well categories of a radar chart. */ category?: pulumi.Input[]>; /** * The color that are assigned to the aggregated field wells of a radar chart. */ color?: pulumi.Input[]>; /** * The values that are assigned to the aggregated field wells of a radar chart. */ values?: pulumi.Input[]>; } interface DashboardRadarChartAreaStyleSettingsArgs { /** * The visibility settings of a radar chart. */ visibility?: pulumi.Input; } interface DashboardRadarChartConfigurationArgs { /** * Determines the visibility of the colors of alternatign bands in a radar chart. */ alternateBandColorsVisibility?: pulumi.Input; /** * The color of the even-numbered alternate bands of a radar chart. */ alternateBandEvenColor?: pulumi.Input; /** * The color of the odd-numbered alternate bands of a radar chart. */ alternateBandOddColor?: pulumi.Input; /** * The axis behavior options of a radar chart. */ axesRangeScale?: pulumi.Input; /** * The base sreies settings of a radar chart. */ baseSeriesSettings?: pulumi.Input; /** * The category axis of a radar chart. */ categoryAxis?: pulumi.Input; /** * The category label options of a radar chart. */ categoryLabelOptions?: pulumi.Input; /** * The color axis of a radar chart. */ colorAxis?: pulumi.Input; /** * The color label options of a radar chart. */ colorLabelOptions?: pulumi.Input; /** * The field well configuration of a `RadarChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The shape of the radar chart. */ shape?: pulumi.Input; /** * The sort configuration of a `RadarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The start angle of a radar chart's axis. */ startAngle?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface DashboardRadarChartFieldWellsArgs { /** * The aggregated field wells of a radar chart visual. */ radarChartAggregatedFieldWells?: pulumi.Input; } interface DashboardRadarChartSeriesSettingsArgs { /** * The area style settings of a radar chart. */ areaStyleSettings?: pulumi.Input; } interface DashboardRadarChartSortConfigurationArgs { /** * The category items limit for a radar chart. */ categoryItemsLimit?: pulumi.Input; /** * The category sort options of a radar chart. */ categorySort?: pulumi.Input[]>; /** * The color items limit of a radar chart. */ colorItemsLimit?: pulumi.Input; /** * The color sort configuration of a radar chart. */ colorSort?: pulumi.Input[]>; } interface DashboardRadarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardRangeEndsLabelTypeArgs { /** * The visibility of the range ends label. */ visibility?: pulumi.Input; } interface DashboardReferenceLineArgs { /** * The data configuration of the reference line. */ dataConfiguration: pulumi.Input; /** * The label configuration of the reference line. */ labelConfiguration?: pulumi.Input; /** * The status of the reference line. Choose one of the following options: * * - `ENABLE` * - `DISABLE` */ status?: pulumi.Input; /** * The style configuration of the reference line. */ styleConfiguration?: pulumi.Input; } interface DashboardReferenceLineCustomLabelConfigurationArgs { /** * The string text of the custom label. */ customLabel: pulumi.Input; } interface DashboardReferenceLineDataConfigurationArgs { /** * The axis binding type of the reference line. Choose one of the following options: * * - `PrimaryY` * - `SecondaryY` */ axisBinding?: pulumi.Input; /** * The dynamic configuration of the reference line data configuration. */ dynamicConfiguration?: pulumi.Input; /** * The series type of the reference line data configuration. Choose one of the following options: * * - `BAR` * - `LINE` */ seriesType?: pulumi.Input; /** * The static data configuration of the reference line data configuration. */ staticConfiguration?: pulumi.Input; } interface DashboardReferenceLineDynamicDataConfigurationArgs { /** * The calculation that is used in the dynamic data. */ calculation: pulumi.Input; /** * The column that the dynamic data targets. */ column: pulumi.Input; /** * The aggregation function that is used in the dynamic data. */ measureAggregationFunction?: pulumi.Input; } interface DashboardReferenceLineLabelConfigurationArgs { /** * The custom label configuration of the label in a reference line. */ customLabelConfiguration?: pulumi.Input; /** * The font color configuration of the label in a reference line. */ fontColor?: pulumi.Input; /** * The font configuration of the label in a reference line. */ fontConfiguration?: pulumi.Input; /** * The horizontal position configuration of the label in a reference line. Choose one of the following options: * * - `LEFT` * - `CENTER` * - `RIGHT` */ horizontalPosition?: pulumi.Input; /** * The value label configuration of the label in a reference line. */ valueLabelConfiguration?: pulumi.Input; /** * The vertical position configuration of the label in a reference line. Choose one of the following options: * * - `ABOVE` * - `BELOW` */ verticalPosition?: pulumi.Input; } interface DashboardReferenceLineStaticDataConfigurationArgs { /** * The double input of the static data. */ value: pulumi.Input; } interface DashboardReferenceLineStyleConfigurationArgs { /** * The hex color of the reference line. */ color?: pulumi.Input; /** * The pattern type of the line style. Choose one of the following options: * * - `SOLID` * - `DASHED` * - `DOTTED` */ pattern?: pulumi.Input; } interface DashboardReferenceLineValueLabelConfigurationArgs { /** * The format configuration of the value label. */ formatConfiguration?: pulumi.Input; /** * The relative position of the value label. Choose one of the following options: * * - `BEFORE_CUSTOM_LABEL` * - `AFTER_CUSTOM_LABEL` */ relativePosition?: pulumi.Input; } interface DashboardRelativeDateTimeControlDisplayOptionsArgs { /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardRelativeDatesFilterArgs { /** * The date configuration of the filter. */ anchorDateConfiguration: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The configuration for the exclude period of the filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The minimum granularity (period granularity) of the relative dates filter. */ minimumGranularity?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The range date type of the filter. Choose one of the options below: * * - `PREVIOUS` * - `THIS` * - `LAST` * - `NOW` * - `NEXT` */ relativeDateType: pulumi.Input; /** * The date value of the filter. */ relativeDateValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } /** *

Permission for the resource.

*/ interface DashboardResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface DashboardRollingDateConfigurationArgs { /** * The data set that is used in the rolling date configuration. */ dataSetIdentifier?: pulumi.Input; /** * The expression of the rolling date configuration. */ expression: pulumi.Input; } interface DashboardRowAlternateColorOptionsArgs { /** * Determines the list of row alternate colors. */ rowAlternateColors?: pulumi.Input[]>; /** * Determines the widget status. */ status?: pulumi.Input; /** * The primary background color options for alternate rows. */ usePrimaryBackgroundColor?: pulumi.Input; } interface DashboardSameSheetTargetVisualConfigurationArgs { /** * The options that choose the target visual in the same sheet. * * Valid values are defined as follows: * * - `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet. */ targetVisualOptions?: pulumi.Input; /** * A list of the target visual IDs that are located in the same sheet of the analysis. */ targetVisuals?: pulumi.Input[]>; } interface DashboardSankeyDiagramAggregatedFieldWellsArgs { /** * The destination field wells of a sankey diagram. */ destination?: pulumi.Input[]>; /** * The source field wells of a sankey diagram. */ source?: pulumi.Input[]>; /** * The weight field wells of a sankey diagram. */ weight?: pulumi.Input[]>; } interface DashboardSankeyDiagramChartConfigurationArgs { /** * The data label configuration of a sankey diagram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a sankey diagram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a sankey diagram. */ sortConfiguration?: pulumi.Input; } interface DashboardSankeyDiagramFieldWellsArgs { /** * The field well configuration of a sankey diagram. */ sankeyDiagramAggregatedFieldWells?: pulumi.Input; } interface DashboardSankeyDiagramSortConfigurationArgs { /** * The limit on the number of destination nodes that are displayed in a sankey diagram. */ destinationItemsLimit?: pulumi.Input; /** * The limit on the number of source nodes that are displayed in a sankey diagram. */ sourceItemsLimit?: pulumi.Input; /** * The sort configuration of the weight fields. */ weightSort?: pulumi.Input[]>; } interface DashboardSankeyDiagramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a sankey diagram. */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardScatterPlotCategoricallyAggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is aggregated by category. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is aggregated by category. */ yAxis?: pulumi.Input[]>; } interface DashboardScatterPlotConfigurationArgs { /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The sort configuration of a scatter plot. */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis. */ xAxisLabelOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis. */ yAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis. */ yAxisLabelOptions?: pulumi.Input; } interface DashboardScatterPlotFieldWellsArgs { /** * The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both. */ scatterPlotCategoricallyAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated. */ scatterPlotUnaggregatedFieldWells?: pulumi.Input; } interface DashboardScatterPlotSortConfigurationArgs { scatterPlotLimitConfiguration?: pulumi.Input; } interface DashboardScatterPlotUnaggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is a dimension field and cannot be aggregated. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is a dimension field and cannot be aggregated. */ yAxis?: pulumi.Input[]>; } interface DashboardScatterPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardScrollBarOptionsArgs { /** * The visibility of the data zoom scroll bar. */ visibility?: pulumi.Input; /** * The visibility range for the data zoom scroll bar. */ visibleRange?: pulumi.Input; } interface DashboardSecondaryValueOptionsArgs { /** * Determines the visibility of the secondary value. */ visibility?: pulumi.Input; } interface DashboardSectionAfterPageBreakArgs { /** * The option that enables or disables a page break at the end of a section. */ status?: pulumi.Input; } interface DashboardSectionBasedLayoutCanvasSizeOptionsArgs { /** * The options for a paper canvas of a section-based layout. */ paperCanvasSizeOptions?: pulumi.Input; } interface DashboardSectionBasedLayoutConfigurationArgs { /** * A list of body section configurations. */ bodySections: pulumi.Input[]>; /** * The options for the canvas of a section-based layout. */ canvasSizeOptions: pulumi.Input; /** * A list of footer section configurations. */ footerSections: pulumi.Input[]>; /** * A list of header section configurations. */ headerSections: pulumi.Input[]>; } interface DashboardSectionBasedLayoutPaperCanvasSizeOptionsArgs { /** * Defines the spacing between the canvas content and the top, bottom, left, and right edges. */ paperMargin?: pulumi.Input; /** * The paper orientation that is used to define canvas dimensions. Choose one of the following options: * * - PORTRAIT * - LANDSCAPE */ paperOrientation?: pulumi.Input; /** * The paper size that is used to define canvas dimensions. */ paperSize?: pulumi.Input; } interface DashboardSectionLayoutConfigurationArgs { /** * The free-form layout configuration of a section. */ freeFormLayout: pulumi.Input; } interface DashboardSectionPageBreakConfigurationArgs { /** * The configuration of a page break after a section. */ after?: pulumi.Input; } interface DashboardSectionStyleArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The spacing between section content and its top, bottom, left, and right edges. * * There is no padding by default. */ padding?: pulumi.Input; } interface DashboardSelectedSheetsFilterScopeConfigurationArgs { /** * The sheet ID and visual IDs of the sheet and visuals that the filter is applied to. */ sheetVisualScopingConfigurations?: pulumi.Input[]>; } interface DashboardSeriesItemArgs { /** * The data field series item configuration of a line chart. */ dataFieldSeriesItem?: pulumi.Input; /** * The field series item configuration of a line chart. */ fieldSeriesItem?: pulumi.Input; } interface DashboardSetParameterValueConfigurationArgs { /** * The destination parameter name of the `SetParameterValueConfiguration` . */ destinationParameterName: pulumi.Input; value: pulumi.Input; } interface DashboardShapeConditionalFormatArgs { /** * The conditional formatting for the shape background color of a filled map visual. */ backgroundColor: pulumi.Input; } interface DashboardSheetControlInfoIconLabelOptionsArgs { /** * The text content of info icon. */ infoIconText?: pulumi.Input; /** * The visibility configuration of info icon label options. */ visibility?: pulumi.Input; } interface DashboardSheetControlLayoutArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ configuration: pulumi.Input; } interface DashboardSheetControlLayoutConfigurationArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ gridLayout?: pulumi.Input; } /** *

Sheet controls option.

*/ interface DashboardSheetControlsOptionArgs { /** * Visibility state. */ visibilityState?: pulumi.Input; } interface DashboardSheetDefinitionArgs { /** * The layout content type of the sheet. Choose one of the following options: * * - `PAGINATED` : Creates a sheet for a paginated report. * - `INTERACTIVE` : Creates a sheet for an interactive dashboard. */ contentType?: pulumi.Input; /** * A description of the sheet. */ description?: pulumi.Input; /** * The list of filter controls that are on a sheet. * * For more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon Quick Suite User Guide* . */ filterControls?: pulumi.Input[]>; /** * A list of images on a sheet. */ images?: pulumi.Input[]>; /** * Layouts define how the components of a sheet are arranged. * * For more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon Quick Suite User Guide* . */ layouts?: pulumi.Input[]>; /** * The name of the sheet. This name is displayed on the sheet's tab in the Quick Suite console. */ name?: pulumi.Input; /** * The list of parameter controls that are on a sheet. * * For more information, see [Using a Control with a Parameter in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon Quick Suite User Guide* . */ parameterControls?: pulumi.Input[]>; /** * The control layouts of the sheet. */ sheetControlLayouts?: pulumi.Input[]>; /** * The unique identifier of a sheet. */ sheetId: pulumi.Input; /** * The text boxes that are on a sheet. */ textBoxes?: pulumi.Input[]>; /** * The title of the sheet. */ title?: pulumi.Input; /** * A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet. */ visuals?: pulumi.Input[]>; } interface DashboardSheetElementConfigurationOverridesArgs { /** * Determines whether or not the overrides are visible. Choose one of the following options: * * - `VISIBLE` * - `HIDDEN` */ visibility?: pulumi.Input; } interface DashboardSheetElementRenderingRuleArgs { /** * The override configuration of the rendering rules of a sheet. */ configurationOverrides: pulumi.Input; /** * The expression of the rendering rules of a sheet. */ expression: pulumi.Input; } interface DashboardSheetImageArgs { /** * A list of custom actions that are configured for an image. */ actions?: pulumi.Input[]>; /** * The alt text for the image. */ imageContentAltText?: pulumi.Input; /** * The general image interactions setup for an image. */ interactions?: pulumi.Input; /** * Determines how the image is scaled. */ scaling?: pulumi.Input; /** * The ID of the sheet image. */ sheetImageId: pulumi.Input; /** * The source of the image. */ source: pulumi.Input; /** * The tooltip to be shown when hovering over the image. */ tooltip?: pulumi.Input; } interface DashboardSheetImageScalingConfigurationArgs { /** * The scaling option to use when fitting the image inside the container. * * Valid values are defined as follows: * * - `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved. * - `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved. * - `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved. * - `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container. */ scalingType?: pulumi.Input; } interface DashboardSheetImageSourceArgs { /** * The source of the static file that contains the image. */ sheetImageStaticFileSource?: pulumi.Input; } interface DashboardSheetImageStaticFileSourceArgs { /** * The ID of the static file that contains the image. */ staticFileId: pulumi.Input; } interface DashboardSheetImageTooltipConfigurationArgs { /** * The text that appears in the tooltip. */ tooltipText?: pulumi.Input; /** * The visibility of the tooltip. */ visibility?: pulumi.Input; } interface DashboardSheetImageTooltipTextArgs { /** * The plain text format. */ plainText?: pulumi.Input; } /** *

The sheet layout maximization options of a dashbaord.

*/ interface DashboardSheetLayoutElementMaximizationOptionArgs { /** * The status of the sheet layout maximization options of a dashbaord. */ availabilityStatus?: pulumi.Input; } interface DashboardSheetTextBoxArgs { /** * The content that is displayed in the text box. */ content?: pulumi.Input; /** * The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers. */ sheetTextBoxId: pulumi.Input; } interface DashboardSheetVisualScopingConfigurationArgs { /** * The scope of the applied entities. Choose one of the following options: * * - `ALL_VISUALS` * - `SELECTED_VISUALS` */ scope: pulumi.Input; /** * The selected sheet that the filter is applied to. */ sheetId: pulumi.Input; /** * The selected visuals that the filter is applied to. */ visualIds?: pulumi.Input[]>; } interface DashboardShortFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface DashboardSimpleClusterMarkerArgs { /** * The color of the simple cluster marker. */ color?: pulumi.Input; } interface DashboardSingleAxisOptionsArgs { /** * The Y axis options of a single axis configuration. */ yAxisOptions?: pulumi.Input; } interface DashboardSliderControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardSmallMultiplesAxisPropertiesArgs { /** * Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels. */ placement?: pulumi.Input; /** * Determines whether scale of the axes are shared or independent. The default value is `SHARED` . */ scale?: pulumi.Input; } interface DashboardSmallMultiplesOptionsArgs { /** * Sets the maximum number of visible columns to display in the grid of small multiples panels. * * The default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart. */ maxVisibleColumns?: pulumi.Input; /** * Sets the maximum number of visible rows to display in the grid of small multiples panels. * * The default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart. */ maxVisibleRows?: pulumi.Input; /** * Configures the display options for each small multiples panel. */ panelConfiguration?: pulumi.Input; /** * The properties of a small multiples X axis. */ xAxis?: pulumi.Input; /** * The properties of a small multiples Y axis. */ yAxis?: pulumi.Input; } /** *

Dashboard source entity.

*/ interface DashboardSourceEntityArgs { /** * Source template. */ sourceTemplate?: pulumi.Input; } /** *

Dashboard source template.

*/ interface DashboardSourceTemplateArgs { /** *

The Amazon Resource Name (ARN) of the resource.

*/ arn: pulumi.Input; /** *

Dataset references.

*/ dataSetReferences: pulumi.Input[]>; } interface DashboardSpacingArgs { /** * String based length that is composed of value and unit */ bottom?: pulumi.Input; /** * String based length that is composed of value and unit */ left?: pulumi.Input; /** * String based length that is composed of value and unit */ right?: pulumi.Input; /** * String based length that is composed of value and unit */ top?: pulumi.Input; } interface DashboardSpatialStaticFileArgs { /** * The source of the spatial static file. */ source?: pulumi.Input; /** * The ID of the spatial static file. */ staticFileId: pulumi.Input; } interface DashboardStaticFileArgs { /** * The image static file. */ imageStaticFile?: pulumi.Input; /** * The spacial static file. */ spatialStaticFile?: pulumi.Input; } interface DashboardStaticFileS3SourceOptionsArgs { /** * The name of the Amazon S3 bucket. */ bucketName: pulumi.Input; /** * The identifier of the static file in the Amazon S3 bucket. */ objectKey: pulumi.Input; /** * The Region of the Amazon S3 account that contains the bucket. */ region: pulumi.Input; } interface DashboardStaticFileSourceArgs { /** * The structure that contains the Amazon S3 location to download the static file from. */ s3Options?: pulumi.Input; /** * The structure that contains the URL to download the static file from. */ urlOptions?: pulumi.Input; } interface DashboardStaticFileUrlSourceOptionsArgs { /** * The URL to download the static file from. */ url: pulumi.Input; } interface DashboardStringDefaultValuesArgs { /** * The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface DashboardStringFormatConfigurationArgs { /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric strings. */ numericFormatConfiguration?: pulumi.Input; } /** *

A string parameter.

*/ interface DashboardStringParameterArgs { /** *

A display name for a string parameter.

*/ name: pulumi.Input; /** *

The values of a string parameter.

*/ values: pulumi.Input[]>; } interface DashboardStringParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `String` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface DashboardStringValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface DashboardSubtotalOptionsArgs { /** * The custom label string for the subtotal cells. */ customLabel?: pulumi.Input; /** * The field level (all, custom, last) for the subtotal cells. */ fieldLevel?: pulumi.Input; /** * The optional configuration of subtotal cells. */ fieldLevelOptions?: pulumi.Input[]>; /** * The cell styling options for the subtotals of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The style targets options for subtotals. */ styleTargets?: pulumi.Input[]>; /** * The cell styling options for the subtotal cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the subtotal cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the subtotals of value cells. */ valueCellStyle?: pulumi.Input; } interface DashboardTableAggregatedFieldWellsArgs { /** * The group by field well for a pivot table. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface DashboardTableBorderOptionsArgs { /** * The color of a table border. */ color?: pulumi.Input; /** * The style (none, solid) of a table border. */ style?: pulumi.Input; /** * The thickness of a table border. */ thickness?: pulumi.Input; } interface DashboardTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface DashboardTableCellImageSizingConfigurationArgs { /** * The cell scaling configuration of the sizing options for the table image configuration. */ tableCellImageScalingConfiguration?: pulumi.Input; } interface DashboardTableCellStyleArgs { /** * The background color for the table cells. */ backgroundColor?: pulumi.Input; /** * The borders for the table cells. */ border?: pulumi.Input; /** * The font configuration of the table cells. */ fontConfiguration?: pulumi.Input; /** * The height color for the table cells. */ height?: pulumi.Input; /** * The horizontal text alignment (left, center, right, auto) for the table cells. */ horizontalTextAlignment?: pulumi.Input; /** * The text wrap (none, wrap) for the table cells. */ textWrap?: pulumi.Input; /** * The vertical text alignment (top, middle, bottom) for the table cells. */ verticalTextAlignment?: pulumi.Input; /** * The visibility of the table cells. */ visibility?: pulumi.Input; } interface DashboardTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface DashboardTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a table. */ cell?: pulumi.Input; /** * The row conditional formatting option for a table. */ row?: pulumi.Input; } interface DashboardTableConfigurationArgs { /** * The field options for a table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `TableVisual` . */ sortConfiguration?: pulumi.Input; /** * A collection of inline visualizations to display within a chart. */ tableInlineVisualizations?: pulumi.Input[]>; /** * The table options for a table visual. */ tableOptions?: pulumi.Input; /** * The total options for a table visual. */ totalOptions?: pulumi.Input; } interface DashboardTableFieldCustomIconContentArgs { /** * The icon set type (link) of the custom icon content for table URL link content. */ icon?: pulumi.Input; } interface DashboardTableFieldCustomTextContentArgs { /** * The font configuration of the custom text content for the table URL link content. */ fontConfiguration: pulumi.Input; /** * The string value of the custom text content for the table URL link content. */ value?: pulumi.Input; } interface DashboardTableFieldImageConfigurationArgs { /** * The sizing options for the table image configuration. */ sizingOptions?: pulumi.Input; } interface DashboardTableFieldLinkConfigurationArgs { /** * The URL content (text, icon) for the table link configuration. */ content: pulumi.Input; /** * The URL target (new tab, new window, same tab) for the table link configuration. */ target: pulumi.Input; } interface DashboardTableFieldLinkContentConfigurationArgs { /** * The custom icon content for the table link content configuration. */ customIconContent?: pulumi.Input; /** * The custom text content (value, font configuration) for the table link content configuration. */ customTextContent?: pulumi.Input; } interface DashboardTableFieldOptionArgs { /** * The custom label for a table field. */ customLabel?: pulumi.Input; /** * The field ID for a table field. */ fieldId: pulumi.Input; /** * The URL configuration for a table field. */ urlStyling?: pulumi.Input; /** * The visibility of a table field. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface DashboardTableFieldOptionsArgs { /** * The order of the field IDs that are configured as field options for a table visual. */ order?: pulumi.Input[]>; /** * The settings for the pinned columns of a table visual. */ pinnedFieldOptions?: pulumi.Input; /** * The field options to be configured to a table. */ selectedFieldOptions?: pulumi.Input[]>; /** * The `TableOptions` of a transposed table. */ transposedTableOptions?: pulumi.Input[]>; } interface DashboardTableFieldUrlConfigurationArgs { /** * The image configuration of a table field URL. */ imageConfiguration?: pulumi.Input; /** * The link configuration of a table field URL. */ linkConfiguration?: pulumi.Input; } interface DashboardTableFieldWellsArgs { /** * The aggregated field well for the table. */ tableAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field well for the table. */ tableUnaggregatedFieldWells?: pulumi.Input; } interface DashboardTableInlineVisualizationArgs { /** * The configuration of the inline visualization of the data bars within a chart. */ dataBars?: pulumi.Input; } interface DashboardTableOptionsArgs { /** * The table cell style of table cells. */ cellStyle?: pulumi.Input; /** * The table cell style of a table header. */ headerStyle?: pulumi.Input; /** * The orientation (vertical, horizontal) for a table. */ orientation?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors) for a table. */ rowAlternateColorOptions?: pulumi.Input; } interface DashboardTablePaginatedReportOptionsArgs { /** * The visibility of repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface DashboardTablePinnedFieldOptionsArgs { /** * A list of columns to be pinned to the left of a table visual. */ pinnedLeftFields?: pulumi.Input[]>; } interface DashboardTableRowConditionalFormattingArgs { /** * The conditional formatting color (solid, gradient) of the background for a table row. */ backgroundColor?: pulumi.Input; /** * The conditional formatting color (solid, gradient) of the text for a table row. */ textColor?: pulumi.Input; } interface DashboardTableSideBorderOptionsArgs { /** * The table border options of the bottom border. */ bottom?: pulumi.Input; /** * The table border options of the inner horizontal border. */ innerHorizontal?: pulumi.Input; /** * The table border options of the inner vertical border. */ innerVertical?: pulumi.Input; /** * The table border options of the left border. */ left?: pulumi.Input; /** * The table border options of the right border. */ right?: pulumi.Input; /** * The table border options of the top border. */ top?: pulumi.Input; } interface DashboardTableSortConfigurationArgs { /** * The pagination configuration (page size, page number) for the table. */ paginationConfiguration?: pulumi.Input; /** * The field sort options for rows in the table. */ rowSort?: pulumi.Input[]>; } interface DashboardTableStyleTargetArgs { /** * The cell type of the table style target. */ cellType: pulumi.Input; } interface DashboardTableUnaggregatedFieldWellsArgs { /** * The values field well for a pivot table. Values are unaggregated for an unaggregated table. */ values?: pulumi.Input[]>; } interface DashboardTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardTextAreaControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text area control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardTextConditionalFormatArgs { /** * The conditional formatting for the text background color. */ backgroundColor?: pulumi.Input; /** * The conditional formatting for the icon. */ icon?: pulumi.Input; /** * The conditional formatting for the text color. */ textColor?: pulumi.Input; } interface DashboardTextControlPlaceholderOptionsArgs { /** * The visibility configuration of the placeholder options in a text control. */ visibility?: pulumi.Input; } interface DashboardTextFieldControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text field control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface DashboardThousandSeparatorOptionsArgs { /** * Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores. */ groupingStyle?: pulumi.Input; /** * Determines the thousands separator symbol. */ symbol?: pulumi.Input; /** * Determines the visibility of the thousands separator. */ visibility?: pulumi.Input; } interface DashboardTimeBasedForecastPropertiesArgs { /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `NULL` : The input is set to `NULL` . * - `NON_NULL` : The input is set to a custom value. */ seasonality?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; } interface DashboardTimeEqualityFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `Value` and `RollingDate` . */ parameterName?: pulumi.Input; /** * The rolling date input for the `TimeEquality` filter. * * This field is mutually exclusive to `Value` and `ParameterName` . */ rollingDate?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The value of a `TimeEquality` filter. * * This field is mutually exclusive to `RollingDate` and `ParameterName` . */ value?: pulumi.Input; } interface DashboardTimeRangeDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } interface DashboardTimeRangeFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The exclude period of the time range filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximumValue?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimumValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface DashboardTimeRangeFilterValueArgs { /** * The parameter type input value. */ parameter?: pulumi.Input; /** * The rolling date input value. */ rollingDate?: pulumi.Input; /** * The static input value. */ staticValue?: pulumi.Input; } interface DashboardTooltipItemArgs { /** * The tooltip item for the columns that are not part of a field well. */ columnTooltipItem?: pulumi.Input; /** * The tooltip item for the fields. */ fieldTooltipItem?: pulumi.Input; } interface DashboardTooltipOptionsArgs { /** * The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type. */ fieldBasedTooltip?: pulumi.Input; /** * The selected type for the tooltip. Choose one of the following options: * * - `BASIC` : A basic tooltip. * - `DETAILED` : A detailed tooltip. */ selectedTooltipType?: pulumi.Input; /** * Determines whether or not the tooltip is visible. */ tooltipVisibility?: pulumi.Input; } interface DashboardTopBottomFilterArgs { /** * The aggregation and sort configuration of the top bottom filter. */ aggregationSortConfigurations: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The number of items to include in the top bottom filter results. */ limit?: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface DashboardTopBottomMoversComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The mover size setup of the top and bottom movers computation. */ moverSize?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The sort order setup of the top and bottom movers computation. */ sortOrder?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The computation type. Choose from the following options: * * - TOP: Top movers computation. * - BOTTOM: Bottom movers computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardTopBottomRankedComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The result size of a top and bottom ranked computation. */ resultSize?: pulumi.Input; /** * The computation type. Choose one of the following options: * * - TOP: A top ranked computation. * - BOTTOM: A bottom ranked computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardTotalAggregationComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface DashboardTotalAggregationFunctionArgs { /** * A built in aggregation function for total values. */ simpleTotalAggregationFunction?: pulumi.Input; } interface DashboardTotalAggregationOptionArgs { /** * The field id that's associated with the total aggregation option. */ fieldId: pulumi.Input; /** * The total aggregation function that you want to set for a specified field id. */ totalAggregationFunction: pulumi.Input; } interface DashboardTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation settings for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * Cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; } interface DashboardTransposedTableOptionArgs { /** * The index of a columns in a transposed table. The index range is 0-9999. */ columnIndex?: pulumi.Input; /** * The column type of the column in a transposed table. Choose one of the following options: * * - `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table. * - `VALUE_COLUMN` : Refers to all value columns in the transposed table. */ columnType: pulumi.Input; /** * String based length that is composed of value and unit in px */ columnWidth?: pulumi.Input; } interface DashboardTreeMapAggregatedFieldWellsArgs { /** * The color field well of a tree map. Values are grouped by aggregations based on group by fields. */ colors?: pulumi.Input[]>; /** * The group by field well of a tree map. Values are grouped based on group by fields. */ groups?: pulumi.Input[]>; /** * The size field well of a tree map. Values are aggregated based on group by fields. */ sizes?: pulumi.Input[]>; } interface DashboardTreeMapConfigurationArgs { /** * The label options (label text, label visibility) for the colors displayed in a tree map. */ colorLabelOptions?: pulumi.Input; /** * The color options (gradient color, point of divergence) of a tree map. */ colorScale?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The label options (label text, label visibility) of the groups that are displayed in a tree map. */ groupLabelOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options (label text, label visibility) of the sizes that are displayed in a tree map. */ sizeLabelOptions?: pulumi.Input; /** * The sort configuration of a tree map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface DashboardTreeMapFieldWellsArgs { /** * The aggregated field wells of a tree map. */ treeMapAggregatedFieldWells?: pulumi.Input; } interface DashboardTreeMapSortConfigurationArgs { /** * The limit on the number of groups that are displayed. */ treeMapGroupItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of group by fields. */ treeMapSort?: pulumi.Input[]>; } interface DashboardTreeMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardTrendArrowOptionsArgs { /** * The visibility of the trend arrows. */ visibility?: pulumi.Input; } interface DashboardUnaggregatedFieldArgs { /** * The column that is used in the `UnaggregatedField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface DashboardUniqueValuesComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; } /** *

The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to LENIENT, validation is skipped for specific errors.

*/ interface DashboardValidationStrategyArgs { /** * The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors. */ mode: pulumi.Input; } interface DashboardVersionDefinitionArgs { analysisDefaults?: pulumi.Input; /** * An array of calculated field definitions for the dashboard. */ calculatedFields?: pulumi.Input[]>; /** * An array of dashboard-level column configurations. Column configurations are used to set the default formatting for a column that is used throughout a dashboard. */ columnConfigurations?: pulumi.Input[]>; /** * An array of dataset identifier declarations. With this mapping,you can use dataset identifiers instead of dataset Amazon Resource Names (ARNs) throughout the dashboard's sub-structures. */ dataSetIdentifierDeclarations: pulumi.Input[]>; /** * The filter definitions for a dashboard. * * For more information, see [Filtering Data in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/adding-a-filter.html) in the *Amazon Quick Suite User Guide* . */ filterGroups?: pulumi.Input[]>; /** * An array of option definitions for a dashboard. */ options?: pulumi.Input; /** * The parameter declarations for a dashboard. Parameters are named variables that can transfer a value for use by an action or an object. * * For more information, see [Parameters in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon Quick Suite User Guide* . */ parameterDeclarations?: pulumi.Input[]>; /** * An array of sheet definitions for a dashboard. */ sheets?: pulumi.Input[]>; /** * The static files for the definition. */ staticFiles?: pulumi.Input[]>; } interface DashboardVisibleRangeOptionsArgs { /** * The percent range in the visible range. */ percentRange?: pulumi.Input; } interface DashboardVisualArgs { /** * A bar chart. * * For more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon Quick Suite User Guide* . */ barChartVisual?: pulumi.Input; /** * A box plot. * * For more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon Quick Suite User Guide* . */ boxPlotVisual?: pulumi.Input; /** * A combo chart. * * For more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon Quick Suite User Guide* . */ comboChartVisual?: pulumi.Input; /** * A visual that contains custom content. * * For more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon Quick Suite User Guide* . */ customContentVisual?: pulumi.Input; /** * An empty visual. */ emptyVisual?: pulumi.Input; /** * A filled map. * * For more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon Quick Suite User Guide* . */ filledMapVisual?: pulumi.Input; /** * A funnel chart. * * For more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon Quick Suite User Guide* . */ funnelChartVisual?: pulumi.Input; /** * A gauge chart. * * For more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon Quick Suite User Guide* . */ gaugeChartVisual?: pulumi.Input; /** * A geospatial map or a points on map visual. * * For more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon Quick Suite User Guide* . */ geospatialMapVisual?: pulumi.Input; /** * A heat map. * * For more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon Quick Suite User Guide* . */ heatMapVisual?: pulumi.Input; /** * A histogram. * * For more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon Quick Suite User Guide* . */ histogramVisual?: pulumi.Input; /** * An insight visual. * * For more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon Quick Suite User Guide* . */ insightVisual?: pulumi.Input; /** * A key performance indicator (KPI). * * For more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon Quick Suite User Guide* . */ kpiVisual?: pulumi.Input; /** * The properties for a layer map visual */ layerMapVisual?: pulumi.Input; /** * A line chart. * * For more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon Quick Suite User Guide* . */ lineChartVisual?: pulumi.Input; /** * A pie or donut chart. * * For more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon Quick Suite User Guide* . */ pieChartVisual?: pulumi.Input; /** * A pivot table. * * For more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon Quick Suite User Guide* . */ pivotTableVisual?: pulumi.Input; /** * The custom plugin visual type. */ pluginVisual?: pulumi.Input; /** * A radar chart visual. * * For more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon Quick Suite User Guide* . */ radarChartVisual?: pulumi.Input; /** * A sankey diagram. * * For more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon Quick Suite User Guide* . */ sankeyDiagramVisual?: pulumi.Input; /** * A scatter plot. * * For more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon Quick Suite User Guide* . */ scatterPlotVisual?: pulumi.Input; /** * A table visual. * * For more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon Quick Suite User Guide* . */ tableVisual?: pulumi.Input; /** * A tree map. * * For more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon Quick Suite User Guide* . */ treeMapVisual?: pulumi.Input; /** * A waterfall chart. * * For more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon Quick Suite User Guide* . */ waterfallVisual?: pulumi.Input; /** * A word cloud. * * For more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon Quick Suite User Guide* . */ wordCloudVisual?: pulumi.Input; } interface DashboardVisualAxisSortOptionArgs { /** * The availaiblity status of a visual's axis sort options. */ availabilityStatus?: pulumi.Input; } interface DashboardVisualCustomActionArgs { /** * A list of `VisualCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the `VisualCustomAction` . */ customActionId: pulumi.Input; /** * The name of the `VisualCustomAction` . */ name: pulumi.Input; /** * The status of the `VisualCustomAction` . */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point. * - `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface DashboardVisualCustomActionOperationArgs { /** * The filter operation that filters data included in a visual or in an entire sheet. */ filterOperation?: pulumi.Input; /** * The navigation operation that navigates between different sheets in the same analysis. */ navigationOperation?: pulumi.Input; /** * The set parameter operation that sets parameters in custom action. */ setParametersOperation?: pulumi.Input; /** * The URL operation that opens a link to another webpage. */ urlOperation?: pulumi.Input; } interface DashboardVisualInteractionOptionsArgs { /** * The context menu options for a visual. */ contextMenuOption?: pulumi.Input; /** * The on-visual menu options for a visual. */ visualMenuOption?: pulumi.Input; } interface DashboardVisualMenuOptionArgs { /** * The availaiblity status of a visual's menu options. */ availabilityStatus?: pulumi.Input; } interface DashboardVisualPaletteArgs { /** * The chart color options for the visual palette. */ chartColor?: pulumi.Input; /** * The color map options for the visual palette. */ colorMap?: pulumi.Input[]>; } /** *

The visual publish options of a visual in a dashboard

*/ interface DashboardVisualPublishOptionsArgs { /** * Determines if hidden fields are included in an exported dashboard. */ exportHiddenFieldsOption?: pulumi.Input; } interface DashboardVisualSubtitleLabelOptionsArgs { /** * The long text format of the subtitle label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the subtitle label. */ visibility?: pulumi.Input; } interface DashboardVisualTitleLabelOptionsArgs { /** * The short text format of the title label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the title label. */ visibility?: pulumi.Input; } interface DashboardWaterfallChartAggregatedFieldWellsArgs { /** * The breakdown field wells of a waterfall visual. */ breakdowns?: pulumi.Input[]>; /** * The category field wells of a waterfall visual. */ categories?: pulumi.Input[]>; /** * The value field wells of a waterfall visual. */ values?: pulumi.Input[]>; } interface DashboardWaterfallChartColorConfigurationArgs { /** * The color configuration for individual groups within a waterfall visual. */ groupColorConfiguration?: pulumi.Input; } interface DashboardWaterfallChartConfigurationArgs { /** * The options that determine the presentation of the category axis. */ categoryAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the category axis label. */ categoryAxisLabelOptions?: pulumi.Input; /** * The color configuration of a waterfall visual. */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a waterfall visual. */ dataLabels?: pulumi.Input; /** * The field well configuration of a waterfall visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a waterfall visual. */ legend?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The sort configuration of a waterfall visual. */ sortConfiguration?: pulumi.Input; /** * The visual palette configuration of a waterfall visual. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of a waterfall visual. */ waterfallChartOptions?: pulumi.Input; } interface DashboardWaterfallChartFieldWellsArgs { /** * The field well configuration of a waterfall visual. */ waterfallChartAggregatedFieldWells?: pulumi.Input; } interface DashboardWaterfallChartGroupColorConfigurationArgs { /** * Defines the color for the negative bars of a waterfall chart. */ negativeBarColor?: pulumi.Input; /** * Defines the color for the positive bars of a waterfall chart. */ positiveBarColor?: pulumi.Input; /** * Defines the color for the total bars of a waterfall chart. */ totalBarColor?: pulumi.Input; } interface DashboardWaterfallChartOptionsArgs { /** * This option determines the total bar label of a waterfall visual. */ totalBarLabel?: pulumi.Input; } interface DashboardWaterfallChartSortConfigurationArgs { /** * The limit on the number of bar groups that are displayed. */ breakdownItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface DashboardWaterfallVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a waterfall visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface DashboardWhatIfPointScenarioArgs { /** * The date that you need the forecast results for. */ date: pulumi.Input; /** * The target value that you want to meet for the provided date. */ value: pulumi.Input; } interface DashboardWhatIfRangeScenarioArgs { /** * The end date in the date range that you need the forecast results for. */ endDate: pulumi.Input; /** * The start date in the date range that you need the forecast results for. */ startDate: pulumi.Input; /** * The target value that you want to meet for the provided date range. */ value: pulumi.Input; } interface DashboardWordCloudAggregatedFieldWellsArgs { /** * The group by field well of a word cloud. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The size field well of a word cloud. Values are aggregated based on group by fields. */ size?: pulumi.Input[]>; } interface DashboardWordCloudChartConfigurationArgs { /** * The label options (label text, label visibility, and sort icon visibility) for the word cloud category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a word cloud visual. */ sortConfiguration?: pulumi.Input; /** * The options for a word cloud visual. */ wordCloudOptions?: pulumi.Input; } interface DashboardWordCloudFieldWellsArgs { /** * The aggregated field wells of a word cloud. */ wordCloudAggregatedFieldWells?: pulumi.Input; } interface DashboardWordCloudOptionsArgs { /** * The cloud layout options (fluid, normal) of a word cloud. */ cloudLayout?: pulumi.Input; /** * The length limit of each word from 1-100. */ maximumStringLength?: pulumi.Input; /** * The word casing options (lower_case, existing_case) for the words in a word cloud. */ wordCasing?: pulumi.Input; /** * The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud. */ wordOrientation?: pulumi.Input; /** * The word padding options (none, small, medium, large) for the words in a word cloud. */ wordPadding?: pulumi.Input; /** * The word scaling options (emphasize, normal) for the words in a word cloud. */ wordScaling?: pulumi.Input; } interface DashboardWordCloudSortConfigurationArgs { /** * The limit on the number of groups that are displayed in a word cloud. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of group by fields. */ categorySort?: pulumi.Input[]>; } interface DashboardWordCloudVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface DashboardYAxisOptionsArgs { /** * The Y axis type to be used in the chart. * * If you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart. */ yAxis: pulumi.Input; } interface DataSetAggregateOperationArgs { /** * The list of aggregation functions to apply to the grouped data, such as `SUM` , `COUNT` , or `AVERAGE` . */ aggregations: pulumi.Input[]>; /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of column names to group by when performing the aggregation. Rows with the same values in these columns will be grouped together. */ groupByColumnNames?: pulumi.Input[]>; /** * The source transform operation that provides input data for the aggregation. */ source: pulumi.Input; } interface DataSetAggregationArgs { /** * The aggregation function to apply, such as `SUM` , `COUNT` , `AVERAGE` , `MIN` , `MAX` */ aggregationFunction: pulumi.Input; /** * A unique identifier for the new column that will contain the aggregated values. */ newColumnId: pulumi.Input; /** * The name for the new column that will contain the aggregated values. */ newColumnName: pulumi.Input; } interface DataSetAppendOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of columns to include in the appended result, mapping columns from both sources. */ appendedColumns: pulumi.Input[]>; /** * The first data source to be included in the append operation. */ firstSource?: pulumi.Input; /** * The second data source to be appended to the first source. */ secondSource?: pulumi.Input; } interface DataSetAppendedColumnArgs { /** * The name of the column to include in the appended result. */ columnName: pulumi.Input; /** * A unique identifier for the column in the appended result. */ newColumnId: pulumi.Input; } /** *

A calculated column for a dataset.

*/ interface DataSetCalculatedColumnArgs { /** *

A unique ID to identify a calculated column. During a dataset update, if the column ID * of a calculated column matches that of an existing calculated column, Amazon QuickSight * preserves the existing calculated column.

*/ columnId: pulumi.Input; /** *

Column name.

*/ columnName: pulumi.Input; /** *

An expression that defines the calculated column.

*/ expression: pulumi.Input; } /** *

A transform operation that casts a column to a different type.

*/ interface DataSetCastColumnTypeOperationArgs { /** *

Column name.

*/ columnName: pulumi.Input; /** *

When casting a column from string to datetime type, you can supply a string in a * format supported by Amazon QuickSight to denote the source data format.

*/ format?: pulumi.Input; /** * New column data type. */ newColumnType: pulumi.Input; /** * The sub data type of the new column. Sub types are only available for decimal columns that are part of a SPICE dataset. */ subType?: pulumi.Input; } interface DataSetCastColumnTypesOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of column type casting operations to perform. */ castColumnTypeOperations: pulumi.Input[]>; /** * The source transform operation that provides input data for the type casting. */ source: pulumi.Input; } /** *

Metadata that contains a description for a column.

*/ interface DataSetColumnDescriptionArgs { /** *

The text of a description for a column.

*/ text?: pulumi.Input; } /** *

Groupings of columns that work together in certain Amazon QuickSight features. This is * a variant type structure. For this structure to be valid, only one of the attributes can * be non-null.

*/ interface DataSetColumnGroupArgs { /** * Geospatial column group that denotes a hierarchy. */ geoSpatialColumnGroup?: pulumi.Input; } interface DataSetColumnIdMappingArgs { sourceColumnId: pulumi.Input; targetColumnId: pulumi.Input; } /** *

A rule defined to grant access on one or more restricted columns. * Each dataset can have multiple rules. * To create a restricted column, you add it to one or more rules. * Each rule must contain at least one column and at least one user or group. * To be able to see a restricted column, a user or group needs to be added * to a rule for that column.

*/ interface DataSetColumnLevelPermissionRuleArgs { /** *

An array of column names.

*/ columnNames?: pulumi.Input[]>; /** *

An array of Amazon Resource Names (ARNs) for Amazon QuickSight users or groups.

*/ principals?: pulumi.Input[]>; } /** *

A tag for a column in a * * TagColumnOperation * * structure. This is a * variant type structure. For this structure to be valid, only one of the attributes can * be non-null.

*/ interface DataSetColumnTagArgs { /** * A description for a column. */ columnDescription?: pulumi.Input; /** * A geospatial role for a column. */ columnGeographicRole?: pulumi.Input; } interface DataSetColumnToUnpivotArgs { /** * The name of the column to unpivot from the source data. */ columnName?: pulumi.Input; /** * The value to assign to this column in the unpivoted result, typically the column name or a descriptive label. */ newValue?: pulumi.Input; } /** *

A transform operation that creates calculated columns. Columns created in one such * operation form a lexical closure.

*/ interface DataSetCreateColumnsOperationArgs { /** * Alias for this operation. */ alias?: pulumi.Input; /** *

Calculated columns to create.

*/ columns: pulumi.Input[]>; /** * The source transform operation that provides input data for creating new calculated columns. */ source?: pulumi.Input; } /** *

A physical table type built from the results of the custom SQL query.

*/ interface DataSetCustomSqlArgs { /** *

The column schema from the SQL query result set.

*/ columns: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the data source.

*/ dataSourceArn: pulumi.Input; /** *

A display name for the SQL query result.

*/ name: pulumi.Input; /** *

The SQL query.

*/ sqlQuery: pulumi.Input; } interface DataSetDataPrepAggregationFunctionArgs { /** * A list aggregation function that concatenates values from multiple rows into a single delimited string. */ listAggregation?: pulumi.Input; percentileAggregation?: pulumi.Input; /** * A simple aggregation function such as `SUM` , `COUNT` , `AVERAGE` , `MIN` , `MAX` , `MEDIAN` , `VARIANCE` , or `STANDARD_DEVIATION` . */ simpleAggregation?: pulumi.Input; } interface DataSetDataPrepConfigurationArgs { /** * A map of destination tables that receive the final prepared data. */ destinationTableMap: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A map of source tables that provide information about underlying sources. */ sourceTableMap: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * A map of transformation steps that process the data. */ transformStepMap: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface DataSetDataPrepListAggregationFunctionArgs { /** * Whether to include only distinct values in the concatenated result, removing duplicates. */ distinct: pulumi.Input; /** * The name of the column containing values to be concatenated. */ inputColumnName?: pulumi.Input; /** * The string used to separate values in the concatenated result. */ separator: pulumi.Input; } interface DataSetDataPrepPercentileAggregationFunctionArgs { inputColumnName?: pulumi.Input; percentileValue: pulumi.Input; } interface DataSetDataPrepSimpleAggregationFunctionArgs { /** * The type of aggregation function to perform, such as `COUNT` , `SUM` , `AVERAGE` , `MIN` , `MAX` , `MEDIAN` , `VARIANCE` , or `STANDARD_DEVIATION` . */ functionType: pulumi.Input; /** * The name of the column on which to perform the aggregation function. */ inputColumnName?: pulumi.Input; } /** *

A dataset parameter.

*/ interface DataSetDatasetParameterArgs { /** * A date time parameter that is created in the dataset. */ dateTimeDatasetParameter?: pulumi.Input; /** * A decimal parameter that is created in the dataset. */ decimalDatasetParameter?: pulumi.Input; /** * An integer parameter that is created in the dataset. */ integerDatasetParameter?: pulumi.Input; /** * A string parameter that is created in the dataset. */ stringDatasetParameter?: pulumi.Input; } interface DataSetDateComparisonFilterConditionArgs { /** * The comparison operator to use, such as `BEFORE` , `BEFORE_OR_EQUALS_TO` , `AFTER` , or `AFTER_OR_EQUALS_TO` . */ operator: pulumi.Input; /** * The date value to compare against. */ value?: pulumi.Input; } interface DataSetDateFilterConditionArgs { /** * The name of the date column to filter. */ columnName?: pulumi.Input; /** * A comparison-based filter condition for the date column. */ comparisonFilterCondition?: pulumi.Input; /** * A range-based filter condition for the date column, filtering values between minimum and maximum dates. */ rangeFilterCondition?: pulumi.Input; } interface DataSetDateFilterValueArgs { /** * A static date value used for filtering. */ staticValue?: pulumi.Input; } interface DataSetDateRangeFilterConditionArgs { /** * Whether to include the maximum value in the filter range. */ includeMaximum?: pulumi.Input; /** * Whether to include the minimum value in the filter range. */ includeMinimum?: pulumi.Input; /** * The maximum date value for the range filter. */ rangeMaximum?: pulumi.Input; /** * The minimum date value for the range filter. */ rangeMinimum?: pulumi.Input; } /** *

A date time parameter for a dataset.

*/ interface DataSetDateTimeDatasetParameterArgs { /** * A list of default values for a given date time parameter. This structure only accepts static values. */ defaultValues?: pulumi.Input; /** *

An identifier for the parameter that is created in the dataset.

*/ id: pulumi.Input; /** *

The name of the date time parameter that is created in the dataset.

*/ name: pulumi.Input; /** * The time granularity of the date time parameter. */ timeGranularity?: pulumi.Input; /** * The value type of the dataset parameter. Valid values are `single value` or `multi value` . */ valueType: pulumi.Input; } /** *

The default values of a date time parameter.

*/ interface DataSetDateTimeDatasetParameterDefaultValuesArgs { /** *

A list of static default values for a given date time parameter.

*/ staticValues?: pulumi.Input[]>; } /** *

A decimal parameter for a dataset.

*/ interface DataSetDecimalDatasetParameterArgs { /** * A list of default values for a given decimal parameter. This structure only accepts static values. */ defaultValues?: pulumi.Input; /** *

An identifier for the decimal parameter created in the dataset.

*/ id: pulumi.Input; /** *

The name of the decimal parameter that is created in the dataset.

*/ name: pulumi.Input; /** * The value type of the dataset parameter. Valid values are `single value` or `multi value` . */ valueType: pulumi.Input; } /** *

The default values of a decimal parameter.

*/ interface DataSetDecimalDatasetParameterDefaultValuesArgs { /** *

A list of static default values for a given decimal parameter.

*/ staticValues?: pulumi.Input[]>; } interface DataSetDestinationTableArgs { /** * Alias for the destination table. */ alias: pulumi.Input; /** * The source configuration that specifies which transform operation provides data to this destination table. */ source: pulumi.Input; } interface DataSetDestinationTableSourceArgs { /** * The identifier of the transform operation that provides data to the destination table. */ transformOperationId: pulumi.Input; } /** *

A FieldFolder element is a folder that contains fields and nested subfolders.

*/ interface DataSetFieldFolderArgs { /** *

A folder has a list of columns. A column can only be in one folder.

*/ columns?: pulumi.Input[]>; /** *

The description for a field folder.

*/ description?: pulumi.Input; } /** *

A transform operation that filters rows based on a condition.

*/ interface DataSetFilterOperationArgs { /** *

An expression that must evaluate to a Boolean value. Rows for which the expression * evaluates to true are kept in the dataset.

*/ conditionExpression?: pulumi.Input; /** * A date-based filter condition within a filter operation. */ dateFilterCondition?: pulumi.Input; /** * A numeric-based filter condition within a filter operation. */ numericFilterCondition?: pulumi.Input; /** * A string-based filter condition within a filter operation. */ stringFilterCondition?: pulumi.Input; } interface DataSetFiltersOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of filter operations to apply. */ filterOperations: pulumi.Input[]>; /** * The source transform operation that provides input data for filtering. */ source: pulumi.Input; } /** *

Geospatial column group that denotes a hierarchy.

*/ interface DataSetGeoSpatialColumnGroupArgs { /** *

Columns in this hierarchy.

*/ columns: pulumi.Input[]>; /** * Country code. */ countryCode?: pulumi.Input; /** *

A display name for the hierarchy.

*/ name: pulumi.Input; } interface DataSetImportTableOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The source configuration that specifies which source table to import and any column mappings. */ source: pulumi.Input; } interface DataSetImportTableOperationSourceArgs { /** * The mappings between source column identifiers and target column identifiers during the import. */ columnIdMappings?: pulumi.Input[]>; /** * The identifier of the source table to import data from. */ sourceTableId: pulumi.Input; } /** *

The incremental refresh configuration for a dataset.

*/ interface DataSetIncrementalRefreshArgs { /** * The lookback window setup for an incremental refresh configuration. */ lookbackWindow: pulumi.Input; } /** *

Wait policy to use when creating/updating dataset. Default is to wait for SPICE ingestion to finish with timeout of 36 hours.

*/ interface DataSetIngestionWaitPolicyArgs { /** *

The maximum time (in hours) to wait for Ingestion to complete. Default timeout is 36 hours. * Applicable only when DataSetImportMode mode is set to SPICE and WaitForSpiceIngestion is set to true.

*/ ingestionWaitTimeInHours?: pulumi.Input; /** *

Wait for SPICE ingestion to finish to mark dataset creation/update successful. Default (true). * Applicable only when DataSetImportMode mode is set to SPICE.

*/ waitForSpiceIngestion?: pulumi.Input; } /** *

Metadata for a column that is used as the input of a transform operation.

*/ interface DataSetInputColumnArgs { /** * A unique identifier for the input column. */ id?: pulumi.Input; /** *

The name of this column in the underlying data source.

*/ name: pulumi.Input; /** * The sub data type of the column. Sub types are only available for decimal columns that are part of a SPICE dataset. */ subType?: pulumi.Input; /** * The data type of the column. */ type: pulumi.Input; } /** *

An integer parameter for a dataset.

*/ interface DataSetIntegerDatasetParameterArgs { /** * A list of default values for a given integer parameter. This structure only accepts static values. */ defaultValues?: pulumi.Input; /** *

An identifier for the integer parameter created in the dataset.

*/ id: pulumi.Input; /** *

The name of the integer parameter that is created in the dataset.

*/ name: pulumi.Input; /** * The value type of the dataset parameter. Valid values are `single value` or `multi value` . */ valueType: pulumi.Input; } /** *

The default values of an integer parameter.

*/ interface DataSetIntegerDatasetParameterDefaultValuesArgs { /** *

A list of static default values for a given integer parameter.

*/ staticValues?: pulumi.Input[]>; } /** *

The instructions associated with a join.

*/ interface DataSetJoinInstructionArgs { /** * Join key properties of the left operand. */ leftJoinKeyProperties?: pulumi.Input; /** *

The operand on the left side of a join.

*/ leftOperand: pulumi.Input; /** *

The join instructions provided in the ON clause of a join.

*/ onClause: pulumi.Input; /** * Join key properties of the right operand. */ rightJoinKeyProperties?: pulumi.Input; /** *

The operand on the right side of a join.

*/ rightOperand: pulumi.Input; /** * The type of join that it is. */ type: pulumi.Input; } /** *

Properties associated with the columns participating in a join.

*/ interface DataSetJoinKeyPropertiesArgs { /** *

A value that indicates that a row in a table is uniquely identified by the columns in * a join key. This is used by Amazon QuickSight to optimize query performance.

*/ uniqueKey?: pulumi.Input; } interface DataSetJoinOperandPropertiesArgs { /** * A list of column name overrides to apply to the join operand's output columns. */ outputColumnNameOverrides: pulumi.Input[]>; } interface DataSetJoinOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The left operand for the join operation. */ leftOperand: pulumi.Input; /** * Properties that control how the left operand's columns are handled in the join result. */ leftOperandProperties?: pulumi.Input; /** * The join condition that specifies how to match rows between the left and right operands. */ onClause: pulumi.Input; /** * The right operand for the join operation. */ rightOperand: pulumi.Input; /** * Properties that control how the right operand's columns are handled in the join result. */ rightOperandProperties?: pulumi.Input; /** * The type of join to perform, such as `INNER` , `LEFT` , `RIGHT` , or `OUTER` . */ type: pulumi.Input; } /** *

A logical table is a unit that joins and that data * transformations operate on. A logical table has a source, which can be either a physical * table or result of a join. When a logical table points to a physical table, the logical * table acts as a mutable copy of that physical table through transform operations.

*/ interface DataSetLogicalTableArgs { /** *

A display name for the logical table.

*/ alias: pulumi.Input; /** *

Transform operations that act on this logical table. For this structure to be valid, only one of the attributes can be non-null.

*/ dataTransforms?: pulumi.Input[]>; source: pulumi.Input; } /** *

Information about the source of a logical table. This is a variant type structure. For * this structure to be valid, only one of the attributes can be non-null.

*/ interface DataSetLogicalTableSourceArgs { /** *

The Amazon Resource Number (ARN) of the parent dataset.

*/ dataSetArn?: pulumi.Input; /** * Specifies the result of a join of two logical tables. */ joinInstruction?: pulumi.Input; /** *

Physical table ID.

*/ physicalTableId?: pulumi.Input; } /** *

The lookback window setup of an incremental refresh configuration.

*/ interface DataSetLookbackWindowArgs { /** *

The name of the lookback window column.

*/ columnName: pulumi.Input; /** *

The lookback window column size.

*/ size: pulumi.Input; /** * The size unit that is used for the lookback window column. Valid values for this structure are `HOUR` , `DAY` , and `WEEK` . */ sizeUnit: pulumi.Input; } /** *

The configuration that overrides the existing default values for a dataset parameter that is inherited from another dataset.

*/ interface DataSetNewDefaultValuesArgs { /** *

A list of static default values for a given date time parameter.

*/ dateTimeStaticValues?: pulumi.Input[]>; /** *

A list of static default values for a given decimal parameter.

*/ decimalStaticValues?: pulumi.Input[]>; /** *

A list of static default values for a given integer parameter.

*/ integerStaticValues?: pulumi.Input[]>; /** *

A list of static default values for a given string parameter.

*/ stringStaticValues?: pulumi.Input[]>; } interface DataSetNumericComparisonFilterConditionArgs { /** * The comparison operator to use, such as `EQUALS` , `GREATER_THAN` , `LESS_THAN` , or their variants. */ operator: pulumi.Input; /** * The numeric value to compare against. */ value?: pulumi.Input; } interface DataSetNumericFilterConditionArgs { /** * The name of the numeric column to filter. */ columnName?: pulumi.Input; /** * A comparison-based filter condition for the numeric column. */ comparisonFilterCondition?: pulumi.Input; /** * A range-based filter condition for the numeric column, filtering values between minimum and maximum numbers. */ rangeFilterCondition?: pulumi.Input; } interface DataSetNumericFilterValueArgs { /** * A static numeric value used for filtering. */ staticValue?: pulumi.Input; } interface DataSetNumericRangeFilterConditionArgs { /** * Whether to include the maximum value in the filter range. */ includeMaximum?: pulumi.Input; /** * Whether to include the minimum value in the filter range. */ includeMinimum?: pulumi.Input; /** * The maximum numeric value for the range filter. */ rangeMaximum?: pulumi.Input; /** * The minimum numeric value for the range filter. */ rangeMinimum?: pulumi.Input; } interface DataSetOutputColumnNameOverrideArgs { /** * The new name to assign to the column in the output. */ outputColumnName: pulumi.Input; /** * The original name of the column from the source transform operation. */ sourceColumnName?: pulumi.Input; } /** *

A transform operation that overrides the dataset parameter values that are defined in another dataset.

*/ interface DataSetOverrideDatasetParameterOperationArgs { /** * The new default values for the parameter. */ newDefaultValues?: pulumi.Input; /** *

The new name for the parameter.

*/ newParameterName?: pulumi.Input; /** *

The name of the parameter to be overridden with different values.

*/ parameterName: pulumi.Input; } interface DataSetParentDataSetArgs { /** * The Amazon Resource Name (ARN) of the parent dataset. */ dataSetArn: pulumi.Input; /** * The list of input columns available from the parent dataset. */ inputColumns: pulumi.Input[]>; } interface DataSetPerformanceConfigurationArgs { uniqueKeys?: pulumi.Input[]>; } /** *

A view of a data source that contains information about the shape of the data in the * underlying source. This is a variant type structure. For this structure to be valid, * only one of the attributes can be non-null.

*/ interface DataSetPhysicalTableArgs { /** * A physical table type built from the results of the custom SQL query. */ customSql?: pulumi.Input; /** * A physical table type for relational data sources. */ relationalTable?: pulumi.Input; /** * A physical table type for as S3 data source. */ s3Source?: pulumi.Input; /** * A physical table type for Software-as-a-Service (SaaS) sources. */ saaSTable?: pulumi.Input; } interface DataSetPivotConfigurationArgs { /** * The name of the column that contains the labels to be pivoted into separate columns. */ labelColumnName?: pulumi.Input; /** * The list of specific label values to pivot into separate columns. */ pivotedLabels: pulumi.Input[]>; } interface DataSetPivotOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of column names to group by when performing the pivot operation. */ groupByColumnNames?: pulumi.Input[]>; /** * Configuration that specifies which labels to pivot and how to structure the resulting columns. */ pivotConfiguration: pulumi.Input; /** * The source transform operation that provides input data for pivoting. */ source: pulumi.Input; /** * Configuration for how to aggregate values when multiple rows map to the same pivoted column. */ valueColumnConfiguration: pulumi.Input; } interface DataSetPivotedLabelArgs { /** * The label value from the source data to be pivoted. */ labelName: pulumi.Input; /** * A unique identifier for the new column created from this pivoted label. */ newColumnId: pulumi.Input; /** * The name for the new column created from this pivoted label. */ newColumnName: pulumi.Input; } /** *

A transform operation that projects columns. Operations that come after a projection * can only refer to projected columns.

*/ interface DataSetProjectOperationArgs { /** * Alias for this operation. */ alias?: pulumi.Input; /** *

Projected columns.

*/ projectedColumns?: pulumi.Input[]>; /** * The source transform operation that provides input data for column projection. */ source?: pulumi.Input; } /** *

The refresh configuration of a dataset.

*/ interface DataSetRefreshConfigurationArgs { /** * The incremental refresh for the dataset. */ incrementalRefresh: pulumi.Input; } interface DataSetRefreshFailureConfigurationArgs { /** * The email alert configuration for a dataset refresh failure. */ emailAlert?: pulumi.Input; } interface DataSetRefreshFailureEmailAlertArgs { /** * The status value that determines if email alerts are sent. */ alertStatus?: pulumi.Input; } /** *

The refresh properties of a dataset.

*/ interface DataSetRefreshPropertiesArgs { /** * The failure configuration for a dataset. */ failureConfiguration?: pulumi.Input; /** * The refresh configuration for a dataset. */ refreshConfiguration?: pulumi.Input; } /** *

A physical table type for relational data sources.

*/ interface DataSetRelationalTableArgs { /** *

The catalog associated with a table.

*/ catalog?: pulumi.Input; /** *

The Amazon Resource Name (ARN) for the data source.

*/ dataSourceArn: pulumi.Input; /** *

The column schema of the table.

*/ inputColumns: pulumi.Input[]>; /** *

The name of the relational table.

*/ name: pulumi.Input; /** *

The schema name. This name applies to certain relational database engines.

*/ schema?: pulumi.Input; } /** *

A transform operation that renames a column.

*/ interface DataSetRenameColumnOperationArgs { /** *

The name of the column to be renamed.

*/ columnName: pulumi.Input; /** *

The new name for the column.

*/ newColumnName: pulumi.Input; } interface DataSetRenameColumnsOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of column rename operations to perform, specifying old and new column names. */ renameColumnOperations: pulumi.Input[]>; /** * The source transform operation that provides input data for column renaming. */ source: pulumi.Input; } /** *

Permission for the resource.

*/ interface DataSetResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface DataSetRowLevelPermissionConfigurationArgs { rowLevelPermissionDataSet?: pulumi.Input; tagConfiguration?: pulumi.Input; } /** *

Information about a dataset that contains permissions for row-level security (RLS). * The permissions dataset maps fields to users or groups. For more information, see * Using Row-Level Security (RLS) to Restrict Access to a Dataset in the Amazon QuickSight User * Guide.

*

The option to deny permissions by setting PermissionPolicy to DENY_ACCESS is * not supported for new RLS datasets.

*/ interface DataSetRowLevelPermissionDataSetArgs { /** *

The Amazon Resource Name (ARN) of the dataset that contains permissions for RLS.

*/ arn: pulumi.Input; /** * The user or group rules associated with the dataset that contains permissions for RLS. * * By default, `FormatVersion` is `VERSION_1` . When `FormatVersion` is `VERSION_1` , `UserName` and `GroupName` are required. When `FormatVersion` is `VERSION_2` , `UserARN` and `GroupARN` are required, and `Namespace` must not exist. */ formatVersion?: pulumi.Input; /** *

The namespace associated with the dataset that contains permissions for RLS.

*/ namespace?: pulumi.Input; /** * The type of permissions to use when interpreting the permissions for RLS. `DENY_ACCESS` is included for backward compatibility only. */ permissionPolicy: pulumi.Input; /** * The status of the row-level security permission dataset. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` . */ status?: pulumi.Input; } /** *

The configuration of tags on a dataset to set row-level security.

*/ interface DataSetRowLevelPermissionTagConfigurationArgs { /** * The status of row-level security tags. If enabled, the status is `ENABLED` . If disabled, the status is `DISABLED` . */ status?: pulumi.Input; /** *

A list of tag configuration rules to apply to a dataset. All tag configurations have the OR condition. Tags within each tile will be joined (AND). At least one rule in this structure must have all tag values assigned to it to apply Row-level security (RLS) to the dataset.

*/ tagRuleConfigurations?: pulumi.Input[]>[]>; /** *

A set of rules associated with row-level security, such as the tag names and columns that they are assigned to.

*/ tagRules: pulumi.Input[]>; } /** *

A set of rules associated with a tag.

*/ interface DataSetRowLevelPermissionTagRuleArgs { /** *

The column name that a tag key is assigned to.

*/ columnName: pulumi.Input; /** *

A string that you want to use to filter by all the values in a column in the dataset and don’t want to list the values one by one. For example, you can use an asterisk as your match all value.

*/ matchAllValue?: pulumi.Input; /** *

The unique key for a tag.

*/ tagKey: pulumi.Input; /** *

A string that you want to use to delimit the values when you pass the values at run time. For example, you can delimit the values with a comma.

*/ tagMultiValueDelimiter?: pulumi.Input; } /** *

A physical table type for an S3 data source.

*/ interface DataSetS3SourceArgs { /** *

The Amazon Resource Name (ARN) for the data source.

*/ dataSourceArn: pulumi.Input; /** *

A physical table type for an S3 data source.

* *

For files that aren't JSON, only STRING data types are supported in input columns.

* */ inputColumns: pulumi.Input[]>; /** * Information about the format for the S3 source file or files. */ uploadSettings?: pulumi.Input; } interface DataSetSaaSTableArgs { /** * The Amazon Resource Name (ARN) of the SaaS data source. */ dataSourceArn: pulumi.Input; /** * The list of input columns available from the SaaS table. */ inputColumns: pulumi.Input[]>; /** * The hierarchical path to the table within the SaaS data source. */ tablePath: pulumi.Input[]>; } interface DataSetSemanticModelConfigurationArgs { /** * A map of semantic tables that define the analytical structure. */ tableMap?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface DataSetSemanticTableArgs { /** * Alias for the semantic table. */ alias: pulumi.Input; /** * The identifier of the destination table from data preparation that provides data to this semantic table. */ destinationTableId: pulumi.Input; /** * Configuration for row level security that control data access for this semantic table. */ rowLevelPermissionConfiguration?: pulumi.Input; } interface DataSetSourceTableArgs { /** * A parent dataset that serves as the data source instead of a physical table. */ dataSet?: pulumi.Input; /** * The identifier of the physical table that serves as the data source. */ physicalTableId?: pulumi.Input; } interface DataSetStringComparisonFilterConditionArgs { /** * The comparison operator to use, such as `EQUALS` , `CONTAINS` , `STARTS_WITH` , `ENDS_WITH` , or their negations. */ operator: pulumi.Input; /** * The string value to compare against. */ value?: pulumi.Input; } /** *

A string parameter for a dataset.

*/ interface DataSetStringDatasetParameterArgs { /** * A list of default values for a given string dataset parameter type. This structure only accepts static values. */ defaultValues?: pulumi.Input; /** *

An identifier for the string parameter that is created in the dataset.

*/ id: pulumi.Input; /** *

The name of the string parameter that is created in the dataset.

*/ name: pulumi.Input; /** * The value type of the dataset parameter. Valid values are `single value` or `multi value` . */ valueType: pulumi.Input; } /** *

The default values of a string parameter.

*/ interface DataSetStringDatasetParameterDefaultValuesArgs { /** *

A list of static default values for a given string parameter.

*/ staticValues?: pulumi.Input[]>; } interface DataSetStringFilterConditionArgs { /** * The name of the string column to filter. */ columnName?: pulumi.Input; /** * A comparison-based filter condition for the string column. */ comparisonFilterCondition?: pulumi.Input; /** * A list-based filter condition that includes or excludes values from a specified list. */ listFilterCondition?: pulumi.Input; } interface DataSetStringFilterValueArgs { /** * A static string value used for filtering. */ staticValue?: pulumi.Input; } interface DataSetStringListFilterConditionArgs { /** * The list operator to use, either `INCLUDE` to match values in the list or `EXCLUDE` to filter out values in the list. */ operator: pulumi.Input; /** * The list of string values to include or exclude in the filter. */ values?: pulumi.Input; } interface DataSetStringListFilterValueArgs { /** * A list of static string values used for filtering. */ staticValues?: pulumi.Input[]>; } interface DataSetTablePathElementArgs { /** * The unique identifier of the path element. */ id?: pulumi.Input; /** * The name of the path element. */ name?: pulumi.Input; } /** *

A transform operation that tags a column with additional information.

*/ interface DataSetTagColumnOperationArgs { /** *

The column that this operation acts on.

*/ columnName: pulumi.Input; /** *

The dataset column tag, currently only used for geospatial type tagging.

* *

This is not tags for the Amazon Web Services tagging feature.

* */ tags: pulumi.Input[]>; } /** *

A data transformation on a logical table. This is a variant type structure. For this * structure to be valid, only one of the attributes can be non-null.

*/ interface DataSetTransformOperationArgs { /** * A transform operation that casts a column to a different type. */ castColumnTypeOperation?: pulumi.Input; /** * An operation that creates calculated columns. Columns created in one such operation form a lexical closure. */ createColumnsOperation?: pulumi.Input; /** * An operation that filters rows based on some condition. */ filterOperation?: pulumi.Input; /** * A transform operation that overrides the dataset parameter values that are defined in another dataset. */ overrideDatasetParameterOperation?: pulumi.Input; /** * An operation that projects columns. Operations that come after a projection can only refer to projected columns. */ projectOperation?: pulumi.Input; /** * An operation that renames a column. */ renameColumnOperation?: pulumi.Input; /** * An operation that tags a column with additional information. */ tagColumnOperation?: pulumi.Input; untagColumnOperation?: pulumi.Input; } interface DataSetTransformOperationSourceArgs { /** * The mappings between source column identifiers and target column identifiers for this transformation. */ columnIdMappings?: pulumi.Input[]>; /** * The identifier of the transform operation that provides input data. */ transformOperationId: pulumi.Input; } interface DataSetTransformStepArgs { /** * A transform step that groups data and applies aggregation functions to calculate summary values. */ aggregateStep?: pulumi.Input; /** * A transform step that combines rows from multiple sources by stacking them vertically. */ appendStep?: pulumi.Input; /** * A transform step that changes the data types of one or more columns. */ castColumnTypesStep?: pulumi.Input; createColumnsStep?: pulumi.Input; /** * A transform step that applies filter conditions. */ filtersStep?: pulumi.Input; /** * A transform step that brings data from a source table. */ importTableStep?: pulumi.Input; /** * A transform step that combines data from two sources based on specified join conditions. */ joinStep?: pulumi.Input; /** * A transform step that converts row values into columns to reshape the data structure. */ pivotStep?: pulumi.Input; projectStep?: pulumi.Input; /** * A transform step that changes the names of one or more columns. */ renameColumnsStep?: pulumi.Input; /** * A transform step that converts columns into rows to normalize the data structure. */ unpivotStep?: pulumi.Input; } interface DataSetUniqueKeyArgs { columnNames: pulumi.Input[]>; } interface DataSetUnpivotOperationArgs { /** * Alias for this operation. */ alias: pulumi.Input; /** * The list of columns to unpivot from the source data. */ columnsToUnpivot: pulumi.Input[]>; /** * The source transform operation that provides input data for unpivoting. */ source: pulumi.Input; /** * A unique identifier for the new column that will contain the unpivoted column names. */ unpivotedLabelColumnId: pulumi.Input; /** * The name for the new column that will contain the unpivoted column names. */ unpivotedLabelColumnName: pulumi.Input; /** * A unique identifier for the new column that will contain the unpivoted values. */ unpivotedValueColumnId: pulumi.Input; /** * The name for the new column that will contain the unpivoted values. */ unpivotedValueColumnName: pulumi.Input; } /** *

A transform operation that removes tags associated with a column.

*/ interface DataSetUntagColumnOperationArgs { /** *

The column that this operation acts on.

*/ columnName: pulumi.Input; /** *

The column tags to remove from this column.

*/ tagNames: pulumi.Input[]>; } /** *

Information about the format for a source file or files.

*/ interface DataSetUploadSettingsArgs { /** *

Whether the file has a header row, or the files each have a header row.

*/ containsHeader?: pulumi.Input; /** *

The delimiter between values in the file.

*/ delimiter?: pulumi.Input; /** * File format. */ format?: pulumi.Input; /** *

A row number to start reading data from.

*/ startFromRow?: pulumi.Input; /** * Text qualifier. */ textQualifier?: pulumi.Input; } /** *

The usage configuration to apply to child datasets that reference this dataset as a source.

*/ interface DataSetUsageConfigurationArgs { /** *

An option that controls whether a child dataset of a direct query can use this dataset as a source.

*/ disableUseAsDirectQuerySource?: pulumi.Input; /** *

An option that controls whether a child dataset that's stored in QuickSight can use this dataset as a source.

*/ disableUseAsImportedSource?: pulumi.Input; } interface DataSetValueColumnConfigurationArgs { /** * The aggregation function to apply when multiple values map to the same pivoted cell. */ aggregationFunction?: pulumi.Input; } /** *

The parameters for OpenSearch.

*/ interface DataSourceAmazonElasticsearchParametersArgs { /** *

The OpenSearch domain.

*/ domain: pulumi.Input; } /** *

The parameters for OpenSearch.

*/ interface DataSourceAmazonOpenSearchParametersArgs { /** *

The OpenSearch domain.

*/ domain: pulumi.Input; } /** *

Parameters for Amazon Athena.

*/ interface DataSourceAthenaParametersArgs { /** * An optional parameter that configures IAM Identity Center authentication to grant Quick Sight access to your workgroup. * * This parameter can only be specified if your Quick Sight account is configured with IAM Identity Center. */ identityCenterConfiguration?: pulumi.Input; /** *

Use the RoleArn structure to override an account-wide role for a specific Athena data source. For example, say an account administrator has turned off all Athena access with an account-wide role. The administrator can then use RoleArn to bypass the account-wide role and allow Athena access for the single Athena data source that is specified in the structure, even if the account-wide role forbidding Athena access is still active.

*/ roleArn?: pulumi.Input; /** *

The workgroup that Amazon Athena uses.

*/ workGroup?: pulumi.Input; } /** *

Parameters for Amazon Aurora.

*/ interface DataSourceAuroraParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

Parameters for Amazon Aurora PostgreSQL-Compatible Edition.

*/ interface DataSourceAuroraPostgreSqlParametersArgs { /** *

The Amazon Aurora PostgreSQL database to connect to.

*/ database: pulumi.Input; /** *

The Amazon Aurora PostgreSQL-Compatible host to connect to.

*/ host: pulumi.Input; /** *

The port that Amazon Aurora PostgreSQL is listening on.

*/ port: pulumi.Input; } /** *

The combination of user name and password that are used as credentials.

*/ interface DataSourceCredentialPairArgs { /** *

A set of alternate data source parameters that you want to share for these * credentials. The credentials are applied in tandem with the data source parameters when * you copy a data source by using a create or update request. The API operation compares * the DataSourceParameters structure that's in the request with the * structures in the AlternateDataSourceParameters allow list. If the * structures are an exact match, the request is allowed to use the new data source with * the existing credentials. If the AlternateDataSourceParameters list is * null, the DataSourceParameters originally used with these * Credentials is automatically allowed.

*/ alternateDataSourceParameters?: pulumi.Input[]>; /** *

Password.

*/ password: pulumi.Input; /** *

User name.

*/ username: pulumi.Input; } /** *

Data source credentials. This is a variant type structure. For this structure to be * valid, only one of the attributes can be non-null.

*/ interface DataSourceCredentialsArgs { /** *

The Amazon Resource Name (ARN) of a data source that has the credential pair that you * want to use. When CopySourceArn is not null, the credential pair from the * data source in the ARN is used as the credentials for the * DataSourceCredentials structure.

*/ copySourceArn?: pulumi.Input; /** * Credential pair. For more information, see `[CredentialPair](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_CredentialPair.html)` . */ credentialPair?: pulumi.Input; /** * The credentials for connecting using key-pair. */ keyPairCredentials?: pulumi.Input; /** *

The Amazon Resource Name (ARN) of the secret associated with the data source in Amazon Secrets Manager.

*/ secretArn?: pulumi.Input; } /** *

The parameters that are required to connect to a Databricks data source.

*/ interface DataSourceDatabricksParametersArgs { /** *

The host name of the Databricks data source.

*/ host: pulumi.Input; /** *

The port for the Databricks data source.

*/ port: pulumi.Input; /** *

The HTTP path of the Databricks data source.

*/ sqlEndpointPath: pulumi.Input; } /** *

Error information for the data source creation or update.

*/ interface DataSourceErrorInfoArgs { /** *

Error message.

*/ message?: pulumi.Input; /** * Error type. */ type?: pulumi.Input; } /** *

The parameters for an IAM Identity Center configuration.

*/ interface DataSourceIdentityCenterConfigurationArgs { /** *

A Boolean option that controls whether Trusted Identity Propagation should be used.

*/ enableIdentityPropagation?: pulumi.Input; } interface DataSourceKeyPairCredentialsArgs { /** * Username */ keyPairUsername: pulumi.Input; /** * PrivateKey */ privateKey: pulumi.Input; /** * PrivateKeyPassphrase */ privateKeyPassphrase?: pulumi.Input; } /** *

Amazon S3 manifest file location.

*/ interface DataSourceManifestFileLocationArgs { /** *

Amazon S3 bucket.

*/ bucket: pulumi.Input; /** *

Amazon S3 key that identifies an object.

*/ key: pulumi.Input; } /** *

The parameters for MariaDB.

*/ interface DataSourceMariaDbParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

The parameters for MySQL.

*/ interface DataSourceMySqlParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } interface DataSourceOAuthParametersArgs { /** * The resource uri of the identity provider. */ identityProviderResourceUri?: pulumi.Input; identityProviderVpcConnectionProperties?: pulumi.Input; /** * The OAuth scope. */ oAuthScope?: pulumi.Input; /** * The token endpoint URL of the identity provider. */ tokenProviderUrl: pulumi.Input; } /** *

The parameters for Oracle.

*/ interface DataSourceOracleParametersArgs { /** *

The database.

*/ database: pulumi.Input; /** *

An Oracle host.

*/ host: pulumi.Input; /** *

The port.

*/ port: pulumi.Input; /** * A Boolean value that indicates whether the `Database` uses a service name or an SID. If this value is left blank, the default value is `SID` . If this value is set to `false` , the value is `SID` . */ useServiceName?: pulumi.Input; } /** *

The parameters that Amazon QuickSight uses to connect to your underlying data source. * This is a variant type structure. For this structure to be valid, only one of the * attributes can be non-null.

*/ interface DataSourceParametersArgs { /** * The parameters for OpenSearch. */ amazonElasticsearchParameters?: pulumi.Input; /** * The parameters for OpenSearch. */ amazonOpenSearchParameters?: pulumi.Input; /** * The parameters for Amazon Athena. */ athenaParameters?: pulumi.Input; /** * The parameters for Amazon Aurora MySQL. */ auroraParameters?: pulumi.Input; /** * The parameters for Amazon Aurora. */ auroraPostgreSqlParameters?: pulumi.Input; /** * The required parameters that are needed to connect to a Databricks data source. */ databricksParameters?: pulumi.Input; /** * The parameters for MariaDB. */ mariaDbParameters?: pulumi.Input; /** * The parameters for MySQL. */ mySqlParameters?: pulumi.Input; /** * Oracle parameters. */ oracleParameters?: pulumi.Input; /** * The parameters for PostgreSQL. */ postgreSqlParameters?: pulumi.Input; /** * The parameters for Presto. */ prestoParameters?: pulumi.Input; /** * The parameters for Amazon RDS. */ rdsParameters?: pulumi.Input; /** * The parameters for Amazon Redshift. */ redshiftParameters?: pulumi.Input; /** * The parameters for S3. */ s3Parameters?: pulumi.Input; s3TablesParameters?: pulumi.Input; /** * The parameters for Snowflake. */ snowflakeParameters?: pulumi.Input; /** * The parameters for Spark. */ sparkParameters?: pulumi.Input; /** * The parameters for SQL Server. */ sqlServerParameters?: pulumi.Input; /** * The parameters that are required to connect to a Starburst data source. */ starburstParameters?: pulumi.Input; /** * The parameters for Teradata. */ teradataParameters?: pulumi.Input; /** * The parameters that are required to connect to a Trino data source. */ trinoParameters?: pulumi.Input; } /** *

The parameters for PostgreSQL.

*/ interface DataSourcePostgreSqlParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

The parameters for Presto.

*/ interface DataSourcePrestoParametersArgs { /** *

Catalog.

*/ catalog: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

The parameters for Amazon RDS.

*/ interface DataSourceRdsParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Instance ID.

*/ instanceId: pulumi.Input; } /** *

A structure that grants Amazon QuickSight access to your cluster and make a call to the redshift:GetClusterCredentials API. For more information on the redshift:GetClusterCredentials API, see * GetClusterCredentials * .

*/ interface DataSourceRedshiftIamParametersArgs { /** *

Automatically creates a database user. If your database doesn't have a DatabaseUser, set this parameter to True. If there is no DatabaseUser, Amazon QuickSight can't connect to your cluster. The RoleArn that you use for this operation must grant access to redshift:CreateClusterUser to successfully create the user.

*/ autoCreateDatabaseUser?: pulumi.Input; /** *

A list of groups whose permissions will be granted to Amazon QuickSight to access the cluster. These permissions are combined with the permissions granted to Amazon QuickSight by the DatabaseUser. If you choose to include this parameter, the RoleArn must grant access to redshift:JoinGroup.

*/ databaseGroups?: pulumi.Input[]>; /** *

The user whose permissions and group memberships will be used by Amazon QuickSight to access the cluster. If this user already exists in your database, Amazon QuickSight is granted the same permissions that the user has. If the user doesn't exist, set the value of AutoCreateDatabaseUser to True to create a new user with PUBLIC permissions.

*/ databaseUser?: pulumi.Input; /** *

Use the RoleArn structure to allow Amazon QuickSight to call redshift:GetClusterCredentials on your cluster. The calling principal must have iam:PassRole access to pass the role to Amazon QuickSight. The role's trust policy must allow the Amazon QuickSight service principal to assume the role.

*/ roleArn: pulumi.Input; } /** *

The parameters for Amazon Redshift. The ClusterId field can be blank if * Host and Port are both set. The Host and Port fields can be blank if the ClusterId field is set.

*/ interface DataSourceRedshiftParametersArgs { /** *

Cluster ID. This field can be blank if the Host and Port are * provided.

*/ clusterId?: pulumi.Input; /** *

Database.

*/ database: pulumi.Input; /** *

Host. This field can be blank if ClusterId is provided.

*/ host?: pulumi.Input; /** * An optional parameter that uses IAM authentication to grant Quick Sight access to your cluster. This parameter can be used instead of [DataSourceCredentials](https://docs.aws.amazon.com/quicksight/latest/APIReference/API_DataSourceCredentials.html) . */ iamParameters?: pulumi.Input; /** * An optional parameter that configures IAM Identity Center authentication to grant Quick Sight access to your cluster. * * This parameter can only be specified if your Quick Sight account is configured with IAM Identity Center. */ identityCenterConfiguration?: pulumi.Input; /** *

Port. This field can be blank if the ClusterId is provided.

*/ port?: pulumi.Input; } /** *

Permission for the resource.

*/ interface DataSourceResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; resource?: pulumi.Input; } /** *

The parameters for S3.

*/ interface DataSourceS3ParametersArgs { /** * Location of the Amazon S3 manifest file. This is NULL if the manifest file was uploaded into Quick Sight. */ manifestFileLocation: pulumi.Input; /** *

Use the RoleArn structure to override an account-wide role for a specific S3 data source. For example, say an account administrator has turned off all S3 access with an account-wide role. The administrator can then use RoleArn to bypass the account-wide role and allow S3 access for the single S3 data source that is specified in the structure, even if the account-wide role forbidding S3 access is still active.

*/ roleArn?: pulumi.Input; } interface DataSourceS3TablesParametersArgs { tableBucketArn?: pulumi.Input; } /** *

The parameters for Snowflake.

*/ interface DataSourceSnowflakeParametersArgs { /** * The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types. */ authenticationType?: pulumi.Input; /** *

Database.

*/ database: pulumi.Input; /** * The database access control role. */ databaseAccessControlRole?: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** * An object that contains information needed to create a data source connection between an Quick Sight account and Snowflake. */ oAuthParameters?: pulumi.Input; /** *

Warehouse.

*/ warehouse: pulumi.Input; } /** *

The parameters for Spark.

*/ interface DataSourceSparkParametersArgs { /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

The parameters for SQL Server.

*/ interface DataSourceSqlServerParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

Secure Socket Layer (SSL) properties that apply when Amazon QuickSight connects to your * underlying data source.

*/ interface DataSourceSslPropertiesArgs { /** *

A Boolean option to control whether SSL should be disabled.

*/ disableSsl?: pulumi.Input; } /** *

The parameters that are required to connect to a Starburst data source.

*/ interface DataSourceStarburstParametersArgs { /** * The authentication type that you want to use for your connection. This parameter accepts OAuth and non-OAuth authentication types. */ authenticationType?: pulumi.Input; /** *

The catalog name for the Starburst data source.

*/ catalog: pulumi.Input; /** * The database access control role. */ databaseAccessControlRole?: pulumi.Input; /** *

The host name of the Starburst data source.

*/ host: pulumi.Input; /** * An object that contains information needed to create a data source connection between an Quick Sight account and Starburst. */ oAuthParameters?: pulumi.Input; /** *

The port for the Starburst data source.

*/ port: pulumi.Input; /** * The product type for the Starburst data source. */ productType?: pulumi.Input; } /** *

The parameters for Teradata.

*/ interface DataSourceTeradataParametersArgs { /** *

Database.

*/ database: pulumi.Input; /** *

Host.

*/ host: pulumi.Input; /** *

Port.

*/ port: pulumi.Input; } /** *

The parameters that are required to connect to a Trino data source.

*/ interface DataSourceTrinoParametersArgs { /** *

The catalog name for the Trino data source.

*/ catalog: pulumi.Input; /** *

The host name of the Trino data source.

*/ host: pulumi.Input; /** *

The port for the Trino data source.

*/ port: pulumi.Input; } /** *

VPC connection properties.

*/ interface DataSourceVpcConnectionPropertiesArgs { /** *

The Amazon Resource Name (ARN) for the VPC connection.

*/ vpcConnectionArn: pulumi.Input; } /** *

Permission for the resource.

*/ interface FolderResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface RefreshScheduleMapArgs { /** * The type of refresh that a dataset undergoes. Valid values are as follows: * * - `FULL_REFRESH` : A complete refresh of a dataset. * - `INCREMENTAL_REFRESH` : A partial refresh of some rows of a dataset, based on the time window specified. * * For more information on full and incremental refreshes, see [Refreshing SPICE data](https://docs.aws.amazon.com/quicksight/latest/user/refreshing-imported-data.html) in the *Quick User Guide* . */ refreshType?: pulumi.Input; /** *

Information about the schedule frequency.

*/ scheduleFrequency?: pulumi.Input; /** *

An unique identifier for the refresh schedule.

*/ scheduleId?: pulumi.Input; /** *

The date time after which refresh is to be scheduled

*/ startAfterDateTime?: pulumi.Input; } /** *

Information about the schedule frequency.

*/ interface RefreshScheduleMapScheduleFrequencyPropertiesArgs { interval?: pulumi.Input; /** *

The day scheduled for refresh.

*/ refreshOnDay?: pulumi.Input; /** *

The time of the day for scheduled refresh.

*/ timeOfTheDay?: pulumi.Input; /** *

The timezone for scheduled refresh.

*/ timeZone?: pulumi.Input; } /** *

The day scheduled for refresh.

*/ interface RefreshScheduleMapScheduleFrequencyPropertiesRefreshOnDayPropertiesArgs { /** *

The Day Of Month for scheduled refresh.

*/ dayOfMonth?: pulumi.Input; dayOfWeek?: pulumi.Input; } interface TemplateAggregationFunctionArgs { /** * Aggregation for attributes. */ attributeAggregationFunction?: pulumi.Input; /** * Aggregation for categorical values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. */ categoricalAggregationFunction?: pulumi.Input; /** * Aggregation for date values. * * - `COUNT` : Aggregate by the total number of values, including duplicates. * - `DISTINCT_COUNT` : Aggregate by the total number of distinct values. * - `MIN` : Select the smallest date value. * - `MAX` : Select the largest date value. */ dateAggregationFunction?: pulumi.Input; /** * Aggregation for numerical values. */ numericalAggregationFunction?: pulumi.Input; } interface TemplateAggregationSortConfigurationArgs { /** * The function that aggregates the values in `Column` . */ aggregationFunction?: pulumi.Input; /** * The column that determines the sort order of aggregated values. */ column: pulumi.Input; /** * The sort direction of values. * * - `ASC` : Sort in ascending order. * - `DESC` : Sort in descending order. */ sortDirection: pulumi.Input; } interface TemplateAllSheetsFilterScopeConfigurationArgs { } interface TemplateAnalysisDefaultsArgs { /** * The configuration for default new sheet settings. */ defaultNewSheetConfiguration: pulumi.Input; } interface TemplateAnchorDateConfigurationArgs { /** * The options for the date configuration. Choose one of the options below: * * - `NOW` */ anchorOption?: pulumi.Input; /** * The name of the parameter that is used for the anchor date configuration. */ parameterName?: pulumi.Input; } interface TemplateArcAxisConfigurationArgs { /** * The arc axis range of a `GaugeChartVisual` . */ range?: pulumi.Input; /** * The reserved range of the arc axis. */ reserveRange?: pulumi.Input; } interface TemplateArcAxisDisplayRangeArgs { /** * The maximum value of the arc axis range. */ max?: pulumi.Input; /** * The minimum value of the arc axis range. */ min?: pulumi.Input; } interface TemplateArcConfigurationArgs { /** * The option that determines the arc angle of a `GaugeChartVisual` . */ arcAngle?: pulumi.Input; /** * The options that determine the arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface TemplateArcOptionsArgs { /** * The arc thickness of a `GaugeChartVisual` . */ arcThickness?: pulumi.Input; } interface TemplateAssetOptionsArgs { /** * Determines the timezone for the analysis. */ timezone?: pulumi.Input; /** * Determines the week start day for an analysis. */ weekStart?: pulumi.Input; } interface TemplateAttributeAggregationFunctionArgs { /** * The built-in aggregation functions for attributes. * * - `UNIQUE_VALUE` : Returns the unique value for a field, aggregated by the dimension fields. */ simpleAttributeAggregation?: pulumi.Input; /** * Used by the `UNIQUE_VALUE` aggregation function. If there are multiple values for the field used by the aggregation, the value for this property will be returned instead. Defaults to '*'. */ valueForMultipleValues?: pulumi.Input; } interface TemplateAxisDataOptionsArgs { /** * The options for an axis with a date field. */ dateAxisOptions?: pulumi.Input; /** * The options for an axis with a numeric field. */ numericAxisOptions?: pulumi.Input; } interface TemplateAxisDisplayDataDrivenRangeArgs { } interface TemplateAxisDisplayMinMaxRangeArgs { /** * The maximum setup for an axis display range. */ maximum?: pulumi.Input; /** * The minimum setup for an axis display range. */ minimum?: pulumi.Input; } interface TemplateAxisDisplayOptionsArgs { /** * Determines whether or not the axis line is visible. */ axisLineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ axisOffset?: pulumi.Input; /** * The data options for an axis. */ dataOptions?: pulumi.Input; /** * Determines whether or not the grid line is visible. */ gridLineVisibility?: pulumi.Input; /** * The scroll bar options for an axis. */ scrollbarOptions?: pulumi.Input; /** * The tick label options of an axis. */ tickLabelOptions?: pulumi.Input; } interface TemplateAxisDisplayRangeArgs { /** * The data-driven setup of an axis display range. */ dataDriven?: pulumi.Input; /** * The minimum and maximum setup of an axis display range. */ minMax?: pulumi.Input; } interface TemplateAxisLabelOptionsArgs { /** * The options that indicate which field the label belongs to. */ applyTo?: pulumi.Input; /** * The text for the axis label. */ customLabel?: pulumi.Input; /** * The font configuration of the axis label. */ fontConfiguration?: pulumi.Input; } interface TemplateAxisLabelReferenceOptionsArgs { /** * The column that the axis label is targeted to. */ column: pulumi.Input; /** * The field that the axis label is targeted to. */ fieldId: pulumi.Input; } interface TemplateAxisLinearScaleArgs { /** * The step count setup of a linear axis. */ stepCount?: pulumi.Input; /** * The step size setup of a linear axis. */ stepSize?: pulumi.Input; } interface TemplateAxisLogarithmicScaleArgs { /** * The base setup of a logarithmic axis scale. */ base?: pulumi.Input; } interface TemplateAxisScaleArgs { /** * The linear axis scale setup. */ linear?: pulumi.Input; /** * The logarithmic axis scale setup. */ logarithmic?: pulumi.Input; } interface TemplateAxisTickLabelOptionsArgs { /** * Determines whether or not the axis ticks are visible. */ labelOptions?: pulumi.Input; /** * The rotation angle of the axis tick labels. */ rotationAngle?: pulumi.Input; } interface TemplateBarChartAggregatedFieldWellsArgs { /** * The category (y-axis) field well of a bar chart. */ category?: pulumi.Input[]>; /** * The color (group/color) field well of a bar chart. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a bar chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a bar chart. Values are aggregated by category. */ values?: pulumi.Input[]>; } interface TemplateBarChartConfigurationArgs { /** * Determines the arrangement of the bars. The orientation and arrangement of bars determine the type of bar that is used in the visual. */ barsArrangement?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for bar chart category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a color that is used in a bar chart. */ colorLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The orientation of the bars in a bar chart visual. There are two valid values in this structure: * * - `HORIZONTAL` : Used for charts that have horizontal bars. Visuals that use this value are horizontal bar charts, horizontal stacked bar charts, and horizontal stacked 100% bar charts. * - `VERTICAL` : Used for charts that have vertical bars. Visuals that use this value are vertical bar charts, vertical stacked bar charts, and vertical stacked 100% bar charts. */ orientation?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a `BarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) for a bar chart value. */ valueAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) for a bar chart value. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface TemplateBarChartFieldWellsArgs { /** * The aggregated field wells of a bar chart. */ barChartAggregatedFieldWells?: pulumi.Input; } interface TemplateBarChartSortConfigurationArgs { /** * The limit on the number of categories displayed in a bar chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of values displayed in a bar chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of color fields in a bar chart. */ colorSort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface TemplateBarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateBinCountOptionsArgs { /** * The options that determine the bin count value. */ value?: pulumi.Input; } interface TemplateBinWidthOptionsArgs { /** * The options that determine the bin count limit. */ binCountLimit?: pulumi.Input; /** * The options that determine the bin width value. */ value?: pulumi.Input; } interface TemplateBodySectionConfigurationArgs { /** * The configuration of content in a body section. */ content: pulumi.Input; /** * The configuration of a page break for a section. */ pageBreakConfiguration?: pulumi.Input; /** * Describes the configurations that are required to declare a section as repeating. */ repeatConfiguration?: pulumi.Input; /** * The unique identifier of a body section. */ sectionId: pulumi.Input; /** * The style options of a body section. */ style?: pulumi.Input; } interface TemplateBodySectionContentArgs { /** * The layout configuration of a body section. */ layout?: pulumi.Input; } interface TemplateBodySectionDynamicCategoryDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface TemplateBodySectionDynamicNumericDimensionConfigurationArgs { column: pulumi.Input; /** * Number of values to use from the column for repetition. */ limit?: pulumi.Input; /** * Sort criteria on the column values that you use for repetition. */ sortByMetrics?: pulumi.Input[]>; } interface TemplateBodySectionRepeatConfigurationArgs { /** * List of `BodySectionRepeatDimensionConfiguration` values that describe the dataset column and constraints for the column used to repeat the contents of a section. */ dimensionConfigurations?: pulumi.Input[]>; /** * List of visuals to exclude from repetition in repeating sections. The visuals will render identically, and ignore the repeating configurations in all repeating instances. */ nonRepeatingVisuals?: pulumi.Input[]>; /** * Page break configuration to apply for each repeating instance. */ pageBreakConfiguration?: pulumi.Input; } interface TemplateBodySectionRepeatDimensionConfigurationArgs { /** * Describes the *Category* dataset column and constraints around the dynamic values that will be used in repeating the section contents. */ dynamicCategoryDimensionConfiguration?: pulumi.Input; /** * Describes the *Numeric* dataset column and constraints around the dynamic values used to repeat the contents of a section. */ dynamicNumericDimensionConfiguration?: pulumi.Input; } interface TemplateBodySectionRepeatPageBreakConfigurationArgs { after?: pulumi.Input; } interface TemplateBoxPlotAggregatedFieldWellsArgs { /** * The group by field well of a box plot chart. Values are grouped based on group by fields. */ groupBy?: pulumi.Input[]>; /** * The value field well of a box plot chart. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface TemplateBoxPlotChartConfigurationArgs { /** * The box plot chart options for a box plot visual */ boxPlotOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility and sort Icon visibility) of a box plot category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; legend?: pulumi.Input; /** * The label display options (grid line, range, scale, axis step) of a box plot category. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility and sort icon visibility) of a box plot value. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The sort configuration of a `BoxPlotVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface TemplateBoxPlotFieldWellsArgs { /** * The aggregated field wells of a box plot. */ boxPlotAggregatedFieldWells?: pulumi.Input; } interface TemplateBoxPlotOptionsArgs { /** * Determines the visibility of all data points of the box plot. */ allDataPointsVisibility?: pulumi.Input; /** * Determines the visibility of the outlier in a box plot. */ outlierVisibility?: pulumi.Input; /** * The style options of the box plot. */ styleOptions?: pulumi.Input; } interface TemplateBoxPlotSortConfigurationArgs { /** * The sort configuration of a group by fields. */ categorySort?: pulumi.Input[]>; /** * The pagination configuration of a table visual or box plot. */ paginationConfiguration?: pulumi.Input; } interface TemplateBoxPlotStyleOptionsArgs { /** * The fill styles (solid, transparent) of the box plot. */ fillStyle?: pulumi.Input; } interface TemplateBoxPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateCalculatedFieldArgs { /** * The data set that is used in this calculated field. */ dataSetIdentifier: pulumi.Input; /** * The expression of the calculated field. */ expression: pulumi.Input; /** * The name of the calculated field. */ name: pulumi.Input; } interface TemplateCalculatedMeasureFieldArgs { /** * The expression in the table calculation. */ expression: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; } interface TemplateCascadingControlConfigurationArgs { /** * A list of source controls that determine the values that are used in the current control. */ sourceControls?: pulumi.Input[]>; } interface TemplateCascadingControlSourceArgs { /** * The column identifier that determines which column to look up for the source sheet control. */ columnToMatch?: pulumi.Input; /** * The source sheet control ID of a `CascadingControlSource` . */ sourceSheetControlId?: pulumi.Input; } interface TemplateCategoricalDimensionFieldArgs { /** * The column that is used in the `CategoricalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface TemplateCategoricalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `CategoricalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface TemplateCategoryDrillDownFilterArgs { /** * A list of the string inputs that are the values of the category drill down filter. */ categoryValues: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; } interface TemplateCategoryFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The configuration for a `CategoryFilter` . */ configuration: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; } interface TemplateCategoryFilterConfigurationArgs { /** * A custom filter that filters based on a single value. This filter can be partially matched. */ customFilterConfiguration?: pulumi.Input; /** * A list of custom filter values. In the Quick Sight console, this filter type is called a custom filter list. */ customFilterListConfiguration?: pulumi.Input; /** * A list of filter configurations. In the Quick Sight console, this filter type is called a filter list. */ filterListConfiguration?: pulumi.Input; } interface TemplateCategoryInnerFilterArgs { column: pulumi.Input; configuration: pulumi.Input; defaultFilterControlConfiguration?: pulumi.Input; } interface TemplateChartAxisLabelOptionsArgs { /** * The label options for a chart axis. */ axisLabelOptions?: pulumi.Input[]>; /** * The visibility configuration of the sort icon on a chart's axis label. */ sortIconVisibility?: pulumi.Input; /** * The visibility of an axis label on a chart. Choose one of the following options: * * - `VISIBLE` : Shows the axis. * - `HIDDEN` : Hides the axis. */ visibility?: pulumi.Input; } interface TemplateClusterMarkerArgs { /** * The simple cluster marker of the cluster marker. */ simpleClusterMarker?: pulumi.Input; } interface TemplateClusterMarkerConfigurationArgs { /** * The cluster marker that is a part of the cluster marker configuration. */ clusterMarker?: pulumi.Input; } interface TemplateColorScaleArgs { /** * Determines the color fill type. */ colorFillType: pulumi.Input; /** * Determines the list of colors that are applied to the visual. */ colors: pulumi.Input[]>; /** * Determines the color that is applied to null values. */ nullValueColor?: pulumi.Input; } interface TemplateColorsConfigurationArgs { /** * A list of up to 50 custom colors. */ customColors?: pulumi.Input[]>; } interface TemplateColumnConfigurationArgs { /** * The color configurations of the column. */ colorsConfiguration?: pulumi.Input; /** * The column. */ column: pulumi.Input; /** * The format configuration of a column. */ formatConfiguration?: pulumi.Input; /** * The role of the column. */ role?: pulumi.Input; } /** *

A structure describing the name, data type, and geographic role of the columns.

*/ interface TemplateColumnGroupColumnSchemaArgs { /** *

The name of the column group's column schema.

*/ name?: pulumi.Input; } /** *

The column group schema.

*/ interface TemplateColumnGroupSchemaArgs { /** *

A structure containing the list of schemas for column group columns.

*/ columnGroupColumnSchemaList?: pulumi.Input[]>; /** *

The name of the column group schema.

*/ name?: pulumi.Input; } interface TemplateColumnHierarchyArgs { /** * The option that determines the hierarchy of any `DateTime` fields. */ dateTimeHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are built within a visual's field wells. These fields can't be duplicated to other visuals. */ explicitHierarchy?: pulumi.Input; /** * The option that determines the hierarchy of the fields that are defined during data preparation. These fields are available to use in any analysis that uses the data source. */ predefinedHierarchy?: pulumi.Input; } interface TemplateColumnIdentifierArgs { /** * The name of the column. */ columnName: pulumi.Input; /** * The data set that the column belongs to. */ dataSetIdentifier: pulumi.Input; } /** *

The column schema.

*/ interface TemplateColumnSchemaArgs { /** *

The data type of the column schema.

*/ dataType?: pulumi.Input; /** *

The geographic role of the column schema.

*/ geographicRole?: pulumi.Input; /** *

The name of the column schema.

*/ name?: pulumi.Input; } interface TemplateColumnSortArgs { /** * The aggregation function that is defined in the column sort. */ aggregationFunction?: pulumi.Input; /** * The sort direction. */ direction: pulumi.Input; sortBy: pulumi.Input; } interface TemplateColumnTooltipItemArgs { /** * The aggregation function of the column tooltip item. */ aggregation?: pulumi.Input; /** * The target column of the tooltip item. */ column: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the column tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface TemplateComboChartAggregatedFieldWellsArgs { /** * The aggregated `BarValues` field well of a combo chart. */ barValues?: pulumi.Input[]>; /** * The aggregated category field wells of a combo chart. */ category?: pulumi.Input[]>; /** * The aggregated colors field well of a combo chart. */ colors?: pulumi.Input[]>; /** * The aggregated `LineValues` field well of a combo chart. */ lineValues?: pulumi.Input[]>; } interface TemplateComboChartConfigurationArgs { /** * The options that determine if visual data labels are displayed. * * The data label options for a bar in a combo chart. */ barDataLabels?: pulumi.Input; /** * Determines the bar arrangement in a combo chart. The following are valid values in this structure: * * - `CLUSTERED` : For clustered bar combo charts. * - `STACKED` : For stacked bar combo charts. * - `STACKED_PERCENT` : Do not use. If you use this value, the operation returns a validation error. */ barsArrangement?: pulumi.Input; /** * The category axis of a combo chart. */ categoryAxis?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart category (group/color) field well. */ categoryLabelOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's color field well. */ colorLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The options that determine if visual data labels are displayed. * * The data label options for a line in a combo chart. */ lineDataLabels?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's primary y-axis (bar) field well. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference line setup of the visual. */ referenceLines?: pulumi.Input[]>; /** * The label display options (grid line, range, scale, axis step) of a combo chart's secondary y-axis (line) field well. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of a combo chart's secondary y-axis(line) field well. */ secondaryYAxisLabelOptions?: pulumi.Input; singleAxisOptions?: pulumi.Input; /** * The sort configuration of a `ComboChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface TemplateComboChartFieldWellsArgs { /** * The aggregated field wells of a combo chart. Combo charts only have aggregated field wells. Columns in a combo chart are aggregated by category. */ comboChartAggregatedFieldWells?: pulumi.Input; } interface TemplateComboChartSortConfigurationArgs { /** * The item limit configuration for the category field well of a combo chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category field well in a combo chart. */ categorySort?: pulumi.Input[]>; /** * The item limit configuration of the color field well in a combo chart. */ colorItemsLimit?: pulumi.Input; /** * The sort configuration of the color field well in a combo chart. */ colorSort?: pulumi.Input[]>; } interface TemplateComboChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateComparisonConfigurationArgs { /** * The format of the comparison. */ comparisonFormat?: pulumi.Input; /** * The method of the comparison. Choose from the following options: * * - `DIFFERENCE` * - `PERCENT_DIFFERENCE` * - `PERCENT` */ comparisonMethod?: pulumi.Input; } interface TemplateComparisonFormatConfigurationArgs { /** * The number display format. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The percentage display format. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface TemplateComputationArgs { /** * The forecast computation configuration. */ forecast?: pulumi.Input; /** * The growth rate computation configuration. */ growthRate?: pulumi.Input; /** * The maximum and minimum computation configuration. */ maximumMinimum?: pulumi.Input; /** * The metric comparison computation configuration. */ metricComparison?: pulumi.Input; /** * The period over period computation configuration. */ periodOverPeriod?: pulumi.Input; /** * The period to `DataSetIdentifier` computation configuration. */ periodToDate?: pulumi.Input; /** * The top movers and bottom movers computation configuration. */ topBottomMovers?: pulumi.Input; /** * The top ranked and bottom ranked computation configuration. */ topBottomRanked?: pulumi.Input; /** * The total aggregation computation configuration. */ totalAggregation?: pulumi.Input; /** * The unique values computation configuration. */ uniqueValues?: pulumi.Input; } interface TemplateConditionalFormattingColorArgs { /** * Formatting configuration for gradient color. */ gradient?: pulumi.Input; /** * Formatting configuration for solid color. */ solid?: pulumi.Input; } interface TemplateConditionalFormattingCustomIconConditionArgs { /** * Determines the color of the icon. */ color?: pulumi.Input; /** * Determines the icon display configuration. */ displayConfiguration?: pulumi.Input; /** * The expression that determines the condition of the icon set. */ expression: pulumi.Input; /** * Custom icon options for an icon set. */ iconOptions: pulumi.Input; } interface TemplateConditionalFormattingCustomIconOptionsArgs { /** * Determines the type of icon. */ icon?: pulumi.Input; /** * Determines the Unicode icon type. */ unicodeIcon?: pulumi.Input; } interface TemplateConditionalFormattingGradientColorArgs { /** * Determines the color. */ color: pulumi.Input; /** * The expression that determines the formatting configuration for gradient color. */ expression: pulumi.Input; } interface TemplateConditionalFormattingIconArgs { /** * Determines the custom condition for an icon set. */ customCondition?: pulumi.Input; /** * Formatting configuration for icon set. */ iconSet?: pulumi.Input; } interface TemplateConditionalFormattingIconDisplayConfigurationArgs { /** * Determines the icon display configuration. */ iconDisplayOption?: pulumi.Input; } interface TemplateConditionalFormattingIconSetArgs { /** * The expression that determines the formatting configuration for the icon set. */ expression: pulumi.Input; /** * Determines the icon set type. */ iconSetType?: pulumi.Input; } interface TemplateConditionalFormattingSolidColorArgs { /** * Determines the color. */ color?: pulumi.Input; /** * The expression that determines the formatting configuration for solid color. */ expression: pulumi.Input; } interface TemplateContextMenuOptionArgs { /** * The availability status of the context menu options. If the value of this property is set to `ENABLED` , dashboard readers can interact with the context menu. */ availabilityStatus?: pulumi.Input; } interface TemplateContributionAnalysisDefaultArgs { /** * The dimensions columns that are used in the contribution analysis, usually a list of `ColumnIdentifiers` . */ contributorDimensions: pulumi.Input[]>; /** * The measure field that is used in the contribution analysis. */ measureFieldId: pulumi.Input; } interface TemplateCurrencyDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value for the currency format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the currency format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the currency format. */ suffix?: pulumi.Input; /** * Determines the symbol for the currency format. */ symbol?: pulumi.Input; } interface TemplateCustomActionFilterOperationArgs { /** * The configuration that chooses the fields to be filtered. */ selectedFieldsConfiguration: pulumi.Input; /** * The configuration that chooses the target visuals to be filtered. */ targetVisualsConfiguration: pulumi.Input; } interface TemplateCustomActionNavigationOperationArgs { /** * The configuration that chooses the navigation target. */ localNavigationConfiguration?: pulumi.Input; } interface TemplateCustomActionSetParametersOperationArgs { /** * The parameter that determines the value configuration. */ parameterValueConfigurations: pulumi.Input[]>; } interface TemplateCustomActionUrlOperationArgs { /** * The target of the `CustomActionURLOperation` . * * Valid values are defined as follows: * * - `NEW_TAB` : Opens the target URL in a new browser tab. * - `NEW_WINDOW` : Opens the target URL in a new browser window. * - `SAME_TAB` : Opens the target URL in the same browser tab. */ urlTarget: pulumi.Input; /** * THe URL link of the `CustomActionURLOperation` . */ urlTemplate: pulumi.Input; } interface TemplateCustomColorArgs { /** * The color that is applied to the data value. */ color: pulumi.Input; /** * The data value that the color is applied to. */ fieldValue?: pulumi.Input; /** * The value of a special data value. */ specialValue?: pulumi.Input; } interface TemplateCustomContentConfigurationArgs { /** * The content type of the custom content visual. You can use this to have the visual render as an image. */ contentType?: pulumi.Input; /** * The input URL that links to the custom content that you want in the custom visual. */ contentUrl?: pulumi.Input; /** * The sizing options for the size of the custom content visual. This structure is required when the `ContentType` of the visual is `'IMAGE'` . */ imageScaling?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface TemplateCustomContentVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `CustomContentVisual` . */ chartConfiguration?: pulumi.Input; /** * The dataset that is used to create the custom content visual. You can't create a visual without a dataset. */ dataSetIdentifier: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateCustomFilterConfigurationArgs { /** * The category value for the filter. * * This field is mutually exclusive to `ParameterName` . */ categoryValue?: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `CategoryValue` . */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface TemplateCustomFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface TemplateCustomNarrativeOptionsArgs { /** * The string input of custom narrative. */ narrative: pulumi.Input; } interface TemplateCustomParameterValuesArgs { /** * A list of datetime-type parameter values. */ dateTimeValues?: pulumi.Input[]>; /** * A list of decimal-type parameter values. */ decimalValues?: pulumi.Input[]>; /** * A list of integer-type parameter values. */ integerValues?: pulumi.Input[]>; /** * A list of string-type parameter values. */ stringValues?: pulumi.Input[]>; } interface TemplateCustomValuesConfigurationArgs { customValues: pulumi.Input; /** * Includes the null value in custom action parameter values. */ includeNullValue?: pulumi.Input; } interface TemplateDataBarsOptionsArgs { /** * The field ID for the data bars options. */ fieldId: pulumi.Input; /** * The color of the negative data bar. */ negativeColor?: pulumi.Input; /** * The color of the positive data bar. */ positiveColor?: pulumi.Input; } interface TemplateDataColorArgs { /** * The color that is applied to the data value. */ color?: pulumi.Input; /** * The data value that the color is applied to. */ dataValue?: pulumi.Input; } interface TemplateDataFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field that you are setting the axis binding to. */ fieldId: pulumi.Input; /** * The field value of the field that you are setting the axis binding to. */ fieldValue?: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface TemplateDataLabelOptionsArgs { /** * Determines the visibility of the category field labels. */ categoryLabelVisibility?: pulumi.Input; /** * The option that determines the data label type. */ dataLabelTypes?: pulumi.Input[]>; /** * Determines the color of the data labels. */ labelColor?: pulumi.Input; /** * Determines the content of the data labels. */ labelContent?: pulumi.Input; /** * Determines the font configuration of the data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the visibility of the measure field labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines whether overlap is enabled or disabled for the data labels. */ overlap?: pulumi.Input; /** * Determines the position of the data labels. */ position?: pulumi.Input; /** * Determines the visibility of the total. */ totalsVisibility?: pulumi.Input; /** * Determines the visibility of the data labels. */ visibility?: pulumi.Input; } interface TemplateDataLabelTypeArgs { /** * The option that specifies individual data values for labels. */ dataPathLabelType?: pulumi.Input; /** * Determines the label configuration for the entire field. */ fieldLabelType?: pulumi.Input; /** * Determines the label configuration for the maximum value in a visual. */ maximumLabelType?: pulumi.Input; /** * Determines the label configuration for the minimum value in a visual. */ minimumLabelType?: pulumi.Input; /** * Determines the label configuration for range end value in a visual. */ rangeEndsLabelType?: pulumi.Input; } interface TemplateDataPathColorArgs { /** * The color that needs to be applied to the element. */ color: pulumi.Input; /** * The element that the color needs to be applied to. */ element: pulumi.Input; /** * The time granularity of the field that the color needs to be applied to. */ timeGranularity?: pulumi.Input; } interface TemplateDataPathLabelTypeArgs { /** * The field ID of the field that the data label needs to be applied to. */ fieldId?: pulumi.Input; /** * The actual value of the field that is labeled. */ fieldValue?: pulumi.Input; /** * The visibility of the data label. */ visibility?: pulumi.Input; } interface TemplateDataPathSortArgs { /** * Determines the sort direction. */ direction: pulumi.Input; /** * The list of data paths that need to be sorted. */ sortPaths: pulumi.Input[]>; } interface TemplateDataPathTypeArgs { /** * The type of data path value utilized in a pivot table. Choose one of the following options: * * - `HIERARCHY_ROWS_LAYOUT_COLUMN` - The type of data path for the rows layout column, when `RowsLayout` is set to `HIERARCHY` . * - `MULTIPLE_ROW_METRICS_COLUMN` - The type of data path for the metric column when the row is set to Metric Placement. * - `EMPTY_COLUMN_HEADER` - The type of data path for the column with empty column header, when there is no field in `ColumnsFieldWell` and the row is set to Metric Placement. * - `COUNT_METRIC_COLUMN` - The type of data path for the column with `COUNT` as the metric, when there is no field in the `ValuesFieldWell` . */ pivotTableDataPathType?: pulumi.Input; } interface TemplateDataPathValueArgs { /** * The type configuration of the field. */ dataPathType?: pulumi.Input; /** * The field ID of the field that needs to be sorted. */ fieldId?: pulumi.Input; /** * The actual value of the field that needs to be sorted. */ fieldValue?: pulumi.Input; } /** *

Dataset configuration.

*/ interface TemplateDataSetConfigurationArgs { /** *

A structure containing the list of column group schemas.

*/ columnGroupSchemaList?: pulumi.Input[]>; /** * Dataset schema. */ dataSetSchema?: pulumi.Input; /** *

Placeholder.

*/ placeholder?: pulumi.Input; } /** *

Dataset reference.

*/ interface TemplateDataSetReferenceArgs { /** *

Dataset Amazon Resource Name (ARN).

*/ dataSetArn: pulumi.Input; /** *

Dataset placeholder.

*/ dataSetPlaceholder: pulumi.Input; } /** *

Dataset schema.

*/ interface TemplateDataSetSchemaArgs { /** *

A structure containing the list of column schemas.

*/ columnSchemaList?: pulumi.Input[]>; } interface TemplateDateAxisOptionsArgs { /** * Determines whether or not missing dates are displayed. */ missingDateVisibility?: pulumi.Input; } interface TemplateDateDimensionFieldArgs { /** * The column that is used in the `DateDimensionField` . */ column: pulumi.Input; /** * The date granularity of the `DateDimensionField` . Choose one of the following options: * * - `YEAR` * - `QUARTER` * - `MONTH` * - `WEEK` * - `DAY` * - `HOUR` * - `MINUTE` * - `SECOND` * - `MILLISECOND` */ dateGranularity?: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface TemplateDateMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `DateMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface TemplateDateTimeDefaultValuesArgs { /** * The dynamic value of the `DataTimeDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The rolling date of the `DataTimeDefaultValues` . The date is determined from the dataset based on input expression. */ rollingDate?: pulumi.Input; /** * The static values of the `DataTimeDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface TemplateDateTimeFormatConfigurationArgs { /** * Determines the `DateTime` format. */ dateTimeFormat?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric `DateTime` fields. */ numericFormatConfiguration?: pulumi.Input; } interface TemplateDateTimeHierarchyArgs { /** * The option that determines the drill down filters for the `DateTime` hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the `DateTime` hierarchy. */ hierarchyId: pulumi.Input; } interface TemplateDateTimeParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The configuration that defines the default value of a `DateTime` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface TemplateDateTimePickerControlDisplayOptionsArgs { /** * The date icon visibility of the `DateTimePickerControlDisplayOptions` . */ dateIconVisibility?: pulumi.Input; /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The helper text visibility of the `DateTimePickerControlDisplayOptions` . */ helperTextVisibility?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateDateTimeValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface TemplateDecimalDefaultValuesArgs { /** * The dynamic value of the `DecimalDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface TemplateDecimalParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `Decimal` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface TemplateDecimalPlacesConfigurationArgs { /** * The values of the decimal places. */ decimalPlaces: pulumi.Input; } interface TemplateDecimalValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface TemplateDefaultDateTimePickerControlOptionsArgs { /** * The visibility configuration of the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The date time picker type of the `DefaultDateTimePickerControlOptions` . Choose one of the following options: * * - `SINGLE_VALUED` : The filter condition is a fixed date. * - `DATE_RANGE` : The filter condition is a date time range. */ type?: pulumi.Input; } interface TemplateDefaultFilterControlConfigurationArgs { /** * The control option for the `DefaultFilterControlConfiguration` . */ controlOptions: pulumi.Input; /** * The title of the `DefaultFilterControlConfiguration` . This title is shared by all controls that are tied to this filter. */ title: pulumi.Input; } interface TemplateDefaultFilterControlOptionsArgs { /** * The default options that correspond to the filter control type of a `DateTimePicker` . */ defaultDateTimePickerOptions?: pulumi.Input; /** * The default options that correspond to the `Dropdown` filter control type. */ defaultDropdownOptions?: pulumi.Input; /** * The default options that correspond to the `List` filter control type. */ defaultListOptions?: pulumi.Input; /** * The default options that correspond to the `RelativeDateTime` filter control type. */ defaultRelativeDateTimeOptions?: pulumi.Input; /** * The default options that correspond to the `Slider` filter control type. */ defaultSliderOptions?: pulumi.Input; /** * The default options that correspond to the `TextArea` filter control type. */ defaultTextAreaOptions?: pulumi.Input; /** * The default options that correspond to the `TextField` filter control type. */ defaultTextFieldOptions?: pulumi.Input; } interface TemplateDefaultFilterDropDownControlOptionsArgs { /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface TemplateDefaultFilterListControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The type of the `DefaultFilterListControlOptions` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface TemplateDefaultFreeFormLayoutConfigurationArgs { /** * Determines the screen canvas size options for a free-form layout. */ canvasSizeOptions: pulumi.Input; } interface TemplateDefaultGridLayoutConfigurationArgs { /** * Determines the screen canvas size options for a grid layout. */ canvasSizeOptions: pulumi.Input; } interface TemplateDefaultInteractiveLayoutConfigurationArgs { /** * The options that determine the default settings of a free-form layout configuration. */ freeForm?: pulumi.Input; /** * The options that determine the default settings for a grid layout configuration. */ grid?: pulumi.Input; } interface TemplateDefaultNewSheetConfigurationArgs { /** * The options that determine the default settings for interactive layout configuration. */ interactiveLayoutConfiguration?: pulumi.Input; /** * The options that determine the default settings for a paginated layout configuration. */ paginatedLayoutConfiguration?: pulumi.Input; /** * The option that determines the sheet content type. */ sheetContentType?: pulumi.Input; } interface TemplateDefaultPaginatedLayoutConfigurationArgs { /** * The options that determine the default settings for a section-based layout configuration. */ sectionBased?: pulumi.Input; } interface TemplateDefaultRelativeDateTimeControlOptionsArgs { /** * The visibility configuration of the Apply button on a `RelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface TemplateDefaultSectionBasedLayoutConfigurationArgs { /** * Determines the screen canvas size options for a section-based layout. */ canvasSizeOptions: pulumi.Input; } interface TemplateDefaultSliderControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The type of the `DefaultSliderControlOptions` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface TemplateDefaultTextAreaControlOptionsArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface TemplateDefaultTextFieldControlOptionsArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; } interface TemplateDestinationParameterValueConfigurationArgs { /** * The configuration of custom values for destination parameter in `DestinationParameterValueConfiguration` . */ customValuesConfiguration?: pulumi.Input; /** * The configuration that selects all options. */ selectAllValueOptions?: pulumi.Input; /** * A column of a data set. */ sourceColumn?: pulumi.Input; /** * The source field ID of the destination parameter. */ sourceField?: pulumi.Input; /** * The source parameter name of the destination parameter. */ sourceParameterName?: pulumi.Input; } interface TemplateDimensionFieldArgs { /** * The dimension type field with categorical type columns. */ categoricalDimensionField?: pulumi.Input; /** * The dimension type field with date type columns. */ dateDimensionField?: pulumi.Input; /** * The dimension type field with numerical type columns. */ numericalDimensionField?: pulumi.Input; } interface TemplateDonutCenterOptionsArgs { /** * Determines the visibility of the label in a donut chart. In the Quick Sight console, this option is called `'Show total'` . */ labelVisibility?: pulumi.Input; } interface TemplateDonutOptionsArgs { /** * The option for define the arc of the chart shape. Valid values are as follows: * * - `WHOLE` - A pie chart * - `SMALL` - A small-sized donut chart * - `MEDIUM` - A medium-sized donut chart * - `LARGE` - A large-sized donut chart */ arcOptions?: pulumi.Input; /** * The label options of the label that is displayed in the center of a donut chart. This option isn't available for pie charts. */ donutCenterOptions?: pulumi.Input; } interface TemplateDrillDownFilterArgs { /** * The category type drill down filter. This filter is used for string type columns. */ categoryFilter?: pulumi.Input; /** * The numeric equality type drill down filter. This filter is used for number type columns. */ numericEqualityFilter?: pulumi.Input; /** * The time range drill down filter. This filter is used for date time columns. */ timeRangeFilter?: pulumi.Input; } interface TemplateDropDownControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a dropdown control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateDynamicDefaultValueArgs { /** * The column that contains the default value of each user or group. */ defaultValueColumn: pulumi.Input; /** * The column that contains the group name. */ groupNameColumn?: pulumi.Input; /** * The column that contains the username. */ userNameColumn?: pulumi.Input; } interface TemplateEmptyVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The data set that is used in the empty visual. Every visual requires a dataset to render. */ dataSetIdentifier: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateExcludePeriodConfigurationArgs { /** * The amount or number of the exclude period. */ amount: pulumi.Input; /** * The granularity or unit (day, month, year) of the exclude period. */ granularity: pulumi.Input; /** * The status of the exclude period. Choose from the following options: * * - `ENABLED` * - `DISABLED` */ status?: pulumi.Input; } interface TemplateExplicitHierarchyArgs { /** * The list of columns that define the explicit hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the explicit hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the explicit hierarchy. */ hierarchyId: pulumi.Input; } interface TemplateFieldBasedTooltipArgs { /** * The visibility of `Show aggregations` . */ aggregationVisibility?: pulumi.Input; /** * The fields configuration in the tooltip. */ tooltipFields?: pulumi.Input[]>; /** * The type for the >tooltip title. Choose one of the following options: * * - `NONE` : Doesn't use the primary value as the title. * - `PRIMARY_VALUE` : Uses primary value as the title. */ tooltipTitleType?: pulumi.Input; } interface TemplateFieldLabelTypeArgs { /** * Indicates the field that is targeted by the field label. */ fieldId?: pulumi.Input; /** * The visibility of the field label. */ visibility?: pulumi.Input; } interface TemplateFieldSeriesItemArgs { /** * The axis that you are binding the field to. */ axisBinding: pulumi.Input; /** * The field ID of the field for which you are setting the axis binding. */ fieldId: pulumi.Input; /** * The options that determine the presentation of line series associated to the field. */ settings?: pulumi.Input; } interface TemplateFieldSortArgs { /** * The sort direction. Choose one of the following options: * * - `ASC` : Ascending * - `DESC` : Descending */ direction: pulumi.Input; /** * The sort configuration target field. */ fieldId: pulumi.Input; } interface TemplateFieldSortOptionsArgs { /** * The sort configuration for a column that is not used in a field well. */ columnSort?: pulumi.Input; /** * The sort configuration for a field in a field well. */ fieldSort?: pulumi.Input; } interface TemplateFieldTooltipItemArgs { /** * The unique ID of the field that is targeted by the tooltip. */ fieldId: pulumi.Input; /** * The label of the tooltip item. */ label?: pulumi.Input; /** * Determines the target of the field tooltip item in a combo chart visual. */ tooltipTarget?: pulumi.Input; /** * The visibility of the tooltip item. */ visibility?: pulumi.Input; } interface TemplateFilledMapAggregatedFieldWellsArgs { /** * The aggregated location field well of the filled map. Values are grouped by location fields. */ geospatial?: pulumi.Input[]>; /** * The aggregated color field well of a filled map. Values are aggregated based on location fields. */ values?: pulumi.Input[]>; } interface TemplateFilledMapConditionalFormattingArgs { /** * Conditional formatting options of a `FilledMapVisual` . */ conditionalFormattingOptions: pulumi.Input[]>; } interface TemplateFilledMapConditionalFormattingOptionArgs { /** * The conditional formatting that determines the shape of the filled map. */ shape: pulumi.Input; } interface TemplateFilledMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the filled map visual. */ mapStyleOptions?: pulumi.Input; /** * The sort configuration of a `FilledMapVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The window options of the filled map visual. */ windowOptions?: pulumi.Input; } interface TemplateFilledMapFieldWellsArgs { /** * The aggregated field well of the filled map. */ filledMapAggregatedFieldWells?: pulumi.Input; } interface TemplateFilledMapShapeConditionalFormattingArgs { /** * The field ID of the filled map shape. */ fieldId: pulumi.Input; /** * The conditional formatting that determines the background color of a filled map's shape. */ format?: pulumi.Input; } interface TemplateFilledMapSortConfigurationArgs { /** * The sort configuration of the location fields. */ categorySort?: pulumi.Input[]>; } interface TemplateFilledMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a `FilledMapVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateFilterArgs { /** * A `CategoryFilter` filters text values. * * For more information, see [Adding text filters](https://docs.aws.amazon.com/quicksight/latest/user/add-a-text-filter-data-prep.html) in the *Amazon Quick Suite User Guide* . */ categoryFilter?: pulumi.Input; /** * A `NestedFilter` filters data with a subset of data that is defined by the nested inner filter. */ nestedFilter?: pulumi.Input; /** * A `NumericEqualityFilter` filters numeric values that equal or do not equal a given numeric value. */ numericEqualityFilter?: pulumi.Input; /** * A `NumericRangeFilter` filters numeric values that are either inside or outside a given numeric range. */ numericRangeFilter?: pulumi.Input; /** * A `RelativeDatesFilter` filters date values that are relative to a given date. */ relativeDatesFilter?: pulumi.Input; /** * A `TimeEqualityFilter` filters date-time values that equal or do not equal a given date/time value. */ timeEqualityFilter?: pulumi.Input; /** * A `TimeRangeFilter` filters date-time values that are either inside or outside a given date/time range. */ timeRangeFilter?: pulumi.Input; /** * A `TopBottomFilter` filters data to the top or bottom values for a given column. */ topBottomFilter?: pulumi.Input; } interface TemplateFilterControlArgs { /** * A control from a filter that is scoped across more than one sheet. This represents your filter control on a sheet */ crossSheet?: pulumi.Input; /** * A control from a date filter that is used to specify date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list of buttons or boxes. This is used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control from a date filter that is used to specify the relative date. */ relativeDateTime?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface TemplateFilterCrossSheetControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The ID of the `FilterCrossSheetControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterCrossSheetControl` . */ sourceFilterId: pulumi.Input; } interface TemplateFilterDateTimePickerControlArgs { /** * The visibility configurationof the Apply button on a `DateTimePickerControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDateTimePickerControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterDateTimePickerControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDateTimePickerControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface TemplateFilterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `FilterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of the `FilterDropDownControl` . */ displayOptions?: pulumi.Input; /** * The ID of the `FilterDropDownControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterDropDownControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterDropDownControl` . */ title: pulumi.Input; /** * The type of the `FilterDropDownControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from a dropdown menu. * - `SINGLE_SELECT` : The user can select a single entry from a dropdown menu. */ type?: pulumi.Input; } interface TemplateFilterGroupArgs { /** * The filter new feature which can apply filter group to all data sets. Choose one of the following options: * * - `ALL_DATASETS` * - `SINGLE_DATASET` */ crossDataset: pulumi.Input; /** * The value that uniquely identifies a `FilterGroup` within a dashboard, template, or analysis. */ filterGroupId: pulumi.Input; /** * The list of filters that are present in a `FilterGroup` . */ filters: pulumi.Input[]>; /** * The configuration that specifies what scope to apply to a `FilterGroup` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ scopeConfiguration: pulumi.Input; /** * The status of the `FilterGroup` . */ status?: pulumi.Input; } interface TemplateFilterListConfigurationArgs { /** * The list of category values for the filter. */ categoryValues?: pulumi.Input[]>; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface TemplateFilterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterListControl` . */ filterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source filter ID of the `FilterListControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterListControl` . */ title: pulumi.Input; /** * The type of the `FilterListControl` . Choose one of the following options: * * - `MULTI_SELECT` : The user can select multiple entries from the list. * - `SINGLE_SELECT` : The user can select a single entry from the list. */ type?: pulumi.Input; } interface TemplateFilterOperationSelectedFieldsConfigurationArgs { /** *

The selected columns of a dataset.

*/ selectedColumns?: pulumi.Input[]>; /** * A structure that contains the options that choose which fields are filtered in the `CustomActionFilterOperation` . * * Valid values are defined as follows: * * - `ALL_FIELDS` : Applies the filter operation to all fields. */ selectedFieldOptions?: pulumi.Input; /** * Chooses the fields that are filtered in `CustomActionFilterOperation` . */ selectedFields?: pulumi.Input[]>; } interface TemplateFilterOperationTargetVisualsConfigurationArgs { /** * The configuration of the same-sheet target visuals that you want to be filtered. */ sameSheetTargetVisualConfiguration?: pulumi.Input; } interface TemplateFilterRelativeDateTimeControlArgs { /** * The visibility configuration of the Apply button on a `FilterRelativeDateTimeControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface TemplateFilterScopeConfigurationArgs { /** * The configuration that applies a filter to all sheets. When you choose `AllSheets` as the value for a `FilterScopeConfiguration` , this filter is applied to all visuals of all sheets in an Analysis, Dashboard, or Template. The `AllSheetsFilterScopeConfiguration` is chosen. */ allSheets?: pulumi.Input; /** * The configuration for applying a filter to specific sheets. */ selectedSheets?: pulumi.Input; } interface TemplateFilterSelectableValuesArgs { /** * The values that are used in the `FilterSelectableValues` . */ values?: pulumi.Input[]>; } interface TemplateFilterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterSliderControl` . */ filterControlId: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The source filter ID of the `FilterSliderControl` . */ sourceFilterId: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `FilterSliderControl` . */ title: pulumi.Input; /** * The type of the `FilterSliderControl` . Choose one of the following options: * * - `SINGLE_POINT` : Filter against(equals) a single data point. * - `RANGE` : Filter data that is in a specified range. */ type?: pulumi.Input; } interface TemplateFilterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextAreaControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextAreaControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextAreaControl` . */ title: pulumi.Input; } interface TemplateFilterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `FilterTextFieldControl` . */ filterControlId: pulumi.Input; /** * The source filter ID of the `FilterTextFieldControl` . */ sourceFilterId: pulumi.Input; /** * The title of the `FilterTextFieldControl` . */ title: pulumi.Input; } interface TemplateFontConfigurationArgs { /** * Determines the color of the text. */ fontColor?: pulumi.Input; /** * Determines the appearance of decorative lines on the text. */ fontDecoration?: pulumi.Input; /** * The font family that you want to use. */ fontFamily?: pulumi.Input; /** * The option that determines the text display size. */ fontSize?: pulumi.Input; /** * Determines the text display face that is inherited by the given font family. */ fontStyle?: pulumi.Input; /** * The option that determines the text display weight, or boldness. */ fontWeight?: pulumi.Input; } interface TemplateFontSizeArgs { /** * String based length that is composed of value and unit in px */ absolute?: pulumi.Input; /** * The lexical name for the text size, proportional to its surrounding context. */ relative?: pulumi.Input; } interface TemplateFontWeightArgs { /** * The lexical name for the level of boldness of the text display. */ name?: pulumi.Input; } interface TemplateForecastComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The custom seasonality value setup of a forecast computation. */ customSeasonalityValue?: pulumi.Input; /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `AUTOMATIC` * - `CUSTOM` : Checks the custom seasonality value. */ seasonality?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateForecastConfigurationArgs { /** * The forecast properties setup of a forecast in the line chart. */ forecastProperties?: pulumi.Input; /** * The forecast scenario of a forecast in the line chart. */ scenario?: pulumi.Input; } interface TemplateForecastScenarioArgs { /** * The what-if analysis forecast setup with the target date. */ whatIfPointScenario?: pulumi.Input; /** * The what-if analysis forecast setup with the date range. */ whatIfRangeScenario?: pulumi.Input; } interface TemplateFormatConfigurationArgs { /** * Formatting configuration for `DateTime` fields. */ dateTimeFormatConfiguration?: pulumi.Input; /** * Formatting configuration for number fields. */ numberFormatConfiguration?: pulumi.Input; /** * Formatting configuration for string fields. */ stringFormatConfiguration?: pulumi.Input; } interface TemplateFreeFormLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a free-form layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface TemplateFreeFormLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a free-form layout. */ elements: pulumi.Input[]>; } interface TemplateFreeFormLayoutElementArgs { /** * The background style configuration of a free-form layout element. */ backgroundStyle?: pulumi.Input; /** * The border style configuration of a free-form layout element. */ borderStyle?: pulumi.Input; /** * A unique identifier for an element within a free-form layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; /** * String based length that is composed of value and unit in px */ height: pulumi.Input; /** * The loading animation configuration of a free-form layout element. */ loadingAnimation?: pulumi.Input; /** * The rendering rules that determine when an element should be displayed within a free-form layout. */ renderingRules?: pulumi.Input[]>; /** * The border style configuration of a free-form layout element. This border style is used when the element is selected. */ selectedBorderStyle?: pulumi.Input; /** * The visibility of an element within a free-form layout. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width: pulumi.Input; /** * String based length that is composed of value and unit in px */ xAxisLocation: pulumi.Input; /** * String based length that is composed of value and unit in px with Integer.MAX_VALUE as maximum value */ yAxisLocation: pulumi.Input; } interface TemplateFreeFormLayoutElementBackgroundStyleArgs { /** * The background color of a free-form layout element. */ color?: pulumi.Input; /** * The background visibility of a free-form layout element. */ visibility?: pulumi.Input; } interface TemplateFreeFormLayoutElementBorderStyleArgs { /** * The border color of a free-form layout element. */ color?: pulumi.Input; /** * The border visibility of a free-form layout element. */ visibility?: pulumi.Input; } interface TemplateFreeFormLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth: pulumi.Input; } interface TemplateFreeFormSectionLayoutConfigurationArgs { /** * The elements that are included in the free-form layout. */ elements: pulumi.Input[]>; } interface TemplateFunnelChartAggregatedFieldWellsArgs { /** * The category field wells of a funnel chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The value field wells of a funnel chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface TemplateFunnelChartConfigurationArgs { /** * The label options of the categories that are displayed in a `FunnelChartVisual` . */ categoryLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the data labels. */ dataLabelOptions?: pulumi.Input; /** * The field well configuration of a `FunnelChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a `FunnelChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a `FunnelChartVisual` . */ tooltip?: pulumi.Input; /** * The label options for the values that are displayed in a `FunnelChartVisual` . */ valueLabelOptions?: pulumi.Input; /** * The visual palette configuration of a `FunnelChartVisual` . */ visualPalette?: pulumi.Input; } interface TemplateFunnelChartDataLabelOptionsArgs { /** * The visibility of the category labels within the data labels. */ categoryLabelVisibility?: pulumi.Input; /** * The color of the data label text. */ labelColor?: pulumi.Input; /** * The font configuration for the data labels. * * Only the `FontSize` attribute of the font configuration is used for data labels. */ labelFontConfiguration?: pulumi.Input; /** * Determines the style of the metric labels. */ measureDataLabelStyle?: pulumi.Input; /** * The visibility of the measure labels within the data labels. */ measureLabelVisibility?: pulumi.Input; /** * Determines the positioning of the data label relative to a section of the funnel. */ position?: pulumi.Input; /** * The visibility option that determines if data labels are displayed. */ visibility?: pulumi.Input; } interface TemplateFunnelChartFieldWellsArgs { /** * The field well configuration of a `FunnelChartVisual` . */ funnelChartAggregatedFieldWells?: pulumi.Input; } interface TemplateFunnelChartSortConfigurationArgs { /** * The limit on the number of categories displayed. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface TemplateFunnelChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `FunnelChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateGaugeChartArcConditionalFormattingArgs { /** * The conditional formatting of the arc foreground color. */ foregroundColor?: pulumi.Input; } interface TemplateGaugeChartColorConfigurationArgs { /** * The background color configuration of a `GaugeChartVisual` . */ backgroundColor?: pulumi.Input; /** * The foreground color configuration of a `GaugeChartVisual` . */ foregroundColor?: pulumi.Input; } interface TemplateGaugeChartConditionalFormattingArgs { /** * Conditional formatting options of a `GaugeChartVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface TemplateGaugeChartConditionalFormattingOptionArgs { /** * The options that determine the presentation of the arc of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The conditional formatting for the primary value of a `GaugeChartVisual` . */ primaryValue?: pulumi.Input; } interface TemplateGaugeChartConfigurationArgs { /** * The color configuration of a `GaugeChartVisual` . */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a `GaugeChartVisual` . */ dataLabels?: pulumi.Input; /** * The field well configuration of a `GaugeChartVisual` . */ fieldWells?: pulumi.Input; /** * The options that determine the presentation of the `GaugeChartVisual` . */ gaugeChartOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a `GaugeChartVisual` . */ tooltipOptions?: pulumi.Input; /** * The visual palette configuration of a `GaugeChartVisual` . */ visualPalette?: pulumi.Input; } interface TemplateGaugeChartFieldWellsArgs { /** * The target value field wells of a `GaugeChartVisual` . */ targetValues?: pulumi.Input[]>; /** * The value field wells of a `GaugeChartVisual` . */ values?: pulumi.Input[]>; } interface TemplateGaugeChartOptionsArgs { /** * The arc configuration of a `GaugeChartVisual` . */ arc?: pulumi.Input; /** * The arc axis configuration of a `GaugeChartVisual` . */ arcAxis?: pulumi.Input; /** * The comparison configuration of a `GaugeChartVisual` . */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; } interface TemplateGaugeChartPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value text color. */ textColor?: pulumi.Input; } interface TemplateGaugeChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a `GaugeChartVisual` . */ chartConfiguration?: pulumi.Input; /** * The conditional formatting of a `GaugeChartVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateGeospatialCoordinateBoundsArgs { /** * The longitude of the east bound of the geospatial coordinate bounds. */ east: pulumi.Input; /** * The latitude of the north bound of the geospatial coordinate bounds. */ north: pulumi.Input; /** * The latitude of the south bound of the geospatial coordinate bounds. */ south: pulumi.Input; /** * The longitude of the west bound of the geospatial coordinate bounds. */ west: pulumi.Input; } interface TemplateGeospatialHeatmapColorScaleArgs { /** * The list of colors to be used in heatmap point style. */ colors?: pulumi.Input[]>; } interface TemplateGeospatialHeatmapConfigurationArgs { /** * The color scale specification for the heatmap point style. */ heatmapColor?: pulumi.Input; } interface TemplateGeospatialHeatmapDataColorArgs { /** * The hex color to be used in the heatmap point style. */ color: pulumi.Input; } interface TemplateGeospatialMapAggregatedFieldWellsArgs { /** * The color field wells of a geospatial map. */ colors?: pulumi.Input[]>; /** * The geospatial field wells of a geospatial map. Values are grouped by geospatial fields. */ geospatial?: pulumi.Input[]>; /** * The size field wells of a geospatial map. Values are aggregated based on geospatial fields. */ values?: pulumi.Input[]>; } interface TemplateGeospatialMapConfigurationArgs { /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The map style options of the geospatial map. */ mapStyleOptions?: pulumi.Input; /** * The point style options of the geospatial map. */ pointStyleOptions?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; visualPalette?: pulumi.Input; /** * The window options of the geospatial map. */ windowOptions?: pulumi.Input; } interface TemplateGeospatialMapFieldWellsArgs { /** * The aggregated field well for a geospatial map. */ geospatialMapAggregatedFieldWells?: pulumi.Input; } interface TemplateGeospatialMapStyleOptionsArgs { /** * The base map style of the geospatial map. */ baseMapStyle?: pulumi.Input; } interface TemplateGeospatialMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateGeospatialPointStyleOptionsArgs { /** * The cluster marker configuration of the geospatial point style. */ clusterMarkerConfiguration?: pulumi.Input; /** * The heatmap configuration of the geospatial point style. */ heatmapConfiguration?: pulumi.Input; /** * The selected point styles (point, cluster) of the geospatial map. */ selectedPointStyle?: pulumi.Input; } interface TemplateGeospatialWindowOptionsArgs { /** * The bounds options (north, south, west, east) of the geospatial window options. */ bounds?: pulumi.Input; /** * The map zoom modes (manual, auto) of the geospatial window options. */ mapZoomMode?: pulumi.Input; } interface TemplateGlobalTableBorderOptionsArgs { /** * Determines the options for side specific border. */ sideSpecificBorder?: pulumi.Input; /** * Determines the options for uniform border. */ uniformBorder?: pulumi.Input; } interface TemplateGradientColorArgs { /** * The list of gradient color stops. */ stops?: pulumi.Input[]>; } interface TemplateGradientStopArgs { /** * Determines the color. */ color?: pulumi.Input; /** * Determines the data value. */ dataValue?: pulumi.Input; /** * Determines gradient offset value. */ gradientOffset: pulumi.Input; } interface TemplateGridLayoutCanvasSizeOptionsArgs { /** * The options that determine the sizing of the canvas used in a grid layout. */ screenCanvasSizeOptions?: pulumi.Input; } interface TemplateGridLayoutConfigurationArgs { canvasSizeOptions?: pulumi.Input; /** * The elements that are included in a grid layout. */ elements: pulumi.Input[]>; } interface TemplateGridLayoutElementArgs { /** * The column index for the upper left corner of an element. */ columnIndex?: pulumi.Input; /** * The width of a grid element expressed as a number of grid columns. */ columnSpan: pulumi.Input; /** * A unique identifier for an element within a grid layout. */ elementId: pulumi.Input; /** * The type of element. */ elementType: pulumi.Input; /** * The row index for the upper left corner of an element. */ rowIndex?: pulumi.Input; /** * The height of a grid element expressed as a number of grid rows. */ rowSpan: pulumi.Input; } interface TemplateGridLayoutScreenCanvasSizeOptionsArgs { /** * String based length that is composed of value and unit in px */ optimizedViewPortWidth?: pulumi.Input; /** * This value determines the layout behavior when the viewport is resized. * * - `FIXED` : A fixed width will be used when optimizing the layout. In the Quick Sight console, this option is called `Classic` . * - `RESPONSIVE` : The width of the canvas will be responsive and optimized to the view port. In the Quick Sight console, this option is called `Tiled` . */ resizeOption: pulumi.Input; } interface TemplateGrowthRateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The period size setup of a growth rate computation. */ periodSize?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateHeaderFooterSectionConfigurationArgs { /** * The layout configuration of the header or footer section. */ layout: pulumi.Input; /** * The unique identifier of the header or footer section. */ sectionId: pulumi.Input; /** * The style options of a header or footer section. */ style?: pulumi.Input; } interface TemplateHeatMapAggregatedFieldWellsArgs { /** * The columns field well of a heat map. */ columns?: pulumi.Input[]>; /** * The rows field well of a heat map. */ rows?: pulumi.Input[]>; /** * The values field well of a heat map. */ values?: pulumi.Input[]>; } interface TemplateHeatMapConfigurationArgs { /** * The color options (gradient color, point of divergence) in a heat map. */ colorScale?: pulumi.Input; /** * The label options of the column that is displayed in a heat map. */ columnLabelOptions?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options of the row that is displayed in a `heat map` . */ rowLabelOptions?: pulumi.Input; /** * The sort configuration of a heat map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface TemplateHeatMapFieldWellsArgs { /** * The aggregated field wells of a heat map. */ heatMapAggregatedFieldWells?: pulumi.Input; } interface TemplateHeatMapSortConfigurationArgs { /** * The limit on the number of columns that are displayed in a heat map. */ heatMapColumnItemsLimitConfiguration?: pulumi.Input; /** * The column sort configuration for heat map for columns that aren't a part of a field well. */ heatMapColumnSort?: pulumi.Input[]>; /** * The limit on the number of rows that are displayed in a heat map. */ heatMapRowItemsLimitConfiguration?: pulumi.Input; /** * The field sort configuration of the rows fields. */ heatMapRowSort?: pulumi.Input[]>; } interface TemplateHeatMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a heat map. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateHistogramAggregatedFieldWellsArgs { /** * The value field wells of a histogram. Values are aggregated by `COUNT` or `DISTINCT_COUNT` . */ values?: pulumi.Input[]>; } interface TemplateHistogramBinOptionsArgs { /** * The options that determine the bin count of a histogram. */ binCount?: pulumi.Input; /** * The options that determine the bin width of a histogram. */ binWidth?: pulumi.Input; /** * The options that determine the selected bin type. */ selectedBinType?: pulumi.Input; /** * The options that determine the bin start value. */ startValue?: pulumi.Input; } interface TemplateHistogramConfigurationArgs { /** * The options that determine the presentation of histogram bins. */ binOptions?: pulumi.Input; /** * The data label configuration of a histogram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a histogram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The tooltip configuration of a histogram. */ tooltip?: pulumi.Input; /** * The visual palette configuration of a histogram. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ yAxisDisplayOptions?: pulumi.Input; } interface TemplateHistogramFieldWellsArgs { /** * The field well configuration of a histogram. */ histogramAggregatedFieldWells?: pulumi.Input; } interface TemplateHistogramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a `HistogramVisual` . */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateImageCustomActionArgs { /** * A list of `ImageCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the custom action. */ customActionId: pulumi.Input; /** * The name of the custom action. */ name: pulumi.Input; /** * The status of the custom action. */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `CLICK` : Initiates a custom action by a left pointer click on a data point. * - `MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface TemplateImageCustomActionOperationArgs { navigationOperation?: pulumi.Input; setParametersOperation?: pulumi.Input; urlOperation?: pulumi.Input; } interface TemplateImageInteractionOptionsArgs { /** * The menu options for the image. */ imageMenuOption?: pulumi.Input; } interface TemplateImageMenuOptionArgs { /** * The availability status of the image menu. If the value of this property is set to `ENABLED` , dashboard readers can interact with the image menu. */ availabilityStatus?: pulumi.Input; } interface TemplateInnerFilterArgs { /** * A `CategoryInnerFilter` filters text values for the `NestedFilter` . */ categoryInnerFilter?: pulumi.Input; } interface TemplateInsightConfigurationArgs { /** * The computations configurations of the insight visual */ computations?: pulumi.Input[]>; /** * The custom narrative of the insight visual. */ customNarrative?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; } interface TemplateInsightVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The dataset that is used in the insight visual. */ dataSetIdentifier: pulumi.Input; /** * The configuration of an insight visual. */ insightConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateIntegerDefaultValuesArgs { /** * The dynamic value of the `IntegerDefaultValues` . Different defaults are displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `IntegerDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface TemplateIntegerParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ valueWhenUnset?: pulumi.Input; } interface TemplateIntegerValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface TemplateItemsLimitConfigurationArgs { /** * The limit on how many items of a field are showed in the chart. For example, the number of slices that are displayed in a pie chart. */ itemsLimit?: pulumi.Input; /** * The `Show other` of an axis in the chart. Choose one of the following options: * * - `INCLUDE` * - `EXCLUDE` */ otherCategories?: pulumi.Input; } interface TemplateKpiActualValueConditionalFormattingArgs { /** * The conditional formatting of the actual value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the actual value's text color. */ textColor?: pulumi.Input; } interface TemplateKpiComparisonValueConditionalFormattingArgs { /** * The conditional formatting of the comparison value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the comparison value's text color. */ textColor?: pulumi.Input; } interface TemplateKpiConditionalFormattingArgs { /** * The conditional formatting options of a KPI visual. */ conditionalFormattingOptions?: pulumi.Input[]>; } interface TemplateKpiConditionalFormattingOptionArgs { /** * The conditional formatting for the actual value of a KPI visual. */ actualValue?: pulumi.Input; /** * The conditional formatting for the comparison value of a KPI visual. */ comparisonValue?: pulumi.Input; /** * The conditional formatting for the primary value of a KPI visual. */ primaryValue?: pulumi.Input; /** * The conditional formatting for the progress bar of a KPI visual. */ progressBar?: pulumi.Input; } interface TemplateKpiConfigurationArgs { /** * The field well configuration of a KPI visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The options that determine the presentation of a KPI visual. */ kpiOptions?: pulumi.Input; /** * The sort configuration of a KPI visual. */ sortConfiguration?: pulumi.Input; } interface TemplateKpiFieldWellsArgs { /** * The target value field wells of a KPI visual. */ targetValues?: pulumi.Input[]>; /** * The trend group field wells of a KPI visual. */ trendGroups?: pulumi.Input[]>; /** * The value field wells of a KPI visual. */ values?: pulumi.Input[]>; } interface TemplateKpiOptionsArgs { /** * The comparison configuration of a KPI visual. */ comparison?: pulumi.Input; /** * The options that determine the primary value display type. */ primaryValueDisplayType?: pulumi.Input; /** * The options that determine the primary value font configuration. */ primaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the presentation of the progress bar of a KPI visual. */ progressBar?: pulumi.Input; /** * The options that determine the presentation of the secondary value of a KPI visual. */ secondaryValue?: pulumi.Input; /** * The options that determine the secondary value font configuration. */ secondaryValueFontConfiguration?: pulumi.Input; /** * The options that determine the visibility, color, type, and tooltip visibility of the sparkline of a KPI visual. */ sparkline?: pulumi.Input; /** * The options that determine the presentation of trend arrows in a KPI visual. */ trendArrows?: pulumi.Input; /** * The options that determine the layout a KPI visual. */ visualLayoutOptions?: pulumi.Input; } interface TemplateKpiPrimaryValueConditionalFormattingArgs { /** * The conditional formatting of the primary value's icon. */ icon?: pulumi.Input; /** * The conditional formatting of the primary value's text color. */ textColor?: pulumi.Input; } interface TemplateKpiProgressBarConditionalFormattingArgs { /** * The conditional formatting of the progress bar's foreground color. */ foregroundColor?: pulumi.Input; } interface TemplateKpiSortConfigurationArgs { /** * The sort configuration of the trend group fields. */ trendGroupSort?: pulumi.Input[]>; } interface TemplateKpiSparklineOptionsArgs { /** * The color of the sparkline. */ color?: pulumi.Input; /** * The tooltip visibility of the sparkline. */ tooltipVisibility?: pulumi.Input; /** * The type of the sparkline. */ type: pulumi.Input; /** * The visibility of the sparkline. */ visibility?: pulumi.Input; } interface TemplateKpiVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a KPI visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The conditional formatting of a KPI visual. */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateKpiVisualLayoutOptionsArgs { /** * The standard layout of the KPI visual. */ standardLayout?: pulumi.Input; } interface TemplateKpiVisualStandardLayoutArgs { /** * The standard layout type. */ type: pulumi.Input; } interface TemplateLabelOptionsArgs { /** * The text for the label. */ customLabel?: pulumi.Input; /** * The font configuration of the label. */ fontConfiguration?: pulumi.Input; /** * Determines whether or not the label is visible. */ visibility?: pulumi.Input; } interface TemplateLayoutArgs { /** * The configuration that determines what the type of layout for a sheet. */ configuration: pulumi.Input; } interface TemplateLayoutConfigurationArgs { /** * A free-form is optimized for a fixed width and has more control over the exact placement of layout elements. */ freeFormLayout?: pulumi.Input; /** * A type of layout that can be used on a sheet. In a grid layout, visuals snap to a grid with standard spacing and alignment. Dashboards are displayed as designed, with options to fit to screen or view at actual size. A grid layout can be configured to behave in one of two ways when the viewport is resized: `FIXED` or `RESPONSIVE` . */ gridLayout?: pulumi.Input; /** * A section based layout organizes visuals into multiple sections and has customized header, footer and page break. */ sectionBasedLayout?: pulumi.Input; } interface TemplateLegendOptionsArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The positions for the legend. Choose one of the following options: * * - `AUTO` * - `RIGHT` * - `BOTTOM` * - `LEFT` */ position?: pulumi.Input; /** * The custom title for the legend. */ title?: pulumi.Input; valueFontConfiguration?: pulumi.Input; /** * Determines whether or not the legend is visible. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface TemplateLineChartAggregatedFieldWellsArgs { /** * The category field wells of a line chart. Values are grouped by category fields. */ category?: pulumi.Input[]>; /** * The color field wells of a line chart. Values are grouped by category fields. */ colors?: pulumi.Input[]>; /** * The small multiples field well of a line chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a line chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface TemplateLineChartConfigurationArgs { /** * The default configuration of a line chart's contribution analysis. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The data label configuration of a line chart. */ dataLabels?: pulumi.Input; /** * The options that determine the default presentation of all line series in `LineChartVisual` . */ defaultSeriesSettings?: pulumi.Input; /** * The field well configuration of a line chart. */ fieldWells?: pulumi.Input; /** * The forecast configuration of a line chart. */ forecastConfigurations?: pulumi.Input[]>; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a line chart. */ legend?: pulumi.Input; /** * The series axis configuration of a line chart. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The reference lines configuration of a line chart. */ referenceLines?: pulumi.Input[]>; /** * The series axis configuration of a line chart. */ secondaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the secondary y-axis label. */ secondaryYAxisLabelOptions?: pulumi.Input; /** * The series item configuration of a line chart. */ series?: pulumi.Input[]>; singleAxisOptions?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a line chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip configuration of a line chart. */ tooltip?: pulumi.Input; /** * Determines the type of the line chart. */ type?: pulumi.Input; /** * The visual palette configuration of a line chart. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of the x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the x-axis label. */ xAxisLabelOptions?: pulumi.Input; } interface TemplateLineChartDefaultSeriesSettingsArgs { /** * The axis to which you are binding all line series to. */ axisBinding?: pulumi.Input; /** * Line styles options for all line series in the visual. */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for all line series in the visual. */ markerStyleSettings?: pulumi.Input; } interface TemplateLineChartFieldWellsArgs { /** * The field well configuration of a line chart. */ lineChartAggregatedFieldWells?: pulumi.Input; } interface TemplateLineChartLineStyleSettingsArgs { /** * Interpolation style for line series. * * - `LINEAR` : Show as default, linear style. * - `SMOOTH` : Show as a smooth curve. * - `STEPPED` : Show steps in line. */ lineInterpolation?: pulumi.Input; /** * Line style for line series. * * - `SOLID` : Show as a solid line. * - `DOTTED` : Show as a dotted line. * - `DASHED` : Show as a dashed line. */ lineStyle?: pulumi.Input; /** * Configuration option that determines whether to show the line for the series. */ lineVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ lineWidth?: pulumi.Input; } interface TemplateLineChartMarkerStyleSettingsArgs { /** * Color of marker in the series. */ markerColor?: pulumi.Input; /** * Shape option for markers in the series. * * - `CIRCLE` : Show marker as a circle. * - `TRIANGLE` : Show marker as a triangle. * - `SQUARE` : Show marker as a square. * - `DIAMOND` : Show marker as a diamond. * - `ROUNDED_SQUARE` : Show marker as a rounded square. */ markerShape?: pulumi.Input; /** * String based length that is composed of value and unit in px */ markerSize?: pulumi.Input; /** * Configuration option that determines whether to show the markers in the series. */ markerVisibility?: pulumi.Input; } interface TemplateLineChartSeriesSettingsArgs { /** * Line styles options for a line series in `LineChartVisual` . */ lineStyleSettings?: pulumi.Input; /** * Marker styles options for a line series in `LineChartVisual` . */ markerStyleSettings?: pulumi.Input; } interface TemplateLineChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a line chart. */ categoryItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of lines that are displayed in a line chart. */ colorItemsLimitConfiguration?: pulumi.Input; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface TemplateLineChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a line chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateLineSeriesAxisDisplayOptionsArgs { /** * The options that determine the presentation of the line series axis. */ axisOptions?: pulumi.Input; /** * The configuration options that determine how missing data is treated during the rendering of a line chart. */ missingDataConfigurations?: pulumi.Input[]>; } interface TemplateListControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the search options in a list control. */ searchOptions?: pulumi.Input; /** * The configuration of the `Select all` options in a list control. */ selectAllOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateListControlSearchOptionsArgs { /** * The visibility configuration of the search options in a list control. */ visibility?: pulumi.Input; } interface TemplateListControlSelectAllOptionsArgs { /** * The visibility configuration of the `Select all` options in a list control. */ visibility?: pulumi.Input; } interface TemplateLoadingAnimationArgs { /** * The visibility configuration of `LoadingAnimation` . */ visibility?: pulumi.Input; } interface TemplateLocalNavigationConfigurationArgs { /** * The sheet that is targeted for navigation in the same analysis. */ targetSheetId: pulumi.Input; } interface TemplateLongFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface TemplateMappedDataSetParameterArgs { /** * A unique name that identifies a dataset within the analysis or dashboard. */ dataSetIdentifier: pulumi.Input; /** * The name of the dataset parameter. */ dataSetParameterName: pulumi.Input; } interface TemplateMaximumLabelTypeArgs { /** * The visibility of the maximum label. */ visibility?: pulumi.Input; } interface TemplateMaximumMinimumComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The type of computation. Choose one of the following options: * * - MAXIMUM: A maximum computation. * - MINIMUM: A minimum computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateMeasureFieldArgs { /** * The calculated measure field only used in pivot tables. */ calculatedMeasureField?: pulumi.Input; /** * The measure type field with categorical type columns. */ categoricalMeasureField?: pulumi.Input; /** * The measure type field with date type columns. */ dateMeasureField?: pulumi.Input; /** * The measure type field with numerical type columns. */ numericalMeasureField?: pulumi.Input; } interface TemplateMetricComparisonComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The field that is used in a metric comparison from value setup. */ fromValue?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The field that is used in a metric comparison to value setup. */ targetValue?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; } interface TemplateMinimumLabelTypeArgs { /** * The visibility of the minimum label. */ visibility?: pulumi.Input; } interface TemplateMissingDataConfigurationArgs { /** * The treatment option that determines how missing data should be rendered. Choose from the following options: * * - `INTERPOLATE` : Interpolate missing values between the prior and the next known value. * - `SHOW_AS_ZERO` : Show missing values as the value `0` . * - `SHOW_AS_BLANK` : Display a blank space when rendering missing data. */ treatmentOption?: pulumi.Input; } interface TemplateNegativeValueConfigurationArgs { /** * Determines the display mode of the negative value configuration. */ displayMode: pulumi.Input; } interface TemplateNestedFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * A boolean condition to include or exclude the subset that is defined by the values of the nested inner filter. */ includeInnerSet: pulumi.Input; /** * The `InnerFilter` defines the subset of data to be used with the `NestedFilter` . */ innerFilter: pulumi.Input; } interface TemplateNullValueFormatConfigurationArgs { /** * Determines the null string of null values. */ nullString: pulumi.Input; } interface TemplateNumberDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the number scale value of the number format. */ numberScale?: pulumi.Input; /** * Determines the prefix value of the number format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the number format. */ suffix?: pulumi.Input; } interface TemplateNumberFormatConfigurationArgs { /** * The options that determine the numeric format configuration. */ formatConfiguration?: pulumi.Input; } interface TemplateNumericAxisOptionsArgs { /** * The range setup of a numeric axis. */ range?: pulumi.Input; /** * The scale setup of a numeric axis. */ scale?: pulumi.Input; } interface TemplateNumericEqualityDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The value of the double input numeric drill down filter. */ value: pulumi.Input; } interface TemplateNumericEqualityFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The match operator that is used to determine if a filter should be applied. */ matchOperator: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; /** * The input value. */ value?: pulumi.Input; } interface TemplateNumericFormatConfigurationArgs { /** * The options that determine the currency display format configuration. */ currencyDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the number display format configuration. */ numberDisplayFormatConfiguration?: pulumi.Input; /** * The options that determine the percentage display format configuration. */ percentageDisplayFormatConfiguration?: pulumi.Input; } interface TemplateNumericRangeFilterArgs { /** * The aggregation function of the filter. */ aggregationFunction?: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum?: pulumi.Input; /** * Select all of the values. Null is not the assigned value of select all. * * - `FILTER_ALL_VALUES` */ selectAllOptions?: pulumi.Input; } interface TemplateNumericRangeFilterValueArgs { /** * The parameter that is used in the numeric range. */ parameter?: pulumi.Input; /** * The static value of the numeric range filter. */ staticValue?: pulumi.Input; } interface TemplateNumericSeparatorConfigurationArgs { /** * Determines the decimal separator. */ decimalSeparator?: pulumi.Input; /** * The options that determine the thousands separator configuration. */ thousandsSeparator?: pulumi.Input; } interface TemplateNumericalAggregationFunctionArgs { /** * An aggregation based on the percentile of values in a dimension or measure. */ percentileAggregation?: pulumi.Input; /** * Built-in aggregation functions for numerical values. * * - `SUM` : The sum of a dimension or measure. * - `AVERAGE` : The average of a dimension or measure. * - `MIN` : The minimum value of a dimension or measure. * - `MAX` : The maximum value of a dimension or measure. * - `COUNT` : The count of a dimension or measure. * - `DISTINCT_COUNT` : The count of distinct values in a dimension or measure. * - `VAR` : The variance of a dimension or measure. * - `VARP` : The partitioned variance of a dimension or measure. * - `STDEV` : The standard deviation of a dimension or measure. * - `STDEVP` : The partitioned standard deviation of a dimension or measure. * - `MEDIAN` : The median value of a dimension or measure. */ simpleNumericalAggregation?: pulumi.Input; } interface TemplateNumericalDimensionFieldArgs { /** * The column that is used in the `NumericalDimensionField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; /** * The custom hierarchy ID. */ hierarchyId?: pulumi.Input; } interface TemplateNumericalMeasureFieldArgs { /** * The aggregation function of the measure field. */ aggregationFunction?: pulumi.Input; /** * The column that is used in the `NumericalMeasureField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface TemplatePaginationConfigurationArgs { /** * Indicates the page number. */ pageNumber: pulumi.Input; /** * Indicates how many items render in one page. */ pageSize: pulumi.Input; } interface TemplatePanelConfigurationArgs { /** * Sets the background color for each panel. */ backgroundColor?: pulumi.Input; /** * Determines whether or not a background for each small multiples panel is rendered. */ backgroundVisibility?: pulumi.Input; /** * Sets the line color of panel borders. */ borderColor?: pulumi.Input; /** * Sets the line style of panel borders. */ borderStyle?: pulumi.Input; /** * String based length that is composed of value and unit in px */ borderThickness?: pulumi.Input; /** * Determines whether or not each panel displays a border. */ borderVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ gutterSpacing?: pulumi.Input; /** * Determines whether or not negative space between sibling panels is rendered. */ gutterVisibility?: pulumi.Input; /** * Configures the title display within each small multiples panel. */ title?: pulumi.Input; } interface TemplatePanelTitleOptionsArgs { fontConfiguration?: pulumi.Input; /** * Sets the horizontal text alignment of the title within each panel. */ horizontalTextAlignment?: pulumi.Input; /** * Determines whether or not panel titles are displayed. */ visibility?: pulumi.Input; } interface TemplateParameterControlArgs { /** * A control from a date parameter that specifies date and time. */ dateTimePicker?: pulumi.Input; /** * A control to display a dropdown list with buttons that are used to select a single value. */ dropdown?: pulumi.Input; /** * A control to display a list with buttons or boxes that are used to select either a single value or multiple values. */ list?: pulumi.Input; /** * A control to display a horizontal toggle bar. This is used to change a value by sliding the toggle. */ slider?: pulumi.Input; /** * A control to display a text box that is used to enter multiple entries. */ textArea?: pulumi.Input; /** * A control to display a text box that is used to enter a single entry. */ textField?: pulumi.Input; } interface TemplateParameterDateTimePickerControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDateTimePickerControl` . */ parameterControlId: pulumi.Input; /** * The name of the `ParameterDateTimePickerControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDateTimePickerControl` . */ title: pulumi.Input; } interface TemplateParameterDeclarationArgs { /** * A parameter declaration for the `DateTime` data type. */ dateTimeParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Decimal` data type. */ decimalParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `Integer` data type. */ integerParameterDeclaration?: pulumi.Input; /** * A parameter declaration for the `String` data type. */ stringParameterDeclaration?: pulumi.Input; } interface TemplateParameterDropDownControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The visibility configuration of the Apply button on a `ParameterDropDownControl` . */ commitMode?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterDropDownControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterDropDownControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterDropDownControl` . */ title: pulumi.Input; /** * The type parameter name of the `ParameterDropDownControl` . */ type?: pulumi.Input; } interface TemplateParameterListControlArgs { /** * The values that are displayed in a control can be configured to only show values that are valid based on what's selected in other controls. */ cascadingControlConfiguration?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterListControl` . */ parameterControlId: pulumi.Input; /** * A list of selectable values that are used in a control. */ selectableValues?: pulumi.Input; /** * The source parameter name of the `ParameterListControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterListControl` . */ title: pulumi.Input; /** * The type of `ParameterListControl` . */ type?: pulumi.Input; } interface TemplateParameterSelectableValuesArgs { /** * The column identifier that fetches values from the data set. */ linkToDataSetColumn?: pulumi.Input; /** * The values that are used in `ParameterSelectableValues` . */ values?: pulumi.Input[]>; } interface TemplateParameterSliderControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The larger value that is displayed at the right of the slider. */ maximumValue: pulumi.Input; /** * The smaller value that is displayed at the left of the slider. */ minimumValue: pulumi.Input; /** * The ID of the `ParameterSliderControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterSliderControl` . */ sourceParameterName: pulumi.Input; /** * The number of increments that the slider bar is divided into. */ stepSize: pulumi.Input; /** * The title of the `ParameterSliderControl` . */ title: pulumi.Input; } interface TemplateParameterTextAreaControlArgs { /** * The delimiter that is used to separate the lines in text. */ delimiter?: pulumi.Input; /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextAreaControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextAreaControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextAreaControl` . */ title: pulumi.Input; } interface TemplateParameterTextFieldControlArgs { /** * The display options of a control. */ displayOptions?: pulumi.Input; /** * The ID of the `ParameterTextFieldControl` . */ parameterControlId: pulumi.Input; /** * The source parameter name of the `ParameterTextFieldControl` . */ sourceParameterName: pulumi.Input; /** * The title of the `ParameterTextFieldControl` . */ title: pulumi.Input; } interface TemplatePercentVisibleRangeArgs { /** * The lower bound of the range. */ from?: pulumi.Input; /** * The top bound of the range. */ to?: pulumi.Input; } interface TemplatePercentageDisplayFormatConfigurationArgs { /** * The option that determines the decimal places configuration. */ decimalPlacesConfiguration?: pulumi.Input; /** * The options that determine the negative value configuration. */ negativeValueConfiguration?: pulumi.Input; /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * Determines the prefix value of the percentage format. */ prefix?: pulumi.Input; /** * The options that determine the numeric separator configuration. */ separatorConfiguration?: pulumi.Input; /** * Determines the suffix value of the percentage format. */ suffix?: pulumi.Input; } interface TemplatePercentileAggregationArgs { /** * The percentile value. This value can be any numeric constant 0–100. A percentile value of 50 computes the median value of the measure. */ percentileValue?: pulumi.Input; } interface TemplatePeriodOverPeriodComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplatePeriodToDateComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The time granularity setup of period to date computation. Choose from the following options: * * - YEAR: Year to date. * - MONTH: Month to date. */ periodTimeGranularity?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplatePieChartAggregatedFieldWellsArgs { /** * The category (group/color) field wells of a pie chart. */ category?: pulumi.Input[]>; /** * The small multiples field well of a pie chart. */ smallMultiples?: pulumi.Input[]>; /** * The value field wells of a pie chart. Values are aggregated based on categories. */ values?: pulumi.Input[]>; } interface TemplatePieChartConfigurationArgs { /** * The label options of the group/color that is displayed in a pie chart. */ categoryLabelOptions?: pulumi.Input; /** * The contribution analysis (anomaly configuration) setup of the visual. */ contributionAnalysisDefaults?: pulumi.Input[]>; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The options that determine the shape of the chart. This option determines whether the chart is a pie chart or a donut chart. */ donutOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The small multiples setup for the visual. */ smallMultiplesOptions?: pulumi.Input; /** * The sort configuration of a pie chart. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; /** * The label options for the value that is displayed in a pie chart. */ valueLabelOptions?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface TemplatePieChartFieldWellsArgs { /** * The field well configuration of a pie chart. */ pieChartAggregatedFieldWells?: pulumi.Input; } interface TemplatePieChartSortConfigurationArgs { /** * The limit on the number of categories that are displayed in a pie chart. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; /** * The limit on the number of small multiples panels that are displayed. */ smallMultiplesLimitConfiguration?: pulumi.Input; /** * The sort configuration of the small multiples field. */ smallMultiplesSort?: pulumi.Input[]>; } interface TemplatePieChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a pie chart. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplatePivotFieldSortOptionsArgs { /** * The field ID for the field sort options. */ fieldId: pulumi.Input; /** * The sort by field for the field sort options. */ sortBy: pulumi.Input; } interface TemplatePivotTableAggregatedFieldWellsArgs { /** * The columns field well for a pivot table. Values are grouped by columns fields. */ columns?: pulumi.Input[]>; /** * The rows field well for a pivot table. Values are grouped by rows fields. */ rows?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on rows and columns fields. */ values?: pulumi.Input[]>; } interface TemplatePivotTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The scope of the cell for conditional formatting. */ scope?: pulumi.Input; /** * A list of cell scopes for conditional formatting. */ scopes?: pulumi.Input[]>; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface TemplatePivotTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface TemplatePivotTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a pivot table. */ cell?: pulumi.Input; } interface TemplatePivotTableConditionalFormattingScopeArgs { /** * The role (field, field total, grand total) of the cell for conditional formatting. */ role?: pulumi.Input; } interface TemplatePivotTableConfigurationArgs { /** * The field options for a pivot table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a pivot table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `PivotTableVisual` . */ sortConfiguration?: pulumi.Input; /** * The table options for a pivot table visual. */ tableOptions?: pulumi.Input; /** * The total options for a pivot table visual. */ totalOptions?: pulumi.Input; } interface TemplatePivotTableDataPathOptionArgs { /** * The list of data path values for the data path options. */ dataPathList: pulumi.Input[]>; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface TemplatePivotTableFieldCollapseStateOptionArgs { /** * The state of the field target of a pivot table. Choose one of the following options: * * - `COLLAPSED` * - `EXPANDED` */ state?: pulumi.Input; /** * A tagged-union object that sets the collapse state. */ target: pulumi.Input; } interface TemplatePivotTableFieldCollapseStateTargetArgs { /** * The data path of the pivot table's header. Used to set the collapse state. */ fieldDataPathValues?: pulumi.Input[]>; /** * The field ID of the pivot table that the collapse state needs to be set to. */ fieldId?: pulumi.Input; } interface TemplatePivotTableFieldOptionArgs { /** * The custom label of the pivot table field. */ customLabel?: pulumi.Input; /** * The field ID of the pivot table field. */ fieldId: pulumi.Input; /** * The visibility of the pivot table field. */ visibility?: pulumi.Input; } interface TemplatePivotTableFieldOptionsArgs { /** * The collapse state options for the pivot table field options. */ collapseStateOptions?: pulumi.Input[]>; /** * The data path options for the pivot table field options. */ dataPathOptions?: pulumi.Input[]>; /** * The selected field options for the pivot table field options. */ selectedFieldOptions?: pulumi.Input[]>; } interface TemplatePivotTableFieldSubtotalOptionsArgs { /** * The field ID of the subtotal options. */ fieldId?: pulumi.Input; } interface TemplatePivotTableFieldWellsArgs { /** * The aggregated field well for the pivot table. */ pivotTableAggregatedFieldWells?: pulumi.Input; } interface TemplatePivotTableOptionsArgs { /** * The table cell style of cells. */ cellStyle?: pulumi.Input; /** * The visibility setting of a pivot table's collapsed row dimension fields. If the value of this structure is `HIDDEN` , all collapsed columns in a pivot table are automatically hidden. The default value is `VISIBLE` . */ collapsedRowDimensionsVisibility?: pulumi.Input; /** * The table cell style of the column header. */ columnHeaderStyle?: pulumi.Input; /** * The visibility of the column names. */ columnNamesVisibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ defaultCellWidth?: pulumi.Input; /** * The metric placement (row, column) options. */ metricPlacement?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors). */ rowAlternateColorOptions?: pulumi.Input; /** * The table cell style of row field names. */ rowFieldNamesStyle?: pulumi.Input; /** * The table cell style of the row headers. */ rowHeaderStyle?: pulumi.Input; /** * The options for the label that is located above the row headers. This option is only applicable when `RowsLayout` is set to `HIERARCHY` . */ rowsLabelOptions?: pulumi.Input; /** * The layout for the row dimension headers of a pivot table. Choose one of the following options. * * - `TABULAR` : (Default) Each row field is displayed in a separate column. * - `HIERARCHY` : All row fields are displayed in a single column. Indentation is used to differentiate row headers of different fields. */ rowsLayout?: pulumi.Input; /** * The visibility of the single metric options. */ singleMetricVisibility?: pulumi.Input; /** * Determines the visibility of the pivot table. */ toggleButtonsVisibility?: pulumi.Input; } interface TemplatePivotTablePaginatedReportOptionsArgs { /** * The visibility of the repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of the printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface TemplatePivotTableRowsLabelOptionsArgs { /** * The custom label string for the rows label. */ customLabel?: pulumi.Input; /** * The visibility of the rows label. */ visibility?: pulumi.Input; } interface TemplatePivotTableSortByArgs { /** * The column sort (field id, direction) for the pivot table sort by options. */ column?: pulumi.Input; /** * The data path sort (data path value, direction) for the pivot table sort by options. */ dataPath?: pulumi.Input; /** * The field sort (field id, direction) for the pivot table sort by options. */ field?: pulumi.Input; } interface TemplatePivotTableSortConfigurationArgs { /** * The field sort options for a pivot table sort configuration. */ fieldSortOptions?: pulumi.Input[]>; } interface TemplatePivotTableTotalOptionsArgs { /** * The column subtotal options. */ columnSubtotalOptions?: pulumi.Input; /** * The column total options. */ columnTotalOptions?: pulumi.Input; /** * The row subtotal options. */ rowSubtotalOptions?: pulumi.Input; /** * The row total options. */ rowTotalOptions?: pulumi.Input; } interface TemplatePivotTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplatePivotTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The cell styling options for the total of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation options for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * The cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the totals of value cells. */ valueCellStyle?: pulumi.Input; } interface TemplatePluginVisualArgs { /** * A description of the plugin field wells and their persisted properties. */ chartConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) that reflects the plugin and version. */ pluginArn: pulumi.Input; subtitle?: pulumi.Input; title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The ID of the visual that you want to use. */ visualId: pulumi.Input; } interface TemplatePluginVisualConfigurationArgs { /** * The field wells configuration of the plugin visual. */ fieldWells?: pulumi.Input[]>; /** * The sort configuration of the plugin visual. */ sortConfiguration?: pulumi.Input; /** * The persisted properties of the plugin visual. */ visualOptions?: pulumi.Input; } interface TemplatePluginVisualFieldWellArgs { /** * The semantic axis name for the field well. */ axisName?: pulumi.Input; /** * A list of dimensions for the field well. */ dimensions?: pulumi.Input[]>; /** * A list of measures that exist in the field well. */ measures?: pulumi.Input[]>; /** * A list of unaggregated fields that exist in the field well. */ unaggregated?: pulumi.Input[]>; } interface TemplatePluginVisualItemsLimitConfigurationArgs { /** * Determines how many values are be fetched at once. */ itemsLimit?: pulumi.Input; } interface TemplatePluginVisualOptionsArgs { /** * The persisted properties and their values. */ visualProperties?: pulumi.Input[]>; } interface TemplatePluginVisualPropertyArgs { /** * The name of the plugin visual property. */ name?: pulumi.Input; /** * The value of the plugin visual property. */ value?: pulumi.Input; } interface TemplatePluginVisualSortConfigurationArgs { /** * The table query sorting options for the plugin visual. */ pluginVisualTableQuerySort?: pulumi.Input; } interface TemplatePluginVisualTableQuerySortArgs { /** * The maximum amount of data to be returned by a query. */ itemsLimitConfiguration?: pulumi.Input; /** * Determines how data is sorted in the response. */ rowSort?: pulumi.Input[]>; } interface TemplatePredefinedHierarchyArgs { /** * The list of columns that define the predefined hierarchy. */ columns: pulumi.Input[]>; /** * The option that determines the drill down filters for the predefined hierarchy. */ drillDownFilters?: pulumi.Input[]>; /** * The hierarchy ID of the predefined hierarchy. */ hierarchyId: pulumi.Input; } interface TemplateProgressBarOptionsArgs { /** * The visibility of the progress bar. */ visibility?: pulumi.Input; } interface TemplateQueryExecutionOptionsArgs { /** * A structure that describes the query execution mode. */ queryExecutionMode?: pulumi.Input; } interface TemplateRadarChartAggregatedFieldWellsArgs { /** * The aggregated field well categories of a radar chart. */ category?: pulumi.Input[]>; /** * The color that are assigned to the aggregated field wells of a radar chart. */ color?: pulumi.Input[]>; /** * The values that are assigned to the aggregated field wells of a radar chart. */ values?: pulumi.Input[]>; } interface TemplateRadarChartAreaStyleSettingsArgs { /** * The visibility settings of a radar chart. */ visibility?: pulumi.Input; } interface TemplateRadarChartConfigurationArgs { /** * Determines the visibility of the colors of alternatign bands in a radar chart. */ alternateBandColorsVisibility?: pulumi.Input; /** * The color of the even-numbered alternate bands of a radar chart. */ alternateBandEvenColor?: pulumi.Input; /** * The color of the odd-numbered alternate bands of a radar chart. */ alternateBandOddColor?: pulumi.Input; /** * The axis behavior options of a radar chart. */ axesRangeScale?: pulumi.Input; /** * The base sreies settings of a radar chart. */ baseSeriesSettings?: pulumi.Input; /** * The category axis of a radar chart. */ categoryAxis?: pulumi.Input; /** * The category label options of a radar chart. */ categoryLabelOptions?: pulumi.Input; /** * The color axis of a radar chart. */ colorAxis?: pulumi.Input; /** * The color label options of a radar chart. */ colorLabelOptions?: pulumi.Input; /** * The field well configuration of a `RadarChartVisual` . */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The shape of the radar chart. */ shape?: pulumi.Input; /** * The sort configuration of a `RadarChartVisual` . */ sortConfiguration?: pulumi.Input; /** * The start angle of a radar chart's axis. */ startAngle?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; } interface TemplateRadarChartFieldWellsArgs { /** * The aggregated field wells of a radar chart visual. */ radarChartAggregatedFieldWells?: pulumi.Input; } interface TemplateRadarChartSeriesSettingsArgs { /** * The area style settings of a radar chart. */ areaStyleSettings?: pulumi.Input; } interface TemplateRadarChartSortConfigurationArgs { /** * The category items limit for a radar chart. */ categoryItemsLimit?: pulumi.Input; /** * The category sort options of a radar chart. */ categorySort?: pulumi.Input[]>; /** * The color items limit of a radar chart. */ colorItemsLimit?: pulumi.Input; /** * The color sort configuration of a radar chart. */ colorSort?: pulumi.Input[]>; } interface TemplateRadarChartVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateRangeEndsLabelTypeArgs { /** * The visibility of the range ends label. */ visibility?: pulumi.Input; } interface TemplateReferenceLineArgs { /** * The data configuration of the reference line. */ dataConfiguration: pulumi.Input; /** * The label configuration of the reference line. */ labelConfiguration?: pulumi.Input; /** * The status of the reference line. Choose one of the following options: * * - `ENABLE` * - `DISABLE` */ status?: pulumi.Input; /** * The style configuration of the reference line. */ styleConfiguration?: pulumi.Input; } interface TemplateReferenceLineCustomLabelConfigurationArgs { /** * The string text of the custom label. */ customLabel: pulumi.Input; } interface TemplateReferenceLineDataConfigurationArgs { /** * The axis binding type of the reference line. Choose one of the following options: * * - `PrimaryY` * - `SecondaryY` */ axisBinding?: pulumi.Input; /** * The dynamic configuration of the reference line data configuration. */ dynamicConfiguration?: pulumi.Input; /** * The series type of the reference line data configuration. Choose one of the following options: * * - `BAR` * - `LINE` */ seriesType?: pulumi.Input; /** * The static data configuration of the reference line data configuration. */ staticConfiguration?: pulumi.Input; } interface TemplateReferenceLineDynamicDataConfigurationArgs { /** * The calculation that is used in the dynamic data. */ calculation: pulumi.Input; /** * The column that the dynamic data targets. */ column: pulumi.Input; /** * The aggregation function that is used in the dynamic data. */ measureAggregationFunction?: pulumi.Input; } interface TemplateReferenceLineLabelConfigurationArgs { /** * The custom label configuration of the label in a reference line. */ customLabelConfiguration?: pulumi.Input; /** * The font color configuration of the label in a reference line. */ fontColor?: pulumi.Input; /** * The font configuration of the label in a reference line. */ fontConfiguration?: pulumi.Input; /** * The horizontal position configuration of the label in a reference line. Choose one of the following options: * * - `LEFT` * - `CENTER` * - `RIGHT` */ horizontalPosition?: pulumi.Input; /** * The value label configuration of the label in a reference line. */ valueLabelConfiguration?: pulumi.Input; /** * The vertical position configuration of the label in a reference line. Choose one of the following options: * * - `ABOVE` * - `BELOW` */ verticalPosition?: pulumi.Input; } interface TemplateReferenceLineStaticDataConfigurationArgs { /** * The double input of the static data. */ value: pulumi.Input; } interface TemplateReferenceLineStyleConfigurationArgs { /** * The hex color of the reference line. */ color?: pulumi.Input; /** * The pattern type of the line style. Choose one of the following options: * * - `SOLID` * - `DASHED` * - `DOTTED` */ pattern?: pulumi.Input; } interface TemplateReferenceLineValueLabelConfigurationArgs { /** * The format configuration of the value label. */ formatConfiguration?: pulumi.Input; /** * The relative position of the value label. Choose one of the following options: * * - `BEFORE_CUSTOM_LABEL` * - `AFTER_CUSTOM_LABEL` */ relativePosition?: pulumi.Input; } interface TemplateRelativeDateTimeControlDisplayOptionsArgs { /** * Customize how dates are formatted in controls. */ dateTimeFormat?: pulumi.Input; /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateRelativeDatesFilterArgs { /** * The date configuration of the filter. */ anchorDateConfiguration: pulumi.Input; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The configuration for the exclude period of the filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The minimum granularity (period granularity) of the relative dates filter. */ minimumGranularity?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The range date type of the filter. Choose one of the options below: * * - `PREVIOUS` * - `THIS` * - `LAST` * - `NOW` * - `NEXT` */ relativeDateType: pulumi.Input; /** * The date value of the filter. */ relativeDateValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } /** *

Permission for the resource.

*/ interface TemplateResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } interface TemplateRollingDateConfigurationArgs { /** * The data set that is used in the rolling date configuration. */ dataSetIdentifier?: pulumi.Input; /** * The expression of the rolling date configuration. */ expression: pulumi.Input; } interface TemplateRowAlternateColorOptionsArgs { /** * Determines the list of row alternate colors. */ rowAlternateColors?: pulumi.Input[]>; /** * Determines the widget status. */ status?: pulumi.Input; /** * The primary background color options for alternate rows. */ usePrimaryBackgroundColor?: pulumi.Input; } interface TemplateSameSheetTargetVisualConfigurationArgs { /** * The options that choose the target visual in the same sheet. * * Valid values are defined as follows: * * - `ALL_VISUALS` : Applies the filter operation to all visuals in the same sheet. */ targetVisualOptions?: pulumi.Input; /** * A list of the target visual IDs that are located in the same sheet of the analysis. */ targetVisuals?: pulumi.Input[]>; } interface TemplateSankeyDiagramAggregatedFieldWellsArgs { /** * The destination field wells of a sankey diagram. */ destination?: pulumi.Input[]>; /** * The source field wells of a sankey diagram. */ source?: pulumi.Input[]>; /** * The weight field wells of a sankey diagram. */ weight?: pulumi.Input[]>; } interface TemplateSankeyDiagramChartConfigurationArgs { /** * The data label configuration of a sankey diagram. */ dataLabels?: pulumi.Input; /** * The field well configuration of a sankey diagram. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a sankey diagram. */ sortConfiguration?: pulumi.Input; } interface TemplateSankeyDiagramFieldWellsArgs { /** * The field well configuration of a sankey diagram. */ sankeyDiagramAggregatedFieldWells?: pulumi.Input; } interface TemplateSankeyDiagramSortConfigurationArgs { /** * The limit on the number of destination nodes that are displayed in a sankey diagram. */ destinationItemsLimit?: pulumi.Input; /** * The limit on the number of source nodes that are displayed in a sankey diagram. */ sourceItemsLimit?: pulumi.Input; /** * The sort configuration of the weight fields. */ weightSort?: pulumi.Input[]>; } interface TemplateSankeyDiagramVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration of a sankey diagram. */ chartConfiguration?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateScatterPlotCategoricallyAggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is aggregated by category. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is aggregated by category. */ yAxis?: pulumi.Input[]>; } interface TemplateScatterPlotConfigurationArgs { /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The sort configuration of a scatter plot. */ sortConfiguration?: pulumi.Input; /** * The legend display setup of the visual. */ tooltip?: pulumi.Input; /** * The palette (chart color) display setup of the visual. */ visualPalette?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's x-axis. */ xAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's x-axis. */ xAxisLabelOptions?: pulumi.Input; /** * The label display options (grid line, range, scale, and axis step) of the scatter plot's y-axis. */ yAxisDisplayOptions?: pulumi.Input; /** * The label options (label text, label visibility, and sort icon visibility) of the scatter plot's y-axis. */ yAxisLabelOptions?: pulumi.Input; } interface TemplateScatterPlotFieldWellsArgs { /** * The aggregated field wells of a scatter plot. The x and y-axes of scatter plots with aggregated field wells are aggregated by category, label, or both. */ scatterPlotCategoricallyAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field wells of a scatter plot. The x and y-axes of these scatter plots are unaggregated. */ scatterPlotUnaggregatedFieldWells?: pulumi.Input; } interface TemplateScatterPlotSortConfigurationArgs { scatterPlotLimitConfiguration?: pulumi.Input; } interface TemplateScatterPlotUnaggregatedFieldWellsArgs { /** * The category field well of a scatter plot. */ category?: pulumi.Input[]>; /** * The label field well of a scatter plot. */ label?: pulumi.Input[]>; /** * The size field well of a scatter plot. */ size?: pulumi.Input[]>; /** * The x-axis field well of a scatter plot. * * The x-axis is a dimension field and cannot be aggregated. */ xAxis?: pulumi.Input[]>; /** * The y-axis field well of a scatter plot. * * The y-axis is a dimension field and cannot be aggregated. */ yAxis?: pulumi.Input[]>; } interface TemplateScatterPlotVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateScrollBarOptionsArgs { /** * The visibility of the data zoom scroll bar. */ visibility?: pulumi.Input; /** * The visibility range for the data zoom scroll bar. */ visibleRange?: pulumi.Input; } interface TemplateSecondaryValueOptionsArgs { /** * Determines the visibility of the secondary value. */ visibility?: pulumi.Input; } interface TemplateSectionAfterPageBreakArgs { /** * The option that enables or disables a page break at the end of a section. */ status?: pulumi.Input; } interface TemplateSectionBasedLayoutCanvasSizeOptionsArgs { /** * The options for a paper canvas of a section-based layout. */ paperCanvasSizeOptions?: pulumi.Input; } interface TemplateSectionBasedLayoutConfigurationArgs { /** * A list of body section configurations. */ bodySections: pulumi.Input[]>; /** * The options for the canvas of a section-based layout. */ canvasSizeOptions: pulumi.Input; /** * A list of footer section configurations. */ footerSections: pulumi.Input[]>; /** * A list of header section configurations. */ headerSections: pulumi.Input[]>; } interface TemplateSectionBasedLayoutPaperCanvasSizeOptionsArgs { /** * Defines the spacing between the canvas content and the top, bottom, left, and right edges. */ paperMargin?: pulumi.Input; /** * The paper orientation that is used to define canvas dimensions. Choose one of the following options: * * - PORTRAIT * - LANDSCAPE */ paperOrientation?: pulumi.Input; /** * The paper size that is used to define canvas dimensions. */ paperSize?: pulumi.Input; } interface TemplateSectionLayoutConfigurationArgs { /** * The free-form layout configuration of a section. */ freeFormLayout: pulumi.Input; } interface TemplateSectionPageBreakConfigurationArgs { /** * The configuration of a page break after a section. */ after?: pulumi.Input; } interface TemplateSectionStyleArgs { /** * String based length that is composed of value and unit in px */ height?: pulumi.Input; /** * The spacing between section content and its top, bottom, left, and right edges. * * There is no padding by default. */ padding?: pulumi.Input; } interface TemplateSelectedSheetsFilterScopeConfigurationArgs { /** * The sheet ID and visual IDs of the sheet and visuals that the filter is applied to. */ sheetVisualScopingConfigurations?: pulumi.Input[]>; } interface TemplateSeriesItemArgs { /** * The data field series item configuration of a line chart. */ dataFieldSeriesItem?: pulumi.Input; /** * The field series item configuration of a line chart. */ fieldSeriesItem?: pulumi.Input; } interface TemplateSetParameterValueConfigurationArgs { /** * The destination parameter name of the `SetParameterValueConfiguration` . */ destinationParameterName: pulumi.Input; value: pulumi.Input; } interface TemplateShapeConditionalFormatArgs { /** * The conditional formatting for the shape background color of a filled map visual. */ backgroundColor: pulumi.Input; } interface TemplateSheetControlInfoIconLabelOptionsArgs { /** * The text content of info icon. */ infoIconText?: pulumi.Input; /** * The visibility configuration of info icon label options. */ visibility?: pulumi.Input; } interface TemplateSheetControlLayoutArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ configuration: pulumi.Input; } interface TemplateSheetControlLayoutConfigurationArgs { /** * The configuration that determines the elements and canvas size options of sheet control. */ gridLayout?: pulumi.Input; } interface TemplateSheetDefinitionArgs { /** * The layout content type of the sheet. Choose one of the following options: * * - `PAGINATED` : Creates a sheet for a paginated report. * - `INTERACTIVE` : Creates a sheet for an interactive dashboard. */ contentType?: pulumi.Input; /** * A description of the sheet. */ description?: pulumi.Input; /** * The list of filter controls that are on a sheet. * * For more information, see [Adding filter controls to analysis sheets](https://docs.aws.amazon.com/quicksight/latest/user/filter-controls.html) in the *Amazon Quick Suite User Guide* . */ filterControls?: pulumi.Input[]>; /** * A list of images on a sheet. */ images?: pulumi.Input[]>; /** * Layouts define how the components of a sheet are arranged. * * For more information, see [Types of layout](https://docs.aws.amazon.com/quicksight/latest/user/types-of-layout.html) in the *Amazon Quick Suite User Guide* . */ layouts?: pulumi.Input[]>; /** * The name of the sheet. This name is displayed on the sheet's tab in the Quick Suite console. */ name?: pulumi.Input; /** * The list of parameter controls that are on a sheet. * * For more information, see [Using a Control with a Parameter in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-controls.html) in the *Amazon Quick Suite User Guide* . */ parameterControls?: pulumi.Input[]>; /** * The control layouts of the sheet. */ sheetControlLayouts?: pulumi.Input[]>; /** * The unique identifier of a sheet. */ sheetId: pulumi.Input; /** * The text boxes that are on a sheet. */ textBoxes?: pulumi.Input[]>; /** * The title of the sheet. */ title?: pulumi.Input; /** * A list of the visuals that are on a sheet. Visual placement is determined by the layout of the sheet. */ visuals?: pulumi.Input[]>; } interface TemplateSheetElementConfigurationOverridesArgs { /** * Determines whether or not the overrides are visible. Choose one of the following options: * * - `VISIBLE` * - `HIDDEN` */ visibility?: pulumi.Input; } interface TemplateSheetElementRenderingRuleArgs { /** * The override configuration of the rendering rules of a sheet. */ configurationOverrides: pulumi.Input; /** * The expression of the rendering rules of a sheet. */ expression: pulumi.Input; } interface TemplateSheetImageArgs { /** * A list of custom actions that are configured for an image. */ actions?: pulumi.Input[]>; /** * The alt text for the image. */ imageContentAltText?: pulumi.Input; /** * The general image interactions setup for an image. */ interactions?: pulumi.Input; /** * Determines how the image is scaled. */ scaling?: pulumi.Input; /** * The ID of the sheet image. */ sheetImageId: pulumi.Input; /** * The source of the image. */ source: pulumi.Input; /** * The tooltip to be shown when hovering over the image. */ tooltip?: pulumi.Input; } interface TemplateSheetImageScalingConfigurationArgs { /** * The scaling option to use when fitting the image inside the container. * * Valid values are defined as follows: * * - `SCALE_TO_WIDTH` : The image takes up the entire width of the container. The image aspect ratio is preserved. * - `SCALE_TO_HEIGHT` : The image takes up the entire height of the container. The image aspect ratio is preserved. * - `SCALE_TO_CONTAINER` : The image takes up the entire width and height of the container. The image aspect ratio is not preserved. * - `SCALE_NONE` : The image is displayed in its original size and is not scaled to the container. */ scalingType?: pulumi.Input; } interface TemplateSheetImageSourceArgs { /** * The source of the static file that contains the image. */ sheetImageStaticFileSource?: pulumi.Input; } interface TemplateSheetImageStaticFileSourceArgs { /** * The ID of the static file that contains the image. */ staticFileId: pulumi.Input; } interface TemplateSheetImageTooltipConfigurationArgs { /** * The text that appears in the tooltip. */ tooltipText?: pulumi.Input; /** * The visibility of the tooltip. */ visibility?: pulumi.Input; } interface TemplateSheetImageTooltipTextArgs { /** * The plain text format. */ plainText?: pulumi.Input; } interface TemplateSheetTextBoxArgs { /** * The content that is displayed in the text box. */ content?: pulumi.Input; /** * The unique identifier for a text box. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have text boxes that share identifiers. */ sheetTextBoxId: pulumi.Input; } interface TemplateSheetVisualScopingConfigurationArgs { /** * The scope of the applied entities. Choose one of the following options: * * - `ALL_VISUALS` * - `SELECTED_VISUALS` */ scope: pulumi.Input; /** * The selected sheet that the filter is applied to. */ sheetId: pulumi.Input; /** * The selected visuals that the filter is applied to. */ visualIds?: pulumi.Input[]>; } interface TemplateShortFormatTextArgs { /** * Plain text format. */ plainText?: pulumi.Input; /** * Rich text. Examples of rich text include bold, underline, and italics. */ richText?: pulumi.Input; } interface TemplateSimpleClusterMarkerArgs { /** * The color of the simple cluster marker. */ color?: pulumi.Input; } interface TemplateSingleAxisOptionsArgs { /** * The Y axis options of a single axis configuration. */ yAxisOptions?: pulumi.Input; } interface TemplateSliderControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateSmallMultiplesAxisPropertiesArgs { /** * Defines the placement of the axis. By default, axes are rendered `OUTSIDE` of the panels. Axes with `INDEPENDENT` scale are rendered `INSIDE` the panels. */ placement?: pulumi.Input; /** * Determines whether scale of the axes are shared or independent. The default value is `SHARED` . */ scale?: pulumi.Input; } interface TemplateSmallMultiplesOptionsArgs { /** * Sets the maximum number of visible columns to display in the grid of small multiples panels. * * The default is `Auto` , which automatically adjusts the columns in the grid to fit the overall layout and size of the given chart. */ maxVisibleColumns?: pulumi.Input; /** * Sets the maximum number of visible rows to display in the grid of small multiples panels. * * The default value is `Auto` , which automatically adjusts the rows in the grid to fit the overall layout and size of the given chart. */ maxVisibleRows?: pulumi.Input; /** * Configures the display options for each small multiples panel. */ panelConfiguration?: pulumi.Input; /** * The properties of a small multiples X axis. */ xAxis?: pulumi.Input; /** * The properties of a small multiples Y axis. */ yAxis?: pulumi.Input; } /** *

The source analysis of the template.

*/ interface TemplateSourceAnalysisArgs { /** *

The Amazon Resource Name (ARN) of the resource.

*/ arn: pulumi.Input; /** *

A structure containing information about the dataset references used as placeholders * in the template.

*/ dataSetReferences: pulumi.Input[]>; } /** *

The source entity of the template.

*/ interface TemplateSourceEntityArgs { /** * The source analysis, if it is based on an analysis. */ sourceAnalysis?: pulumi.Input; /** * The source template, if it is based on an template. */ sourceTemplate?: pulumi.Input; } /** *

The source template of the template.

*/ interface TemplateSourceTemplateArgs { /** *

The Amazon Resource Name (ARN) of the resource.

*/ arn: pulumi.Input; } interface TemplateSpacingArgs { /** * String based length that is composed of value and unit */ bottom?: pulumi.Input; /** * String based length that is composed of value and unit */ left?: pulumi.Input; /** * String based length that is composed of value and unit */ right?: pulumi.Input; /** * String based length that is composed of value and unit */ top?: pulumi.Input; } interface TemplateStringDefaultValuesArgs { /** * The dynamic value of the `StringDefaultValues` . Different defaults displayed according to users, groups, and values mapping. */ dynamicValue?: pulumi.Input; /** * The static values of the `DecimalDefaultValues` . */ staticValues?: pulumi.Input[]>; } interface TemplateStringFormatConfigurationArgs { /** * The options that determine the null value format configuration. */ nullValueFormatConfiguration?: pulumi.Input; /** * The formatting configuration for numeric strings. */ numericFormatConfiguration?: pulumi.Input; } interface TemplateStringParameterDeclarationArgs { /** * The default values of a parameter. If the parameter is a single-value parameter, a maximum of one default value can be provided. */ defaultValues?: pulumi.Input; mappedDataSetParameters?: pulumi.Input[]>; /** * The name of the parameter that is being declared. */ name: pulumi.Input; /** * The value type determines whether the parameter is a single-value or multi-value parameter. */ parameterValueType: pulumi.Input; /** * The configuration that defines the default value of a `String` parameter when a value has not been set. */ valueWhenUnset?: pulumi.Input; } interface TemplateStringValueWhenUnsetConfigurationArgs { /** * A custom value that's used when the value of a parameter isn't set. */ customValue?: pulumi.Input; /** * The built-in options for default values. The value can be one of the following: * * - `RECOMMENDED` : The recommended value. * - `NULL` : The `NULL` value. */ valueWhenUnsetOption?: pulumi.Input; } interface TemplateSubtotalOptionsArgs { /** * The custom label string for the subtotal cells. */ customLabel?: pulumi.Input; /** * The field level (all, custom, last) for the subtotal cells. */ fieldLevel?: pulumi.Input; /** * The optional configuration of subtotal cells. */ fieldLevelOptions?: pulumi.Input[]>; /** * The cell styling options for the subtotals of header cells. */ metricHeaderCellStyle?: pulumi.Input; /** * The style targets options for subtotals. */ styleTargets?: pulumi.Input[]>; /** * The cell styling options for the subtotal cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the subtotal cells. */ totalsVisibility?: pulumi.Input; /** * The cell styling options for the subtotals of value cells. */ valueCellStyle?: pulumi.Input; } interface TemplateTableAggregatedFieldWellsArgs { /** * The group by field well for a pivot table. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The values field well for a pivot table. Values are aggregated based on group by fields. */ values?: pulumi.Input[]>; } interface TemplateTableBorderOptionsArgs { /** * The color of a table border. */ color?: pulumi.Input; /** * The style (none, solid) of a table border. */ style?: pulumi.Input; /** * The thickness of a table border. */ thickness?: pulumi.Input; } interface TemplateTableCellConditionalFormattingArgs { /** * The field ID of the cell for conditional formatting. */ fieldId: pulumi.Input; /** * The text format of the cell for conditional formatting. */ textFormat?: pulumi.Input; } interface TemplateTableCellImageSizingConfigurationArgs { /** * The cell scaling configuration of the sizing options for the table image configuration. */ tableCellImageScalingConfiguration?: pulumi.Input; } interface TemplateTableCellStyleArgs { /** * The background color for the table cells. */ backgroundColor?: pulumi.Input; /** * The borders for the table cells. */ border?: pulumi.Input; /** * The font configuration of the table cells. */ fontConfiguration?: pulumi.Input; /** * The height color for the table cells. */ height?: pulumi.Input; /** * The horizontal text alignment (left, center, right, auto) for the table cells. */ horizontalTextAlignment?: pulumi.Input; /** * The text wrap (none, wrap) for the table cells. */ textWrap?: pulumi.Input; /** * The vertical text alignment (top, middle, bottom) for the table cells. */ verticalTextAlignment?: pulumi.Input; /** * The visibility of the table cells. */ visibility?: pulumi.Input; } interface TemplateTableConditionalFormattingArgs { /** * Conditional formatting options for a `PivotTableVisual` . */ conditionalFormattingOptions?: pulumi.Input[]>; } interface TemplateTableConditionalFormattingOptionArgs { /** * The cell conditional formatting option for a table. */ cell?: pulumi.Input; /** * The row conditional formatting option for a table. */ row?: pulumi.Input; } interface TemplateTableConfigurationArgs { /** * The field options for a table visual. */ fieldOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The paginated report options for a table visual. */ paginatedReportOptions?: pulumi.Input; /** * The sort configuration for a `TableVisual` . */ sortConfiguration?: pulumi.Input; /** * A collection of inline visualizations to display within a chart. */ tableInlineVisualizations?: pulumi.Input[]>; /** * The table options for a table visual. */ tableOptions?: pulumi.Input; /** * The total options for a table visual. */ totalOptions?: pulumi.Input; } interface TemplateTableFieldCustomIconContentArgs { /** * The icon set type (link) of the custom icon content for table URL link content. */ icon?: pulumi.Input; } interface TemplateTableFieldCustomTextContentArgs { /** * The font configuration of the custom text content for the table URL link content. */ fontConfiguration: pulumi.Input; /** * The string value of the custom text content for the table URL link content. */ value?: pulumi.Input; } interface TemplateTableFieldImageConfigurationArgs { /** * The sizing options for the table image configuration. */ sizingOptions?: pulumi.Input; } interface TemplateTableFieldLinkConfigurationArgs { /** * The URL content (text, icon) for the table link configuration. */ content: pulumi.Input; /** * The URL target (new tab, new window, same tab) for the table link configuration. */ target: pulumi.Input; } interface TemplateTableFieldLinkContentConfigurationArgs { /** * The custom icon content for the table link content configuration. */ customIconContent?: pulumi.Input; /** * The custom text content (value, font configuration) for the table link content configuration. */ customTextContent?: pulumi.Input; } interface TemplateTableFieldOptionArgs { /** * The custom label for a table field. */ customLabel?: pulumi.Input; /** * The field ID for a table field. */ fieldId: pulumi.Input; /** * The URL configuration for a table field. */ urlStyling?: pulumi.Input; /** * The visibility of a table field. */ visibility?: pulumi.Input; /** * String based length that is composed of value and unit in px */ width?: pulumi.Input; } interface TemplateTableFieldOptionsArgs { /** * The order of the field IDs that are configured as field options for a table visual. */ order?: pulumi.Input[]>; /** * The settings for the pinned columns of a table visual. */ pinnedFieldOptions?: pulumi.Input; /** * The field options to be configured to a table. */ selectedFieldOptions?: pulumi.Input[]>; /** * The `TableOptions` of a transposed table. */ transposedTableOptions?: pulumi.Input[]>; } interface TemplateTableFieldUrlConfigurationArgs { /** * The image configuration of a table field URL. */ imageConfiguration?: pulumi.Input; /** * The link configuration of a table field URL. */ linkConfiguration?: pulumi.Input; } interface TemplateTableFieldWellsArgs { /** * The aggregated field well for the table. */ tableAggregatedFieldWells?: pulumi.Input; /** * The unaggregated field well for the table. */ tableUnaggregatedFieldWells?: pulumi.Input; } interface TemplateTableInlineVisualizationArgs { /** * The configuration of the inline visualization of the data bars within a chart. */ dataBars?: pulumi.Input; } interface TemplateTableOptionsArgs { /** * The table cell style of table cells. */ cellStyle?: pulumi.Input; /** * The table cell style of a table header. */ headerStyle?: pulumi.Input; /** * The orientation (vertical, horizontal) for a table. */ orientation?: pulumi.Input; /** * The row alternate color options (widget status, row alternate colors) for a table. */ rowAlternateColorOptions?: pulumi.Input; } interface TemplateTablePaginatedReportOptionsArgs { /** * The visibility of repeating header rows on each page. */ overflowColumnHeaderVisibility?: pulumi.Input; /** * The visibility of printing table overflow across pages. */ verticalOverflowVisibility?: pulumi.Input; } interface TemplateTablePinnedFieldOptionsArgs { /** * A list of columns to be pinned to the left of a table visual. */ pinnedLeftFields?: pulumi.Input[]>; } interface TemplateTableRowConditionalFormattingArgs { /** * The conditional formatting color (solid, gradient) of the background for a table row. */ backgroundColor?: pulumi.Input; /** * The conditional formatting color (solid, gradient) of the text for a table row. */ textColor?: pulumi.Input; } interface TemplateTableSideBorderOptionsArgs { /** * The table border options of the bottom border. */ bottom?: pulumi.Input; /** * The table border options of the inner horizontal border. */ innerHorizontal?: pulumi.Input; /** * The table border options of the inner vertical border. */ innerVertical?: pulumi.Input; /** * The table border options of the left border. */ left?: pulumi.Input; /** * The table border options of the right border. */ right?: pulumi.Input; /** * The table border options of the top border. */ top?: pulumi.Input; } interface TemplateTableSortConfigurationArgs { /** * The pagination configuration (page size, page number) for the table. */ paginationConfiguration?: pulumi.Input; /** * The field sort options for rows in the table. */ rowSort?: pulumi.Input[]>; } interface TemplateTableStyleTargetArgs { /** * The cell type of the table style target. */ cellType: pulumi.Input; } interface TemplateTableUnaggregatedFieldWellsArgs { /** * The values field well for a pivot table. Values are unaggregated for an unaggregated table. */ values?: pulumi.Input[]>; } interface TemplateTableVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The conditional formatting for a `PivotTableVisual` . */ conditionalFormatting?: pulumi.Input; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateTextAreaControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text area control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateTextConditionalFormatArgs { /** * The conditional formatting for the text background color. */ backgroundColor?: pulumi.Input; /** * The conditional formatting for the icon. */ icon?: pulumi.Input; /** * The conditional formatting for the text color. */ textColor?: pulumi.Input; } interface TemplateTextControlPlaceholderOptionsArgs { /** * The visibility configuration of the placeholder options in a text control. */ visibility?: pulumi.Input; } interface TemplateTextFieldControlDisplayOptionsArgs { /** * The configuration of info icon label options. */ infoIconLabelOptions?: pulumi.Input; /** * The configuration of the placeholder options in a text field control. */ placeholderOptions?: pulumi.Input; /** * The options to configure the title visibility, name, and font size. */ titleOptions?: pulumi.Input; } interface TemplateThousandSeparatorOptionsArgs { /** * Determines the way numbers are styled to accommodate different readability standards. The `DEFAULT` value uses the standard international grouping system and groups numbers by the thousands. The `LAKHS` value uses the Indian numbering system and groups numbers by lakhs and crores. */ groupingStyle?: pulumi.Input; /** * Determines the thousands separator symbol. */ symbol?: pulumi.Input; /** * Determines the visibility of the thousands separator. */ visibility?: pulumi.Input; } interface TemplateTimeBasedForecastPropertiesArgs { /** * The lower boundary setup of a forecast computation. */ lowerBoundary?: pulumi.Input; /** * The periods backward setup of a forecast computation. */ periodsBackward?: pulumi.Input; /** * The periods forward setup of a forecast computation. */ periodsForward?: pulumi.Input; /** * The prediction interval setup of a forecast computation. */ predictionInterval?: pulumi.Input; /** * The seasonality setup of a forecast computation. Choose one of the following options: * * - `NULL` : The input is set to `NULL` . * - `NON_NULL` : The input is set to a custom value. */ seasonality?: pulumi.Input; /** * The upper boundary setup of a forecast computation. */ upperBoundary?: pulumi.Input; } interface TemplateTimeEqualityFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The parameter whose value should be used for the filter value. * * This field is mutually exclusive to `Value` and `RollingDate` . */ parameterName?: pulumi.Input; /** * The rolling date input for the `TimeEquality` filter. * * This field is mutually exclusive to `Value` and `ParameterName` . */ rollingDate?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; /** * The value of a `TimeEquality` filter. * * This field is mutually exclusive to `RollingDate` and `ParameterName` . */ value?: pulumi.Input; } interface TemplateTimeRangeDrillDownFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximum: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimum: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity: pulumi.Input; } interface TemplateTimeRangeFilterArgs { /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * The exclude period of the time range filter. */ excludePeriodConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * Determines whether the maximum value in the filter value range should be included in the filtered results. */ includeMaximum?: pulumi.Input; /** * Determines whether the minimum value in the filter value range should be included in the filtered results. */ includeMinimum?: pulumi.Input; /** * This option determines how null values should be treated when filtering data. * * - `ALL_VALUES` : Include null values in filtered results. * - `NULLS_ONLY` : Only include null values in filtered results. * - `NON_NULLS_ONLY` : Exclude null values from filtered results. */ nullOption: pulumi.Input; /** * The maximum value for the filter value range. */ rangeMaximumValue?: pulumi.Input; /** * The minimum value for the filter value range. */ rangeMinimumValue?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface TemplateTimeRangeFilterValueArgs { /** * The parameter type input value. */ parameter?: pulumi.Input; /** * The rolling date input value. */ rollingDate?: pulumi.Input; /** * The static input value. */ staticValue?: pulumi.Input; } interface TemplateTooltipItemArgs { /** * The tooltip item for the columns that are not part of a field well. */ columnTooltipItem?: pulumi.Input; /** * The tooltip item for the fields. */ fieldTooltipItem?: pulumi.Input; } interface TemplateTooltipOptionsArgs { /** * The setup for the detailed tooltip. The tooltip setup is always saved. The display type is decided based on the tooltip type. */ fieldBasedTooltip?: pulumi.Input; /** * The selected type for the tooltip. Choose one of the following options: * * - `BASIC` : A basic tooltip. * - `DETAILED` : A detailed tooltip. */ selectedTooltipType?: pulumi.Input; /** * Determines whether or not the tooltip is visible. */ tooltipVisibility?: pulumi.Input; } interface TemplateTopBottomFilterArgs { /** * The aggregation and sort configuration of the top bottom filter. */ aggregationSortConfigurations: pulumi.Input[]>; /** * The column that the filter is applied to. */ column: pulumi.Input; /** * The default configurations for the associated controls. This applies only for filters that are scoped to multiple sheets. */ defaultFilterControlConfiguration?: pulumi.Input; /** * An identifier that uniquely identifies a filter within a dashboard, analysis, or template. */ filterId: pulumi.Input; /** * The number of items to include in the top bottom filter results. */ limit?: pulumi.Input; /** * The parameter whose value should be used for the filter value. */ parameterName?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface TemplateTopBottomMoversComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The mover size setup of the top and bottom movers computation. */ moverSize?: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The sort order setup of the top and bottom movers computation. */ sortOrder?: pulumi.Input; /** * The time field that is used in a computation. */ time?: pulumi.Input; /** * The computation type. Choose from the following options: * * - TOP: Top movers computation. * - BOTTOM: Bottom movers computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateTopBottomRankedComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The result size of a top and bottom ranked computation. */ resultSize?: pulumi.Input; /** * The computation type. Choose one of the following options: * * - TOP: A top ranked computation. * - BOTTOM: A bottom ranked computation. */ type: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateTotalAggregationComputationArgs { /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; /** * The value field that is used in a computation. */ value?: pulumi.Input; } interface TemplateTotalAggregationFunctionArgs { /** * A built in aggregation function for total values. */ simpleTotalAggregationFunction?: pulumi.Input; } interface TemplateTotalAggregationOptionArgs { /** * The field id that's associated with the total aggregation option. */ fieldId: pulumi.Input; /** * The total aggregation function that you want to set for a specified field id. */ totalAggregationFunction: pulumi.Input; } interface TemplateTotalOptionsArgs { /** * The custom label string for the total cells. */ customLabel?: pulumi.Input; /** * The placement (start, end) for the total cells. */ placement?: pulumi.Input; /** * The scroll status (pinned, scrolled) for the total cells. */ scrollStatus?: pulumi.Input; /** * The total aggregation settings for each value field. */ totalAggregationOptions?: pulumi.Input[]>; /** * Cell styling options for the total cells. */ totalCellStyle?: pulumi.Input; /** * The visibility configuration for the total cells. */ totalsVisibility?: pulumi.Input; } interface TemplateTransposedTableOptionArgs { /** * The index of a columns in a transposed table. The index range is 0-9999. */ columnIndex?: pulumi.Input; /** * The column type of the column in a transposed table. Choose one of the following options: * * - `ROW_HEADER_COLUMN` : Refers to the leftmost column of the row header in the transposed table. * - `VALUE_COLUMN` : Refers to all value columns in the transposed table. */ columnType: pulumi.Input; /** * String based length that is composed of value and unit in px */ columnWidth?: pulumi.Input; } interface TemplateTreeMapAggregatedFieldWellsArgs { /** * The color field well of a tree map. Values are grouped by aggregations based on group by fields. */ colors?: pulumi.Input[]>; /** * The group by field well of a tree map. Values are grouped based on group by fields. */ groups?: pulumi.Input[]>; /** * The size field well of a tree map. Values are aggregated based on group by fields. */ sizes?: pulumi.Input[]>; } interface TemplateTreeMapConfigurationArgs { /** * The label options (label text, label visibility) for the colors displayed in a tree map. */ colorLabelOptions?: pulumi.Input; /** * The color options (gradient color, point of divergence) of a tree map. */ colorScale?: pulumi.Input; /** * The options that determine if visual data labels are displayed. */ dataLabels?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The label options (label text, label visibility) of the groups that are displayed in a tree map. */ groupLabelOptions?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend display setup of the visual. */ legend?: pulumi.Input; /** * The label options (label text, label visibility) of the sizes that are displayed in a tree map. */ sizeLabelOptions?: pulumi.Input; /** * The sort configuration of a tree map. */ sortConfiguration?: pulumi.Input; /** * The tooltip display setup of the visual. */ tooltip?: pulumi.Input; } interface TemplateTreeMapFieldWellsArgs { /** * The aggregated field wells of a tree map. */ treeMapAggregatedFieldWells?: pulumi.Input; } interface TemplateTreeMapSortConfigurationArgs { /** * The limit on the number of groups that are displayed. */ treeMapGroupItemsLimitConfiguration?: pulumi.Input; /** * The sort configuration of group by fields. */ treeMapSort?: pulumi.Input[]>; } interface TemplateTreeMapVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateTrendArrowOptionsArgs { /** * The visibility of the trend arrows. */ visibility?: pulumi.Input; } interface TemplateUnaggregatedFieldArgs { /** * The column that is used in the `UnaggregatedField` . */ column: pulumi.Input; /** * The custom field ID. */ fieldId: pulumi.Input; /** * The format configuration of the field. */ formatConfiguration?: pulumi.Input; } interface TemplateUniqueValuesComputationArgs { /** * The category field that is used in a computation. */ category?: pulumi.Input; /** * The ID for a computation. */ computationId: pulumi.Input; /** * The name of a computation. */ name?: pulumi.Input; } /** *

The option to relax the validation that is required to create and update analyses, dashboards, and templates with definition objects. When you set this value to LENIENT, validation is skipped for specific errors.

*/ interface TemplateValidationStrategyArgs { /** * The mode of validation for the asset to be created or updated. When you set this value to `STRICT` , strict validation for every error is enforced. When you set this value to `LENIENT` , validation is skipped for specific UI errors. */ mode: pulumi.Input; } interface TemplateVersionDefinitionArgs { analysisDefaults?: pulumi.Input; /** * An array of calculated field definitions for the template. */ calculatedFields?: pulumi.Input[]>; /** * An array of template-level column configurations. Column configurations are used to set default formatting for a column that's used throughout a template. */ columnConfigurations?: pulumi.Input[]>; /** * An array of dataset configurations. These configurations define the required columns for each dataset used within a template. */ dataSetConfigurations: pulumi.Input[]>; /** * Filter definitions for a template. * * For more information, see [Filtering Data](https://docs.aws.amazon.com/quicksight/latest/user/filtering-visual-data.html) in the *Amazon Quick Suite User Guide* . */ filterGroups?: pulumi.Input[]>; /** * An array of option definitions for a template. */ options?: pulumi.Input; /** * An array of parameter declarations for a template. * * *Parameters* are named variables that can transfer a value for use by an action or an object. * * For more information, see [Parameters in Amazon Quick Sight](https://docs.aws.amazon.com/quicksight/latest/user/parameters-in-quicksight.html) in the *Amazon Quick Suite User Guide* . */ parameterDeclarations?: pulumi.Input[]>; queryExecutionOptions?: pulumi.Input; /** * An array of sheet definitions for a template. */ sheets?: pulumi.Input[]>; } interface TemplateVisibleRangeOptionsArgs { /** * The percent range in the visible range. */ percentRange?: pulumi.Input; } interface TemplateVisualArgs { /** * A bar chart. * * For more information, see [Using bar charts](https://docs.aws.amazon.com/quicksight/latest/user/bar-charts.html) in the *Amazon Quick Suite User Guide* . */ barChartVisual?: pulumi.Input; /** * A box plot. * * For more information, see [Using box plots](https://docs.aws.amazon.com/quicksight/latest/user/box-plots.html) in the *Amazon Quick Suite User Guide* . */ boxPlotVisual?: pulumi.Input; /** * A combo chart. * * For more information, see [Using combo charts](https://docs.aws.amazon.com/quicksight/latest/user/combo-charts.html) in the *Amazon Quick Suite User Guide* . */ comboChartVisual?: pulumi.Input; /** * A visual that contains custom content. * * For more information, see [Using custom visual content](https://docs.aws.amazon.com/quicksight/latest/user/custom-visual-content.html) in the *Amazon Quick Suite User Guide* . */ customContentVisual?: pulumi.Input; /** * An empty visual. */ emptyVisual?: pulumi.Input; /** * A filled map. * * For more information, see [Creating filled maps](https://docs.aws.amazon.com/quicksight/latest/user/filled-maps.html) in the *Amazon Quick Suite User Guide* . */ filledMapVisual?: pulumi.Input; /** * A funnel chart. * * For more information, see [Using funnel charts](https://docs.aws.amazon.com/quicksight/latest/user/funnel-visual-content.html) in the *Amazon Quick Suite User Guide* . */ funnelChartVisual?: pulumi.Input; /** * A gauge chart. * * For more information, see [Using gauge charts](https://docs.aws.amazon.com/quicksight/latest/user/gauge-chart.html) in the *Amazon Quick Suite User Guide* . */ gaugeChartVisual?: pulumi.Input; /** * A geospatial map or a points on map visual. * * For more information, see [Creating point maps](https://docs.aws.amazon.com/quicksight/latest/user/point-maps.html) in the *Amazon Quick Suite User Guide* . */ geospatialMapVisual?: pulumi.Input; /** * A heat map. * * For more information, see [Using heat maps](https://docs.aws.amazon.com/quicksight/latest/user/heat-map.html) in the *Amazon Quick Suite User Guide* . */ heatMapVisual?: pulumi.Input; /** * A histogram. * * For more information, see [Using histograms](https://docs.aws.amazon.com/quicksight/latest/user/histogram-charts.html) in the *Amazon Quick Suite User Guide* . */ histogramVisual?: pulumi.Input; /** * An insight visual. * * For more information, see [Working with insights](https://docs.aws.amazon.com/quicksight/latest/user/computational-insights.html) in the *Amazon Quick Suite User Guide* . */ insightVisual?: pulumi.Input; /** * A key performance indicator (KPI). * * For more information, see [Using KPIs](https://docs.aws.amazon.com/quicksight/latest/user/kpi.html) in the *Amazon Quick Suite User Guide* . */ kpiVisual?: pulumi.Input; /** * A line chart. * * For more information, see [Using line charts](https://docs.aws.amazon.com/quicksight/latest/user/line-charts.html) in the *Amazon Quick Suite User Guide* . */ lineChartVisual?: pulumi.Input; /** * A pie or donut chart. * * For more information, see [Using pie charts](https://docs.aws.amazon.com/quicksight/latest/user/pie-chart.html) in the *Amazon Quick Suite User Guide* . */ pieChartVisual?: pulumi.Input; /** * A pivot table. * * For more information, see [Using pivot tables](https://docs.aws.amazon.com/quicksight/latest/user/pivot-table.html) in the *Amazon Quick Suite User Guide* . */ pivotTableVisual?: pulumi.Input; /** * The custom plugin visual type. */ pluginVisual?: pulumi.Input; /** * A radar chart visual. * * For more information, see [Using radar charts](https://docs.aws.amazon.com/quicksight/latest/user/radar-chart.html) in the *Amazon Quick Suite User Guide* . */ radarChartVisual?: pulumi.Input; /** * A sankey diagram. * * For more information, see [Using Sankey diagrams](https://docs.aws.amazon.com/quicksight/latest/user/sankey-diagram.html) in the *Amazon Quick Suite User Guide* . */ sankeyDiagramVisual?: pulumi.Input; /** * A scatter plot. * * For more information, see [Using scatter plots](https://docs.aws.amazon.com/quicksight/latest/user/scatter-plot.html) in the *Amazon Quick Suite User Guide* . */ scatterPlotVisual?: pulumi.Input; /** * A table visual. * * For more information, see [Using tables as visuals](https://docs.aws.amazon.com/quicksight/latest/user/tabular.html) in the *Amazon Quick Suite User Guide* . */ tableVisual?: pulumi.Input; /** * A tree map. * * For more information, see [Using tree maps](https://docs.aws.amazon.com/quicksight/latest/user/tree-map.html) in the *Amazon Quick Suite User Guide* . */ treeMapVisual?: pulumi.Input; /** * A waterfall chart. * * For more information, see [Using waterfall charts](https://docs.aws.amazon.com/quicksight/latest/user/waterfall-chart.html) in the *Amazon Quick Suite User Guide* . */ waterfallVisual?: pulumi.Input; /** * A word cloud. * * For more information, see [Using word clouds](https://docs.aws.amazon.com/quicksight/latest/user/word-cloud.html) in the *Amazon Quick Suite User Guide* . */ wordCloudVisual?: pulumi.Input; } interface TemplateVisualCustomActionArgs { /** * A list of `VisualCustomActionOperations` . * * This is a union type structure. For this structure to be valid, only one of the attributes can be defined. */ actionOperations: pulumi.Input[]>; /** * The ID of the `VisualCustomAction` . */ customActionId: pulumi.Input; /** * The name of the `VisualCustomAction` . */ name: pulumi.Input; /** * The status of the `VisualCustomAction` . */ status?: pulumi.Input; /** * The trigger of the `VisualCustomAction` . * * Valid values are defined as follows: * * - `DATA_POINT_CLICK` : Initiates a custom action by a left pointer click on a data point. * - `DATA_POINT_MENU` : Initiates a custom action by right pointer click from the menu. */ trigger: pulumi.Input; } interface TemplateVisualCustomActionOperationArgs { /** * The filter operation that filters data included in a visual or in an entire sheet. */ filterOperation?: pulumi.Input; /** * The navigation operation that navigates between different sheets in the same analysis. */ navigationOperation?: pulumi.Input; /** * The set parameter operation that sets parameters in custom action. */ setParametersOperation?: pulumi.Input; /** * The URL operation that opens a link to another webpage. */ urlOperation?: pulumi.Input; } interface TemplateVisualInteractionOptionsArgs { /** * The context menu options for a visual. */ contextMenuOption?: pulumi.Input; /** * The on-visual menu options for a visual. */ visualMenuOption?: pulumi.Input; } interface TemplateVisualMenuOptionArgs { /** * The availaiblity status of a visual's menu options. */ availabilityStatus?: pulumi.Input; } interface TemplateVisualPaletteArgs { /** * The chart color options for the visual palette. */ chartColor?: pulumi.Input; /** * The color map options for the visual palette. */ colorMap?: pulumi.Input[]>; } interface TemplateVisualSubtitleLabelOptionsArgs { /** * The long text format of the subtitle label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the subtitle label. */ visibility?: pulumi.Input; } interface TemplateVisualTitleLabelOptionsArgs { /** * The short text format of the title label, such as plain text or rich text. */ formatText?: pulumi.Input; /** * The visibility of the title label. */ visibility?: pulumi.Input; } interface TemplateWaterfallChartAggregatedFieldWellsArgs { /** * The breakdown field wells of a waterfall visual. */ breakdowns?: pulumi.Input[]>; /** * The category field wells of a waterfall visual. */ categories?: pulumi.Input[]>; /** * The value field wells of a waterfall visual. */ values?: pulumi.Input[]>; } interface TemplateWaterfallChartColorConfigurationArgs { /** * The color configuration for individual groups within a waterfall visual. */ groupColorConfiguration?: pulumi.Input; } interface TemplateWaterfallChartConfigurationArgs { /** * The options that determine the presentation of the category axis. */ categoryAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the category axis label. */ categoryAxisLabelOptions?: pulumi.Input; /** * The color configuration of a waterfall visual. */ colorConfiguration?: pulumi.Input; /** * The data label configuration of a waterfall visual. */ dataLabels?: pulumi.Input; /** * The field well configuration of a waterfall visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The legend configuration of a waterfall visual. */ legend?: pulumi.Input; /** * The options that determine the presentation of the y-axis. */ primaryYAxisDisplayOptions?: pulumi.Input; /** * The options that determine the presentation of the y-axis label. */ primaryYAxisLabelOptions?: pulumi.Input; /** * The sort configuration of a waterfall visual. */ sortConfiguration?: pulumi.Input; /** * The visual palette configuration of a waterfall visual. */ visualPalette?: pulumi.Input; /** * The options that determine the presentation of a waterfall visual. */ waterfallChartOptions?: pulumi.Input; } interface TemplateWaterfallChartFieldWellsArgs { /** * The field well configuration of a waterfall visual. */ waterfallChartAggregatedFieldWells?: pulumi.Input; } interface TemplateWaterfallChartGroupColorConfigurationArgs { /** * Defines the color for the negative bars of a waterfall chart. */ negativeBarColor?: pulumi.Input; /** * Defines the color for the positive bars of a waterfall chart. */ positiveBarColor?: pulumi.Input; /** * Defines the color for the total bars of a waterfall chart. */ totalBarColor?: pulumi.Input; } interface TemplateWaterfallChartOptionsArgs { /** * This option determines the total bar label of a waterfall visual. */ totalBarLabel?: pulumi.Input; } interface TemplateWaterfallChartSortConfigurationArgs { /** * The limit on the number of bar groups that are displayed. */ breakdownItemsLimit?: pulumi.Input; /** * The sort configuration of the category fields. */ categorySort?: pulumi.Input[]>; } interface TemplateWaterfallVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration for a waterfall visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers. */ visualId: pulumi.Input; } interface TemplateWhatIfPointScenarioArgs { /** * The date that you need the forecast results for. */ date: pulumi.Input; /** * The target value that you want to meet for the provided date. */ value: pulumi.Input; } interface TemplateWhatIfRangeScenarioArgs { /** * The end date in the date range that you need the forecast results for. */ endDate: pulumi.Input; /** * The start date in the date range that you need the forecast results for. */ startDate: pulumi.Input; /** * The target value that you want to meet for the provided date range. */ value: pulumi.Input; } interface TemplateWordCloudAggregatedFieldWellsArgs { /** * The group by field well of a word cloud. Values are grouped by group by fields. */ groupBy?: pulumi.Input[]>; /** * The size field well of a word cloud. Values are aggregated based on group by fields. */ size?: pulumi.Input[]>; } interface TemplateWordCloudChartConfigurationArgs { /** * The label options (label text, label visibility, and sort icon visibility) for the word cloud category. */ categoryLabelOptions?: pulumi.Input; /** * The field wells of the visual. */ fieldWells?: pulumi.Input; /** * The general visual interactions setup for a visual. */ interactions?: pulumi.Input; /** * The sort configuration of a word cloud visual. */ sortConfiguration?: pulumi.Input; /** * The options for a word cloud visual. */ wordCloudOptions?: pulumi.Input; } interface TemplateWordCloudFieldWellsArgs { /** * The aggregated field wells of a word cloud. */ wordCloudAggregatedFieldWells?: pulumi.Input; } interface TemplateWordCloudOptionsArgs { /** * The cloud layout options (fluid, normal) of a word cloud. */ cloudLayout?: pulumi.Input; /** * The length limit of each word from 1-100. */ maximumStringLength?: pulumi.Input; /** * The word casing options (lower_case, existing_case) for the words in a word cloud. */ wordCasing?: pulumi.Input; /** * The word orientation options (horizontal, horizontal_and_vertical) for the words in a word cloud. */ wordOrientation?: pulumi.Input; /** * The word padding options (none, small, medium, large) for the words in a word cloud. */ wordPadding?: pulumi.Input; /** * The word scaling options (emphasize, normal) for the words in a word cloud. */ wordScaling?: pulumi.Input; } interface TemplateWordCloudSortConfigurationArgs { /** * The limit on the number of groups that are displayed in a word cloud. */ categoryItemsLimit?: pulumi.Input; /** * The sort configuration of group by fields. */ categorySort?: pulumi.Input[]>; } interface TemplateWordCloudVisualArgs { /** * The list of custom actions that are configured for a visual. */ actions?: pulumi.Input[]>; /** * The configuration settings of the visual. */ chartConfiguration?: pulumi.Input; /** * The column hierarchy that is used during drill-downs and drill-ups. */ columnHierarchies?: pulumi.Input[]>; /** * The subtitle that is displayed on the visual. */ subtitle?: pulumi.Input; /** * The title that is displayed on the visual. */ title?: pulumi.Input; /** * The alt text for the visual. */ visualContentAltText?: pulumi.Input; /** * The unique identifier of a visual. This identifier must be unique within the context of a dashboard, template, or analysis. Two dashboards, analyses, or templates can have visuals with the same identifiers.. */ visualId: pulumi.Input; } interface TemplateYAxisOptionsArgs { /** * The Y axis type to be used in the chart. * * If you choose `PRIMARY_Y_AXIS` , the primary Y Axis is located on the leftmost vertical axis of the chart. */ yAxis: pulumi.Input; } /** *

The display options for tile borders for visuals.

*/ interface ThemeBorderStyleArgs { /** *

The option to enable display of borders for visuals.

*/ show?: pulumi.Input; } /** *

The theme configuration. This configuration contains all of the display properties for * a theme.

*/ interface ThemeConfigurationArgs { /** * Color properties that apply to chart data colors. */ dataColorPalette?: pulumi.Input; /** * Display options related to sheets. */ sheet?: pulumi.Input; /** * Determines the typography options. */ typography?: pulumi.Input; /** * Color properties that apply to the UI and to charts, excluding the colors that apply to data. */ uiColorPalette?: pulumi.Input; } /** *

The theme colors that are used for data colors in charts. The colors description is a * hexadecimal color code that consists of six alphanumerical characters, prefixed with * #, for example #37BFF5.

*/ interface ThemeDataColorPaletteArgs { /** *

The hexadecimal codes for the colors.

*/ colors?: pulumi.Input[]>; /** *

The hexadecimal code of a color that applies to charts where a lack of data is * highlighted.

*/ emptyFillColor?: pulumi.Input; /** *

The minimum and maximum hexadecimal codes that describe a color gradient.

*/ minMaxGradient?: pulumi.Input[]>; } interface ThemeFontArgs { /** * Determines the font family settings. */ fontFamily?: pulumi.Input; } /** *

The display options for gutter spacing between tiles on a sheet.

*/ interface ThemeGutterStyleArgs { /** *

This Boolean value controls whether to display a gutter space between sheet tiles. *

*/ show?: pulumi.Input; } /** *

The display options for margins around the outside edge of sheets.

*/ interface ThemeMarginStyleArgs { /** *

This Boolean value controls whether to display sheet margins.

*/ show?: pulumi.Input; } /** *

Permission for the resource.

*/ interface ThemeResourcePermissionArgs { /** *

The IAM action to grant or revoke permissions on.

*/ actions: pulumi.Input[]>; /** *

The Amazon Resource Name (ARN) of the principal. This can be one of the * following:

*
    *
  • *

    The ARN of an Amazon QuickSight user or group associated with a data source or dataset. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon QuickSight user, group, or namespace associated with an analysis, dashboard, template, or theme. (This is common.)

    *
    • *
  • *

    The ARN of an Amazon Web Services account root: This is an IAM ARN rather than a QuickSight * ARN. Use this option only to share resources (templates) across Amazon Web Services accounts. * (This is less common.)

    *
    • *
*/ principal: pulumi.Input; } /** *

The theme display options for sheets.

*/ interface ThemeSheetStyleArgs { /** * The display options for tiles. */ tile?: pulumi.Input; /** * The layout options for tiles. */ tileLayout?: pulumi.Input; } /** *

The display options for the layout of tiles on a sheet.

*/ interface ThemeTileLayoutStyleArgs { /** * The gutter settings that apply between tiles. */ gutter?: pulumi.Input; /** * The margin settings that apply around the outside edge of sheets. */ margin?: pulumi.Input; } /** *

Display options related to tiles on a sheet.

*/ interface ThemeTileStyleArgs { /** * The border around a tile. */ border?: pulumi.Input; } interface ThemeTypographyArgs { /** * Determines the list of font families. */ fontFamilies?: pulumi.Input[]>; } /** *

The theme colors that apply to UI and to charts, excluding data colors. The colors * description is a hexadecimal color code that consists of six alphanumerical characters, * prefixed with #, for example #37BFF5. For more information, see Using Themes in Amazon QuickSight in the Amazon QuickSight User * Guide. *

*/ interface ThemeUiColorPaletteArgs { /** *

This color is that applies to selected states and buttons.

*/ accent?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * accent color.

*/ accentForeground?: pulumi.Input; /** *

The color that applies to error messages.

*/ danger?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * error color.

*/ dangerForeground?: pulumi.Input; /** *

The color that applies to the names of fields that are identified as * dimensions.

*/ dimension?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * dimension color.

*/ dimensionForeground?: pulumi.Input; /** *

The color that applies to the names of fields that are identified as measures.

*/ measure?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * measure color.

*/ measureForeground?: pulumi.Input; /** *

The background color that applies to visuals and other high emphasis UI.

*/ primaryBackground?: pulumi.Input; /** *

The color of text and other foreground elements that appear over the primary * background regions, such as grid lines, borders, table banding, icons, and so on.

*/ primaryForeground?: pulumi.Input; /** *

The background color that applies to the sheet background and sheet controls.

*/ secondaryBackground?: pulumi.Input; /** *

The foreground color that applies to any sheet title, sheet control text, or UI that * appears over the secondary background.

*/ secondaryForeground?: pulumi.Input; /** *

The color that applies to success messages, for example the check mark for a * successful download.

*/ success?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * success color.

*/ successForeground?: pulumi.Input; /** *

This color that applies to warning and informational messages.

*/ warning?: pulumi.Input; /** *

The foreground color that applies to any text or other elements that appear over the * warning color.

*/ warningForeground?: pulumi.Input; } interface TopicCalculatedFieldArgs { /** * The default aggregation. Valid values for this structure are `SUM` , `MAX` , `MIN` , `COUNT` , `DISTINCT_COUNT` , and `AVERAGE` . */ aggregation?: pulumi.Input; /** * The list of aggregation types that are allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` . */ allowedAggregations?: pulumi.Input[]>; /** * The calculated field description. */ calculatedFieldDescription?: pulumi.Input; /** * The calculated field name. */ calculatedFieldName: pulumi.Input; /** * The other names or aliases for the calculated field. */ calculatedFieldSynonyms?: pulumi.Input[]>; /** * The other names or aliases for the calculated field cell value. */ cellValueSynonyms?: pulumi.Input[]>; /** * The column data role for a calculated field. Valid values for this structure are `DIMENSION` and `MEASURE` . */ columnDataRole?: pulumi.Input; /** * The order in which data is displayed for the calculated field when it's used in a comparative context. */ comparativeOrder?: pulumi.Input; /** * The default formatting definition. */ defaultFormatting?: pulumi.Input; /** * A Boolean value that indicates if a calculated field is visible in the autocomplete. */ disableIndexing?: pulumi.Input; /** * The calculated field expression. */ expression: pulumi.Input; /** * A boolean value that indicates if a calculated field is included in the topic. */ isIncludedInTopic?: pulumi.Input; /** * A Boolean value that indicates whether to never aggregate calculated field in filters. */ neverAggregateInFilter?: pulumi.Input; /** * The non additive for the table style target. */ nonAdditive?: pulumi.Input; /** * The list of aggregation types that are not allowed for the calculated field. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` . */ notAllowedAggregations?: pulumi.Input[]>; /** * The semantic type. */ semanticType?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface TopicCategoryFilterArgs { /** * The category filter function. Valid values for this structure are `EXACT` and `CONTAINS` . */ categoryFilterFunction?: pulumi.Input; /** * The category filter type. This element is used to specify whether a filter is a simple category filter or an inverse category filter. */ categoryFilterType?: pulumi.Input; /** * The constant used in a category filter. */ constant?: pulumi.Input; /** * A Boolean value that indicates if the filter is inverse. */ inverse?: pulumi.Input; } interface TopicCategoryFilterConstantArgs { /** * A collective constant used in a category filter. This element is used to specify a list of values for the constant. */ collectiveConstant?: pulumi.Input; /** * The type of category filter constant. This element is used to specify whether a constant is a singular or collective. Valid values are `SINGULAR` and `COLLECTIVE` . */ constantType?: pulumi.Input; /** * A singular constant used in a category filter. This element is used to specify a single value for the constant. */ singularConstant?: pulumi.Input; } interface TopicCellValueSynonymArgs { /** * The cell value. */ cellValue?: pulumi.Input; /** * Other names or aliases for the cell value. */ synonyms?: pulumi.Input[]>; } interface TopicCollectiveConstantArgs { /** * A list of values for the collective constant. */ valueList?: pulumi.Input[]>; } interface TopicColumnArgs { /** * The type of aggregation that is performed on the column data when it's queried. */ aggregation?: pulumi.Input; /** * The list of aggregation types that are allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` . */ allowedAggregations?: pulumi.Input[]>; /** * The other names or aliases for the column cell value. */ cellValueSynonyms?: pulumi.Input[]>; /** * The role of the column in the data. Valid values are `DIMENSION` and `MEASURE` . */ columnDataRole?: pulumi.Input; /** * A description of the column and its contents. */ columnDescription?: pulumi.Input; /** * A user-friendly name for the column. */ columnFriendlyName?: pulumi.Input; /** * The name of the column. */ columnName: pulumi.Input; /** * The other names or aliases for the column. */ columnSynonyms?: pulumi.Input[]>; /** * The order in which data is displayed for the column when it's used in a comparative context. */ comparativeOrder?: pulumi.Input; /** * The default formatting used for values in the column. */ defaultFormatting?: pulumi.Input; /** * A Boolean value that indicates whether the column shows in the autocomplete functionality. */ disableIndexing?: pulumi.Input; /** * A Boolean value that indicates whether the column is included in the query results. */ isIncludedInTopic?: pulumi.Input; /** * A Boolean value that indicates whether to aggregate the column data when it's used in a filter context. */ neverAggregateInFilter?: pulumi.Input; /** * The non additive value for the column. */ nonAdditive?: pulumi.Input; /** * The list of aggregation types that are not allowed for the column. Valid values for this structure are `COUNT` , `DISTINCT_COUNT` , `MIN` , `MAX` , `MEDIAN` , `SUM` , `AVERAGE` , `STDEV` , `STDEVP` , `VAR` , `VARP` , and `PERCENTILE` . */ notAllowedAggregations?: pulumi.Input[]>; /** * The semantic type of data contained in the column. */ semanticType?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface TopicComparativeOrderArgs { /** * The list of columns to be used in the ordering. */ specifedOrder?: pulumi.Input[]>; /** * The treat of undefined specified values. Valid values for this structure are `LEAST` and `MOST` . */ treatUndefinedSpecifiedValues?: pulumi.Input; /** * The ordering type for a column. Valid values for this structure are `GREATER_IS_BETTER` , `LESSER_IS_BETTER` and `SPECIFIED` . */ useOrdering?: pulumi.Input; } /** * Model for configuration of a Topic */ interface TopicConfigOptionsArgs { /** * Enables Amazon Q Business Insights for a `Topic` . */ qBusinessInsightsEnabled?: pulumi.Input; } interface TopicCustomInstructionsArgs { customInstructionsString: pulumi.Input; } interface TopicDataAggregationArgs { /** * The level of time precision that is used to aggregate `DateTime` values. */ datasetRowDateGranularity?: pulumi.Input; /** * The column name for the default date. */ defaultDateColumnName?: pulumi.Input; } interface TopicDatasetMetadataArgs { /** * The list of calculated field definitions. */ calculatedFields?: pulumi.Input[]>; /** * The list of column definitions. */ columns?: pulumi.Input[]>; /** * The definition of a data aggregation. */ dataAggregation?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the dataset. */ datasetArn: pulumi.Input; /** * The description of the dataset. */ datasetDescription?: pulumi.Input; /** * The name of the dataset. */ datasetName?: pulumi.Input; /** * The list of filter definitions. */ filters?: pulumi.Input[]>; /** * The list of named entities definitions. */ namedEntities?: pulumi.Input[]>; } interface TopicDateRangeFilterArgs { /** * The constant used in a date range filter. */ constant?: pulumi.Input; /** * A Boolean value that indicates whether the date range filter should include the boundary values. If set to true, the filter includes the start and end dates. If set to false, the filter excludes them. */ inclusive?: pulumi.Input; } interface TopicDefaultFormattingArgs { /** * The display format. Valid values for this structure are `AUTO` , `PERCENT` , `CURRENCY` , `NUMBER` , `DATE` , and `STRING` . */ displayFormat?: pulumi.Input; /** * The additional options for display formatting. */ displayFormatOptions?: pulumi.Input; } interface TopicDisplayFormatOptionsArgs { /** * Determines the blank cell format. */ blankCellFormat?: pulumi.Input; /** * The currency symbol, such as `USD` . */ currencySymbol?: pulumi.Input; /** * Determines the `DateTime` format. */ dateFormat?: pulumi.Input; /** * Determines the decimal separator. */ decimalSeparator?: pulumi.Input; /** * Determines the number of fraction digits. */ fractionDigits?: pulumi.Input; /** * Determines the grouping separator. */ groupingSeparator?: pulumi.Input; /** * The negative format. */ negativeFormat?: pulumi.Input; /** * The prefix value for a display format. */ prefix?: pulumi.Input; /** * The suffix value for a display format. */ suffix?: pulumi.Input; /** * The unit scaler. Valid values for this structure are: `NONE` , `AUTO` , `THOUSANDS` , `MILLIONS` , `BILLIONS` , and `TRILLIONS` . */ unitScaler?: pulumi.Input; /** * A Boolean value that indicates whether to use blank cell format. */ useBlankCellFormat?: pulumi.Input; /** * A Boolean value that indicates whether to use grouping. */ useGrouping?: pulumi.Input; } interface TopicFilterArgs { /** * The category filter that is associated with this filter. */ categoryFilter?: pulumi.Input; /** * The date range filter. */ dateRangeFilter?: pulumi.Input; /** * The class of the filter. Valid values for this structure are `ENFORCED_VALUE_FILTER` , `CONDITIONAL_VALUE_FILTER` , and `NAMED_VALUE_FILTER` . */ filterClass?: pulumi.Input; /** * A description of the filter used to select items for a topic. */ filterDescription?: pulumi.Input; /** * The name of the filter. */ filterName: pulumi.Input; /** * The other names or aliases for the filter. */ filterSynonyms?: pulumi.Input[]>; /** * The type of the filter. Valid values for this structure are `CATEGORY_FILTER` , `NUMERIC_EQUALITY_FILTER` , `NUMERIC_RANGE_FILTER` , `DATE_RANGE_FILTER` , and `RELATIVE_DATE_FILTER` . */ filterType?: pulumi.Input; /** * The numeric equality filter. */ numericEqualityFilter?: pulumi.Input; /** * The numeric range filter. */ numericRangeFilter?: pulumi.Input; /** * The name of the field that the filter operates on. */ operandFieldName: pulumi.Input; /** * The relative date filter. */ relativeDateFilter?: pulumi.Input; } interface TopicNamedEntityArgs { /** * The definition of a named entity. */ definition?: pulumi.Input[]>; /** * The description of the named entity. */ entityDescription?: pulumi.Input; /** * The name of the named entity. */ entityName: pulumi.Input; /** * The other names or aliases for the named entity. */ entitySynonyms?: pulumi.Input[]>; /** * The type of named entity that a topic represents. */ semanticEntityType?: pulumi.Input; } interface TopicNamedEntityDefinitionArgs { /** * The name of the entity. */ fieldName?: pulumi.Input; /** * The definition of a metric. */ metric?: pulumi.Input; /** * The property name to be used for the named entity. */ propertyName?: pulumi.Input; /** * The property role. Valid values for this structure are `PRIMARY` and `ID` . */ propertyRole?: pulumi.Input; /** * The property usage. Valid values for this structure are `INHERIT` , `DIMENSION` , and `MEASURE` . */ propertyUsage?: pulumi.Input; } interface TopicNamedEntityDefinitionMetricArgs { /** * The aggregation of a named entity. Valid values for this structure are `SUM` , `MIN` , `MAX` , `COUNT` , `AVERAGE` , `DISTINCT_COUNT` , `STDEV` , `STDEVP` , `VAR` , `VARP` , `PERCENTILE` , `MEDIAN` , and `CUSTOM` . */ aggregation?: pulumi.Input; /** * The additional parameters for an aggregation function. */ aggregationFunctionParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface TopicNegativeFormatArgs { /** * The prefix for a negative format. */ prefix?: pulumi.Input; /** * The suffix for a negative format. */ suffix?: pulumi.Input; } interface TopicNumericEqualityFilterArgs { /** * An aggregation function that specifies how to calculate the value of a numeric field for a topic. Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` . */ aggregation?: pulumi.Input; /** * The constant used in a numeric equality filter. */ constant?: pulumi.Input; } interface TopicNumericRangeFilterArgs { /** * An aggregation function that specifies how to calculate the value of a numeric field for a topic, Valid values for this structure are `NO_AGGREGATION` , `SUM` , `AVERAGE` , `COUNT` , `DISTINCT_COUNT` , `MAX` , `MEDIAN` , `MIN` , `STDEV` , `STDEVP` , `VAR` , and `VARP` . */ aggregation?: pulumi.Input; /** * The constant used in a numeric range filter. */ constant?: pulumi.Input; /** * A Boolean value that indicates whether the endpoints of the numeric range are included in the filter. If set to true, topics whose numeric field value is equal to the endpoint values will be included in the filter. If set to false, topics whose numeric field value is equal to the endpoint values will be excluded from the filter. */ inclusive?: pulumi.Input; } interface TopicRangeConstantArgs { /** * The maximum value for a range constant. */ maximum?: pulumi.Input; /** * The minimum value for a range constant. */ minimum?: pulumi.Input; } interface TopicRangeFilterConstantArgs { /** * The data type of the constant value that is used in a range filter. Valid values for this structure are `RANGE` . */ constantType?: pulumi.Input; /** * The value of the constant that is used to specify the endpoints of a range filter. */ rangeConstant?: pulumi.Input; } interface TopicRelativeDateFilterArgs { /** * The constant used in a relative date filter. */ constant?: pulumi.Input; /** * The function to be used in a relative date filter to determine the range of dates to include in the results. Valid values for this structure are `BEFORE` , `AFTER` , and `BETWEEN` . */ relativeDateFilterFunction?: pulumi.Input; /** * The level of time precision that is used to aggregate `DateTime` values. */ timeGranularity?: pulumi.Input; } interface TopicSemanticEntityTypeArgs { /** * The semantic entity sub type name. */ subTypeName?: pulumi.Input; /** * The semantic entity type name. */ typeName?: pulumi.Input; /** * The semantic entity type parameters. */ typeParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface TopicSemanticTypeArgs { /** * The semantic type falsey cell value. */ falseyCellValue?: pulumi.Input; /** * The other names or aliases for the false cell value. */ falseyCellValueSynonyms?: pulumi.Input[]>; /** * The semantic type sub type name. */ subTypeName?: pulumi.Input; /** * The semantic type truthy cell value. */ truthyCellValue?: pulumi.Input; /** * The other names or aliases for the true cell value. */ truthyCellValueSynonyms?: pulumi.Input[]>; /** * The semantic type name. */ typeName?: pulumi.Input; /** * The semantic type parameters. */ typeParameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } interface TopicSingularFilterConstantArgs { /** * The type of the singular filter constant. Valid values for this structure are `SINGULAR` . */ constantType?: pulumi.Input; /** * The value of the singular filter constant. */ singularConstant?: pulumi.Input; } } export declare namespace ram { } export declare namespace rbin { /** * The resource tag of the rule. */ interface RuleResourceTagArgs { /** * The tag key of the resource. */ resourceTagKey: pulumi.Input; /** * The tag value of the resource */ resourceTagValue: pulumi.Input; } /** * The retention period of the rule. */ interface RuleRetentionPeriodArgs { /** * The retention period unit of the rule */ retentionPeriodUnit: pulumi.Input; /** * The retention period value of the rule. */ retentionPeriodValue: pulumi.Input; } interface RuleUnlockDelayArgs { /** * The unit of time in which to measure the unlock delay. Currently, the unlock delay can be measure only in days. */ unlockDelayUnit?: pulumi.Input; /** * The unlock delay period, measured in the unit specified for UnlockDelayUnit. */ unlockDelayValue?: pulumi.Input; } } export declare namespace rds { /** * Describes an AWS Identity and Access Management (IAM) role that is associated with a DB cluster. */ interface DbClusterDbClusterRoleArgs { /** * The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB cluster grant permission for the DB cluster to access other AWS services on your behalf. For the list of supported feature names, see the ``SupportedFeatureNames`` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference*. */ featureName?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that is associated with the DB cluster. */ roleArn: pulumi.Input; } /** * The ``MasterUserSecret`` return value specifies the secret managed by RDS in AWS Secrets Manager for the master user password. * For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.* */ interface DbClusterMasterUserSecretArgs { /** * The AWS KMS key identifier that is used to encrypt the secret. */ kmsKeyId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the ``Fn::GetAtt`` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbcluster.html#aws-resource-rds-dbcluster-return-values). */ secretArn?: pulumi.Input; } /** * The ``ScalingConfiguration`` property type specifies the scaling configuration of an Aurora Serverless v1 DB cluster. * For more information, see [Using Amazon Aurora Serverless](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.html) in the *Amazon Aurora User Guide*. * This property is only supported for Aurora Serverless v1. For Aurora Serverless v2, Use the ``ServerlessV2ScalingConfiguration`` property. * Valid for: Aurora Serverless v1 DB clusters only */ interface DbClusterScalingConfigurationArgs { /** * Indicates whether to allow or disallow automatic pause for an Aurora DB cluster in ``serverless`` DB engine mode. A DB cluster can be paused only when it's idle (it has no connections). * If a DB cluster is paused for more than seven days, the DB cluster might be backed up with a snapshot. In this case, the DB cluster is restored when there is a request to connect to it. */ autoPause?: pulumi.Input; /** * The maximum capacity for an Aurora DB cluster in ``serverless`` DB engine mode. * For Aurora MySQL, valid capacity values are ``1``, ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``128``, and ``256``. * For Aurora PostgreSQL, valid capacity values are ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``192``, and ``384``. * The maximum capacity must be greater than or equal to the minimum capacity. */ maxCapacity?: pulumi.Input; /** * The minimum capacity for an Aurora DB cluster in ``serverless`` DB engine mode. * For Aurora MySQL, valid capacity values are ``1``, ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``128``, and ``256``. * For Aurora PostgreSQL, valid capacity values are ``2``, ``4``, ``8``, ``16``, ``32``, ``64``, ``192``, and ``384``. * The minimum capacity must be less than or equal to the maximum capacity. */ minCapacity?: pulumi.Input; /** * The amount of time, in seconds, that Aurora Serverless v1 tries to find a scaling point to perform seamless scaling before enforcing the timeout action. The default is 300. * Specify a value between 60 and 600 seconds. */ secondsBeforeTimeout?: pulumi.Input; /** * The time, in seconds, before an Aurora DB cluster in ``serverless`` mode is paused. * Specify a value between 300 and 86,400 seconds. */ secondsUntilAutoPause?: pulumi.Input; /** * The action to take when the timeout is reached, either ``ForceApplyCapacityChange`` or ``RollbackCapacityChange``. * ``ForceApplyCapacityChange`` sets the capacity to the specified value as soon as possible. * ``RollbackCapacityChange``, the default, ignores the capacity change if a scaling point isn't found in the timeout period. * If you specify ``ForceApplyCapacityChange``, connections that prevent Aurora Serverless v1 from finding a scaling point might be dropped. * For more information, see [Autoscaling for Aurora Serverless v1](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless.how-it-works.html#aurora-serverless.how-it-works.auto-scaling) in the *Amazon Aurora User Guide*. */ timeoutAction?: pulumi.Input; } /** * The ``ServerlessV2ScalingConfiguration`` property type specifies the scaling configuration of an Aurora Serverless V2 DB cluster. For more information, see [Using Amazon Aurora Serverless v2](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.html) in the *Amazon Aurora User Guide*. * If you have an Aurora cluster, you must set this attribute before you add a DB instance that uses the ``db.serverless`` DB instance class. For more information, see [Clusters that use Aurora Serverless v2 must have a capacity range specified](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.requirements.html#aurora-serverless-v2.requirements.capacity-range) in the *Amazon Aurora User Guide*. * This property is only supported for Aurora Serverless v2. For Aurora Serverless v1, use the ``ScalingConfiguration`` property. * Valid for: Aurora Serverless v2 DB clusters */ interface DbClusterServerlessV2ScalingConfigurationArgs { /** * The maximum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 40, 40.5, 41, and so on. The largest value that you can use is 128. * The maximum capacity must be higher than 0.5 ACUs. For more information, see [Choosing the maximum Aurora Serverless v2 capacity setting for a cluster](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/aurora-serverless-v2.setting-capacity.html#aurora-serverless-v2.max_capacity_considerations) in the *Amazon Aurora User Guide*. * Aurora automatically sets certain parameters for Aurora Serverless V2 DB instances to values that depend on the maximum ACU value in the capacity range. When you update the maximum capacity value, the ``ParameterApplyStatus`` value for the DB instance changes to ``pending-reboot``. You can update the parameter values by rebooting the DB instance after changing the capacity range. */ maxCapacity?: pulumi.Input; /** * The minimum number of Aurora capacity units (ACUs) for a DB instance in an Aurora Serverless v2 cluster. You can specify ACU values in half-step increments, such as 8, 8.5, 9, and so on. For Aurora versions that support the Aurora Serverless v2 auto-pause feature, the smallest value that you can use is 0. For versions that don't support Aurora Serverless v2 auto-pause, the smallest value that you can use is 0.5. */ minCapacity?: pulumi.Input; /** * Specifies the number of seconds an Aurora Serverless v2 DB instance must be idle before Aurora attempts to automatically pause it. * Specify a value between 300 seconds (five minutes) and 86,400 seconds (one day). The default is 300 seconds. */ secondsUntilAutoPause?: pulumi.Input; } /** * Contains details about an additional storage volume for a DB instance. RDS support additional storage volumes for RDS for Oracle and RDS for SQL Server. */ interface DbInstanceAdditionalStorageVolumeArgs { /** * The amount of storage allocated for the additional storage volume, in gibibytes (GiB). The minimum is 20 GiB. The maximum is 65,536 GiB (64 TiB). */ allocatedStorage?: pulumi.Input; /** * The number of I/O operations per second (IOPS) provisioned for the additional storage volume. */ iops?: pulumi.Input; /** * The upper limit in gibibytes (GiB) to which RDS can automatically scale the storage of the additional storage volume. */ maxAllocatedStorage?: pulumi.Input; /** * The storage throughput value for the additional storage volume, in mebibytes per second (MiBps). This setting applies only to the General Purpose SSD (``gp3``) storage type. */ storageThroughput?: pulumi.Input; /** * The storage type for the additional storage volume. * Valid Values: ``GP3 | IO2`` */ storageType?: pulumi.Input; /** * The name of the additional storage volume. * Valid Values: ``RDSDBDATA2 | RDSDBDATA3 | RDSDBDATA4`` */ volumeName?: pulumi.Input; } /** * Information about an AWS Identity and Access Management (IAM) role that is associated with a DB instance. */ interface DbInstanceDbInstanceRoleArgs { /** * The name of the feature associated with the AWS Identity and Access Management (IAM) role. IAM roles that are associated with a DB instance grant permission for the DB instance to access other AWS services on your behalf. For the list of supported feature names, see the ``SupportedFeatureNames`` description in [DBEngineVersion](https://docs.aws.amazon.com/AmazonRDS/latest/APIReference/API_DBEngineVersion.html) in the *Amazon RDS API Reference*. */ featureName: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role that is associated with the DB instance. */ roleArn: pulumi.Input; } /** * The ``MasterUserSecret`` return value specifies the secret managed by RDS in AWS Secrets Manager for the master user password. * For more information, see [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/rds-secrets-manager.html) in the *Amazon RDS User Guide* and [Password management with Secrets Manager](https://docs.aws.amazon.com/AmazonRDS/latest/AuroraUserGuide/rds-secrets-manager.html) in the *Amazon Aurora User Guide.* */ interface DbInstanceMasterUserSecretArgs { /** * The AWS KMS key identifier that is used to encrypt the secret. */ kmsKeyId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the secret. This parameter is a return value that you can retrieve using the ``Fn::GetAtt`` intrinsic function. For more information, see [Return values](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-rds-dbinstance.html#aws-resource-rds-dbinstance-return-values). */ secretArn?: pulumi.Input; } /** * The ``ProcessorFeature`` property type specifies the processor features of a DB instance class. */ interface DbInstanceProcessorFeatureArgs { /** * The name of the processor feature. Valid names are ``coreCount`` and ``threadsPerCore``. */ name?: pulumi.Input; /** * The value of a processor feature. */ value?: pulumi.Input; } interface DbProxyAuthFormatArgs { /** * The type of authentication that the proxy uses for connections from the proxy to the underlying database. */ authScheme?: pulumi.Input; /** * The type of authentication the proxy uses for connections from clients. */ clientPasswordAuthType?: pulumi.Input; /** * A user-specified description about the authentication used by a proxy to log in as a specific database user. */ description?: pulumi.Input; /** * Whether to require or disallow Amazon Web Services Identity and Access Management (IAM) authentication for connections to the proxy. The ENABLED value is valid only for proxies with RDS for Microsoft SQL Server. */ iamAuth?: pulumi.Input; /** * The Amazon Resource Name (ARN) representing the secret that the proxy uses to authenticate to the RDS DB instance or Aurora DB cluster. These secrets are stored within Amazon Secrets Manager. */ secretArn?: pulumi.Input; } interface DbProxyTargetGroupConnectionPoolConfigurationInfoFormatArgs { /** * The number of seconds for a proxy to wait for a connection to become available in the connection pool. */ connectionBorrowTimeout?: pulumi.Input; /** * One or more SQL statements for the proxy to run when opening each new database connection. */ initQuery?: pulumi.Input; /** * The maximum size of the connection pool for each target in a target group. */ maxConnectionsPercent?: pulumi.Input; /** * Controls how actively the proxy closes idle database connections in the connection pool. */ maxIdleConnectionsPercent?: pulumi.Input; /** * Each item in the list represents a class of SQL operations that normally cause all later statements in a session using a proxy to be pinned to the same underlying database connection. */ sessionPinningFilters?: pulumi.Input[]>; } /** * The ``OptionConfiguration`` property type specifies an individual option, and its settings, within an ``AWS::RDS::OptionGroup`` resource. */ interface OptionGroupOptionConfigurationArgs { /** * A list of DB security groups used for this option. */ dbSecurityGroupMemberships?: pulumi.Input[]>; /** * The configuration of options to include in a group. */ optionName: pulumi.Input; /** * The option settings to include in an option group. */ optionSettings?: pulumi.Input[]>; /** * The version for the option. */ optionVersion?: pulumi.Input; /** * The optional port for the option. */ port?: pulumi.Input; /** * A list of VPC security group names used for this option. */ vpcSecurityGroupMemberships?: pulumi.Input[]>; } /** * The ``OptionSetting`` property type specifies the value for an option within an ``OptionSetting`` property. */ interface OptionGroupOptionSettingArgs { /** * The name of the option that has settings that you can set. */ name?: pulumi.Input; /** * The current value of the option setting. */ value?: pulumi.Input; } } export declare namespace redshift { interface ClusterEndpointArgs { /** * The DNS address of the cluster. This property is read only. */ address?: pulumi.Input; /** * The port that the database engine is listening on. This property is read only. */ port?: pulumi.Input; } interface ClusterLoggingPropertiesArgs { /** * The name of an existing S3 bucket where the log files are to be stored. * * Constraints: * * - Must be in the same region as the cluster * - The cluster must have read bucket and put object permissions */ bucketName?: pulumi.Input; /** * The log destination type. An enum with possible values of `s3` and `cloudwatch` . */ logDestinationType?: pulumi.Input; /** * The collection of exported log types. Possible values are `connectionlog` , `useractivitylog` , and `userlog` . */ logExports?: pulumi.Input[]>; /** * The prefix applied to the log file names. * * Valid characters are any letter from any language, any whitespace character, any numeric character, and the following characters: underscore ( `_` ), period ( `.` ), colon ( `:` ), slash ( `/` ), equal ( `=` ), plus ( `+` ), backslash ( `\` ), hyphen ( `-` ), at symbol ( `@` ). */ s3KeyPrefix?: pulumi.Input; } interface ClusterParameterGroupParameterArgs { /** * The name of the parameter. */ parameterName: pulumi.Input; /** * The value of the parameter. If `ParameterName` is `wlm_json_configuration`, then the maximum size of `ParameterValue` is 8000 characters. */ parameterValue: pulumi.Input; } interface ScheduledActionTypeArgs { } } export declare namespace redshiftserverless { interface NamespaceSnapshotCopyConfigurationArgs { /** * The ID of the KMS key to use to encrypt your snapshots in the destination AWS Region . */ destinationKmsKeyId?: pulumi.Input; /** * The destination AWS Region to copy snapshots to. */ destinationRegion: pulumi.Input; /** * The retention period of snapshots that are copied to the destination AWS Region . */ snapshotRetentionPeriod?: pulumi.Input; } interface WorkgroupArgs { /** * The base data warehouse capacity of the workgroup in Redshift Processing Units (RPUs). */ baseCapacity?: pulumi.Input; /** * An array of parameters to set for advanced control over a database. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) . */ configParameters?: pulumi.Input[]>; /** * The creation date of the workgroup. */ creationDate?: pulumi.Input; /** * The endpoint that is created from the workgroup. */ endpoint?: pulumi.Input; /** * The value that specifies whether to enable enhanced virtual private cloud (VPC) routing, which forces Amazon Redshift Serverless to route traffic through your VPC. */ enhancedVpcRouting?: pulumi.Input; /** * The maximum data-warehouse capacity Amazon Redshift Serverless uses to serve queries. The max capacity is specified in RPUs. */ maxCapacity?: pulumi.Input; /** * The namespace the workgroup is associated with. */ namespaceName?: pulumi.Input; /** * An object that represents the price performance target settings for the workgroup. */ pricePerformanceTarget?: pulumi.Input; /** * A value that specifies whether the workgroup can be accessible from a public network. */ publiclyAccessible?: pulumi.Input; /** * An array of security group IDs to associate with the workgroup. */ securityGroupIds?: pulumi.Input[]>; /** * The status of the workgroup. */ status?: pulumi.Input; /** * An array of subnet IDs the workgroup is associated with. */ subnetIds?: pulumi.Input[]>; /** * The name of the track for the workgroup. */ trackName?: pulumi.Input; /** * The Amazon Resource Name (ARN) that links to the workgroup. */ workgroupArn?: pulumi.Input; /** * The unique identifier of the workgroup. */ workgroupId?: pulumi.Input; /** * The name of the workgroup. */ workgroupName?: pulumi.Input; } interface WorkgroupConfigParameterArgs { /** * The key of the parameter. The options are `auto_mv` , `datestyle` , `enable_case_sensitive_identifier` , `enable_user_activity_logging` , `query_group` , `search_path` , `require_ssl` , `use_fips_ssl` , and query monitoring metrics that let you define performance boundaries. For more information about query monitoring rules and available metrics, see [Query monitoring metrics for Amazon Redshift Serverless](https://docs.aws.amazon.com/redshift/latest/dg/cm-c-wlm-query-monitoring-rules.html#cm-c-wlm-query-monitoring-metrics-serverless) . */ parameterKey?: pulumi.Input; /** * The value of the parameter to set. */ parameterValue?: pulumi.Input; } interface WorkgroupEndpointArgs { /** * The DNS address of the VPC endpoint. */ address?: pulumi.Input; /** * The port that Amazon Redshift Serverless listens on. */ port?: pulumi.Input; /** * An array of `VpcEndpoint` objects. */ vpcEndpoints?: pulumi.Input[]>; } interface WorkgroupNetworkInterfaceArgs { /** * The availability Zone. */ availabilityZone?: pulumi.Input; /** * The unique identifier of the network interface. */ networkInterfaceId?: pulumi.Input; /** * The IPv4 address of the network interface within the subnet. */ privateIpAddress?: pulumi.Input; /** * The unique identifier of the subnet. */ subnetId?: pulumi.Input; } interface WorkgroupPerformanceTargetArgs { /** * The target price performance level for the workgroup. Valid values include 1, 25, 50, 75, and 100. These correspond to the price performance levels LOW_COST, ECONOMICAL, BALANCED, RESOURCEFUL, and HIGH_PERFORMANCE. */ level?: pulumi.Input; /** * Whether the price performance target is enabled for the workgroup. */ status?: pulumi.Input; } interface WorkgroupVpcEndpointArgs { /** * One or more network interfaces of the endpoint. Also known as an interface endpoint. */ networkInterfaces?: pulumi.Input[]>; /** * The connection endpoint ID for connecting to Amazon Redshift Serverless. */ vpcEndpointId?: pulumi.Input; /** * The VPC identifier that the endpoint is associated with. */ vpcId?: pulumi.Input; } } export declare namespace refactorspaces { interface ApplicationApiGatewayProxyInputArgs { /** * The type of endpoint to use for the API Gateway proxy. If no value is specified in the request, the value is set to `REGIONAL` by default. * * If the value is set to `PRIVATE` in the request, this creates a private API endpoint that is isolated from the public internet. The private endpoint can only be accessed by using Amazon Virtual Private Cloud (Amazon VPC) interface endpoints for the Amazon API Gateway that has been granted access. For more information about creating a private connection with Refactor Spaces and interface endpoint ( AWS PrivateLink ) availability, see [Access Refactor Spaces using an interface endpoint ( AWS PrivateLink )](https://docs.aws.amazon.com/migrationhub-refactor-spaces/latest/userguide/vpc-interface-endpoints.html) . */ endpointType?: pulumi.Input; /** * The name of the API Gateway stage. The name defaults to `prod` . */ stageName?: pulumi.Input; } interface RouteDefaultRouteInputArgs { /** * If set to `ACTIVE` , traffic is forwarded to this route’s service after the route is created. */ activationState: pulumi.Input; } interface RouteUriPathRouteInputArgs { /** * If set to `ACTIVE` , traffic is forwarded to this route’s service after the route is created. */ activationState: pulumi.Input; /** * If set to `true` , this option appends the source path to the service URL endpoint. */ appendSourcePath?: pulumi.Input; /** * Indicates whether to match all subpaths of the given source path. If this value is `false` , requests must match the source path exactly before they are forwarded to this route's service. */ includeChildPaths?: pulumi.Input; /** * A list of HTTP methods to match. An empty list matches all values. If a method is present, only HTTP requests using that method are forwarded to this route’s service. */ methods?: pulumi.Input[]>; /** * This is the path that Refactor Spaces uses to match traffic. Paths must start with `/` and are relative to the base of the application. To use path parameters in the source path, add a variable in curly braces. For example, the resource path {user} represents a path parameter called 'user'. */ sourcePath?: pulumi.Input; } interface ServiceLambdaEndpointInputArgs { /** * The Amazon Resource Name (ARN) of the Lambda function or alias. */ arn: pulumi.Input; } interface ServiceUrlEndpointInputArgs { /** * The health check URL of the URL endpoint type. If the URL is a public endpoint, the `HealthUrl` must also be a public endpoint. If the URL is a private endpoint inside a virtual private cloud (VPC), the health URL must also be a private endpoint, and the host must be the same as the URL. */ healthUrl?: pulumi.Input; /** * The URL to route traffic to. The URL must be an [rfc3986-formatted URL](https://docs.aws.amazon.com/https://datatracker.ietf.org/doc/html/rfc3986) . If the host is a domain name, the name must be resolvable over the public internet. If the scheme is `https` , the top level domain of the host must be listed in the [IANA root zone database](https://docs.aws.amazon.com/https://www.iana.org/domains/root/db) . */ url: pulumi.Input; } } export declare namespace rekognition { /** * A bounding box denoting a region of interest in the frame to be analyzed. */ interface StreamProcessorBoundingBoxArgs { /** * Height of the bounding box as a ratio of the overall image height. */ height: pulumi.Input; /** * Left coordinate of the bounding box as a ratio of overall image width. */ left: pulumi.Input; /** * Top coordinate of the bounding box as a ratio of overall image height. */ top: pulumi.Input; /** * Width of the bounding box as a ratio of the overall image width. */ width: pulumi.Input; } /** * Connected home settings to use on a streaming video. Note that either ConnectedHomeSettings or FaceSearchSettings should be set. Not both */ interface StreamProcessorConnectedHomeSettingsArgs { /** * Specifies what you want to detect in the video, such as people, packages, or pets. The current valid labels you can include in this list are: "PERSON", "PET", "PACKAGE", and "ALL". */ labels: pulumi.Input[]>; /** * Minimum object class match confidence score that must be met to return a result for a recognized object. */ minConfidence?: pulumi.Input; } /** * Indicates whether Rekognition is allowed to store the video stream data for model-training. */ interface StreamProcessorDataSharingPreferenceArgs { /** * Flag to enable data-sharing */ optIn: pulumi.Input; } /** * Face search settings to use on a streaming video. Note that either FaceSearchSettings or ConnectedHomeSettings should be set. Not both */ interface StreamProcessorFaceSearchSettingsArgs { /** * The ID of a collection that contains faces that you want to search for. */ collectionId: pulumi.Input; /** * Minimum face match confidence score percentage that must be met to return a result for a recognized face. The default is 80. 0 is the lowest confidence. 100 is the highest confidence. Values between 0 and 100 are accepted. */ faceMatchThreshold?: pulumi.Input; } /** * The Amazon Kinesis Data Stream stream to which the Amazon Rekognition stream processor streams the analysis results, as part of face search feature. */ interface StreamProcessorKinesisDataStreamArgs { /** * ARN of the Kinesis Data Stream stream. */ arn: pulumi.Input; } /** * The Kinesis Video Stream that streams the source video. */ interface StreamProcessorKinesisVideoStreamArgs { /** * ARN of the Kinesis Video Stream that streams the source video. */ arn: pulumi.Input; } /** * The ARN of the SNS notification channel where events of interests are published, as part of connected home feature. */ interface StreamProcessorNotificationChannelArgs { /** * ARN of the SNS topic. */ arn: pulumi.Input; } /** * An (X, Y) cartesian coordinate denoting a point on the frame */ interface StreamProcessorPointArgs { /** * The X coordinate of the point. */ x: pulumi.Input; /** * The Y coordinate of the point. */ y: pulumi.Input; } /** * The S3 location in customer's account where inference output & artifacts are stored, as part of connected home feature. */ interface StreamProcessorS3DestinationArgs { /** * Name of the S3 bucket. */ bucketName: pulumi.Input; /** * The object key prefix path where the results will be stored. Default is no prefix path */ objectKeyPrefix?: pulumi.Input; } } export declare namespace resiliencehub { /** * Indicates an event you would like to subscribe and get notification for. */ interface AppEventSubscriptionArgs { /** * The type of event you would like to subscribe and get notification for. */ eventType: pulumi.Input; /** * Unique name to identify an event subscription. */ name: pulumi.Input; /** * Amazon Resource Name (ARN) of the Amazon Simple Notification Service topic. */ snsTopicArn?: pulumi.Input; } /** * Defines the roles and credentials that AWS Resilience Hub would use while creating the application, importing its resources, and running an assessment. */ interface AppPermissionModelArgs { /** * Defines a list of role Amazon Resource Names (ARNs) to be used in other accounts. These ARNs are used for querying purposes while importing resources and assessing your application. */ crossAccountRoleArns?: pulumi.Input[]>; /** * Existing AWS IAM role name in the primary AWS account that will be assumed by AWS Resilience Hub Service Principle to obtain a read-only access to your application resources while running an assessment. */ invokerRoleName?: pulumi.Input; /** * Defines how AWS Resilience Hub scans your resources. It can scan for the resources by using a pre-existing role in your AWS account, or by using the credentials of the current IAM user. */ type: pulumi.Input; } interface AppPhysicalResourceIdArgs { /** * The AWS account that owns the physical resource. */ awsAccountId?: pulumi.Input; /** * The AWS Region that the physical resource is located in. */ awsRegion?: pulumi.Input; /** * Identifier of the physical resource. */ identifier: pulumi.Input; /** * Specifies the type of physical resource identifier. * * - **Arn** - The resource identifier is an Amazon Resource Name (ARN) and it can identify the following list of resources: * * - `AWS::ECS::Service` * - `AWS::EFS::FileSystem` * - `AWS::ElasticLoadBalancingV2::LoadBalancer` * - `AWS::Lambda::Function` * - `AWS::SNS::Topic` * - **Native** - The resource identifier is an AWS Resilience Hub -native identifier and it can identify the following list of resources: * * - `AWS::ApiGateway::RestApi` * - `AWS::ApiGatewayV2::Api` * - `AWS::AutoScaling::AutoScalingGroup` * - `AWS::DocDB::DBCluster` * - `AWS::DocDB::DBGlobalCluster` * - `AWS::DocDB::DBInstance` * - `AWS::DynamoDB::GlobalTable` * - `AWS::DynamoDB::Table` * - `AWS::EC2::EC2Fleet` * - `AWS::EC2::Instance` * - `AWS::EC2::NatGateway` * - `AWS::EC2::Volume` * - `AWS::ElasticLoadBalancing::LoadBalancer` * - `AWS::RDS::DBCluster` * - `AWS::RDS::DBInstance` * - `AWS::RDS::GlobalCluster` * - `AWS::Route53::RecordSet` * - `AWS::S3::Bucket` * - `AWS::SQS::Queue` */ type: pulumi.Input; } /** * Resource mapping is used to map logical resources from template to physical resource */ interface AppResourceMappingArgs { /** * Name of the Amazon Elastic Kubernetes Service cluster and namespace that this resource is mapped to when the `mappingType` is `EKS` . * * > This parameter accepts values in "eks-cluster/namespace" format. */ eksSourceName?: pulumi.Input; /** * Name of the CloudFormation stack this resource is mapped to when the `mappingType` is `CfnStack` . */ logicalStackName?: pulumi.Input; /** * Specifies the type of resource mapping. */ mappingType: pulumi.Input; /** * Identifier of the physical resource. */ physicalResourceId: pulumi.Input; /** * Name of the resource that this resource is mapped to when the `mappingType` is `Resource` . */ resourceName?: pulumi.Input; /** * Name of the Terraform source that this resource is mapped to when the `mappingType` is `Terraform` . */ terraformSourceName?: pulumi.Input; } /** * Failure Policy. */ interface ResiliencyPolicyFailurePolicyArgs { /** * RPO in seconds. */ rpoInSecs: pulumi.Input; /** * RTO in seconds. */ rtoInSecs: pulumi.Input; } interface ResiliencyPolicyPolicyMapArgs { /** * Defines the RTO and RPO targets for Availability Zone disruption. */ az: pulumi.Input; /** * Defines the RTO and RPO targets for hardware disruption. */ hardware: pulumi.Input; /** * Defines the RTO and RPO targets for Regional disruption. */ region?: pulumi.Input; /** * Defines the RTO and RPO targets for software disruption. */ software: pulumi.Input; } } export declare namespace resourceexplorer2 { interface ViewIncludedPropertyArgs { /** * The name of the property that is included in this view. */ name: pulumi.Input; } interface ViewSearchFilterArgs { /** * The string that contains the search keywords, prefixes, and operators to control the results that can be returned by a Search operation. * * For information about the supported syntax, see [Search query reference](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html) in the *AWS Resource Explorer User Guide* . * * > This query string in the context of this operation supports only [filter prefixes](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-filters) with optional [operators](https://docs.aws.amazon.com/resource-explorer/latest/userguide/using-search-query-syntax.html#query-syntax-operators) . It doesn't support free-form text. For example, the string `region:us* service:ec2 -tag:stage=prod` includes all Amazon EC2 resources in any AWS Region that begin with the letters `us` and are *not* tagged with a key `Stage` that has the value `prod` . */ filterString: pulumi.Input; } } export declare namespace resourcegroups { interface GroupConfigurationItemArgs { parameters?: pulumi.Input[]>; type?: pulumi.Input; } interface GroupConfigurationParameterArgs { name?: pulumi.Input; values?: pulumi.Input[]>; } interface GroupQueryArgs { /** * Specifies limits to the types of resources that can be included in the resource group. For example, if `ResourceTypeFilters` is `["AWS::EC2::Instance", "AWS::DynamoDB::Table"]` , only EC2 instances or DynamoDB tables can be members of this resource group. The default value is `["AWS::AllSupported"]` . */ resourceTypeFilters?: pulumi.Input[]>; /** * Specifies the ARN of a CloudFormation stack. All supported resources of the CloudFormation stack are members of the resource group. If you don't specify an ARN, this parameter defaults to the current stack that you are defining, which means that all the resources of the current stack are grouped. * * You can specify a value for `StackIdentifier` only when the `ResourceQuery.Type` property is `CLOUDFORMATION_STACK_1_0.` */ stackIdentifier?: pulumi.Input; /** * A list of key-value pair objects that limit which resources can be members of the resource group. This property is required when the `ResourceQuery.Type` property is `TAG_FILTERS_1_0` . * * A resource must have a tag that matches every filter that is provided in the `TagFilters` list. */ tagFilters?: pulumi.Input[]>; } interface GroupResourceQueryArgs { /** * The query that defines the membership of the group. This is a structure with properties that depend on the `Type` . * * The `Query` structure must be included in the following scenarios: * * - When the `Type` is `TAG_FILTERS_1_0` , you must specify a `Query` structure that contains a `TagFilters` list of tags. Resources with tags that match those in the `TagFilter` list become members of the resource group. * - When the `Type` is `CLOUDFORMATION_STACK_1_0` then this field is required only when you must specify a CloudFormation stack other than the one you are defining. To do this, the `Query` structure must contain the `StackIdentifier` property. If you don't specify either a `Query` structure or a `StackIdentifier` within that `Query` , then it defaults to the CloudFormation stack that you're currently constructing. */ query?: pulumi.Input; /** * Specifies the type of resource query that determines this group's membership. There are two valid query types: * * - `TAG_FILTERS_1_0` indicates that the group is a tag-based group. To complete the group membership, you must include the `TagFilters` property to specify the tag filters to use in the query. * - `CLOUDFORMATION_STACK_1_0` , the default, indicates that the group is a CloudFormation stack-based group. Group membership is based on the CloudFormation stack. You must specify the `StackIdentifier` property in the query to define which stack to associate the group with, or leave it empty to default to the stack where the group is defined. */ type?: pulumi.Input; } interface GroupTagFilterArgs { /** * A string that defines a tag key. Only resources in the account that are tagged with a specified tag key are members of the tag-based resource group. * * This field is required when the `ResourceQuery` structure's `Type` property is `TAG_FILTERS_1_0` . You must specify at least one tag key. */ key?: pulumi.Input; /** * A list of tag values that can be included in the tag-based resource group. This is optional. If you don't specify a value or values for a key, then an AWS resource with any value for that key is a member. */ values?: pulumi.Input[]>; } } export declare namespace robomaker { /** * The robot software suite used by the robot application. */ interface RobotApplicationRobotSoftwareSuiteArgs { /** * The name of robot software suite. */ name: pulumi.Input; /** * The version of robot software suite. */ version?: pulumi.Input; } interface RobotApplicationSourceConfigArgs { /** * The architecture of robot application. */ architecture: pulumi.Input; /** * The Arn of the S3Bucket that stores the robot application source. */ s3Bucket: pulumi.Input; /** * The s3 key of robot application source. */ s3Key: pulumi.Input; } /** * Information about a rendering engine. */ interface SimulationApplicationRenderingEngineArgs { /** * The name of the rendering engine. */ name: pulumi.Input; /** * The version of the rendering engine. */ version: pulumi.Input; } /** * Information about a robot software suite. */ interface SimulationApplicationRobotSoftwareSuiteArgs { /** * The name of the robot software suite. */ name: pulumi.Input; /** * The version of the robot software suite. */ version?: pulumi.Input; } /** * Information about a simulation software suite. */ interface SimulationApplicationSimulationSoftwareSuiteArgs { /** * The name of the simulation software suite. */ name: pulumi.Input; /** * The version of the simulation software suite. */ version?: pulumi.Input; } /** * Information about a source configuration. */ interface SimulationApplicationSourceConfigArgs { /** * The target processor architecture for the application. */ architecture: pulumi.Input; /** * The Amazon S3 bucket name. */ s3Bucket: pulumi.Input; /** * The s3 object key. */ s3Key: pulumi.Input; } } export declare namespace rolesanywhere { interface ProfileAttributeMappingArgs { /** * Fields (x509Subject, x509Issuer and x509SAN) within X.509 certificates. */ certificateField: pulumi.Input; /** * A list of mapping entries for every supported specifier or sub-field. */ mappingRules: pulumi.Input[]>; } interface ProfileMappingRuleArgs { /** * Specifier within a certificate field, such as CN, OU, or UID from the Subject field. */ specifier: pulumi.Input; } interface TrustAnchorNotificationSettingArgs { /** * The specified channel of notification. IAM Roles Anywhere uses CloudWatch metrics, EventBridge, and Health Dashboard to notify for an event. * * > In the absence of a specific channel, IAM Roles Anywhere applies this setting to 'ALL' channels. */ channel?: pulumi.Input; /** * Indicates whether the notification setting is enabled. */ enabled: pulumi.Input; /** * The event to which this notification setting is applied. */ event: pulumi.Input; /** * The number of days before a notification event. This value is required for a notification setting that is enabled. */ threshold?: pulumi.Input; } interface TrustAnchorSourceArgs { /** * A union object representing the data field of the TrustAnchor depending on its type */ sourceData: pulumi.Input; /** * The type of the TrustAnchor. */ sourceType: pulumi.Input; } interface TrustAnchorSourceData0PropertiesArgs { x509CertificateData: pulumi.Input; } interface TrustAnchorSourceData1PropertiesArgs { acmPcaArn: pulumi.Input; } } export declare namespace route53 { interface CidrCollectionLocationArgs { /** * A list of CIDR blocks. */ cidrList: pulumi.Input[]>; /** * The name of the location that is associated with the CIDR collection. */ locationName: pulumi.Input; } /** * A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy. */ interface HealthCheckAlarmIdentifierArgs { /** * The name of the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether this health check is healthy. */ name: pulumi.Input; /** * For the CloudWatch alarm that you want Route 53 health checkers to use to determine whether this health check is healthy, the region that the alarm was created in. */ region: pulumi.Input; } /** * A complex type that contains information about the health check. */ interface HealthCheckConfigPropertiesArgs { /** * A complex type that identifies the CloudWatch alarm that you want Amazon Route 53 health checkers to use to determine whether the specified health check is healthy. */ alarmIdentifier?: pulumi.Input; /** * (CALCULATED Health Checks Only) A complex type that contains one `ChildHealthCheck` element for each health check that you want to associate with a `CALCULATED` health check. */ childHealthChecks?: pulumi.Input[]>; /** * Specify whether you want Amazon Route 53 to send the value of `FullyQualifiedDomainName` to the endpoint in the `client_hello` message during TLS negotiation. This allows the endpoint to respond to `HTTPS` health check requests with the applicable SSL/TLS certificate. * * Some endpoints require that `HTTPS` requests include the host name in the `client_hello` message. If you don't enable SNI, the status of the health check will be `SSL alert handshake_failure` . A health check can also have that status for other reasons. If SNI is enabled and you're still getting the error, check the SSL/TLS configuration on your endpoint and confirm that your certificate is valid. * * The SSL/TLS certificate on your endpoint includes a domain name in the `Common Name` field and possibly several more in the `Subject Alternative Names` field. One of the domain names in the certificate should match the value that you specify for `FullyQualifiedDomainName` . If the endpoint responds to the `client_hello` message with a certificate that does not include the domain name that you specified in `FullyQualifiedDomainName` , a health checker will retry the handshake. In the second attempt, the health checker will omit `FullyQualifiedDomainName` from the `client_hello` message. */ enableSni?: pulumi.Input; /** * The number of consecutive health checks that an endpoint must pass or fail for Amazon Route 53 to change the current status of the endpoint from unhealthy to healthy or vice versa. For more information, see [How Amazon Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* . * * `FailureThreshold` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` . * * Otherwise, if you don't specify a value for `FailureThreshold` , the default value is three health checks. */ failureThreshold?: pulumi.Input; /** * Amazon Route 53 behavior depends on whether you specify a value for `IPAddress` . * * *If you specify a value for* `IPAddress` : * * Amazon Route 53 sends health check requests to the specified IPv4 or IPv6 address and passes the value of `FullyQualifiedDomainName` in the `Host` header for all health checks except TCP health checks. This is typically the fully qualified DNS name of the endpoint on which you want Route 53 to perform health checks. * * When Route 53 checks the health of an endpoint, here is how it constructs the `Host` header: * * - If you specify a value of `80` for `Port` and `HTTP` or `HTTP_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the Host header. * - If you specify a value of `443` for `Port` and `HTTPS` or `HTTPS_STR_MATCH` for `Type` , Route 53 passes the value of `FullyQualifiedDomainName` to the endpoint in the `Host` header. * - If you specify another value for `Port` and any value except `TCP` for `Type` , Route 53 passes `FullyQualifiedDomainName:Port` to the endpoint in the `Host` header. * * If you don't specify a value for `FullyQualifiedDomainName` , Route 53 substitutes the value of `IPAddress` in the `Host` header in each of the preceding cases. * * *If you don't specify a value for `IPAddress`* : * * Route 53 sends a DNS request to the domain that you specify for `FullyQualifiedDomainName` at the interval that you specify for `RequestInterval` . Using an IPv4 address that DNS returns, Route 53 then checks the health of the endpoint. * * > If you don't specify a value for `IPAddress` , Route 53 uses only IPv4 to send health checks to the endpoint. If there's no record with a type of A for the name that you specify for `FullyQualifiedDomainName` , the health check fails with a "DNS resolution failed" error. * * If you want to check the health of multiple records that have the same name and type, such as multiple weighted records, and if you choose to specify the endpoint only by `FullyQualifiedDomainName` , we recommend that you create a separate health check for each endpoint. For example, create a health check for each HTTP server that is serving content for www.example.com. For the value of `FullyQualifiedDomainName` , specify the domain name of the server (such as us-east-2-www.example.com), not the name of the records (www.example.com). * * > In this configuration, if you create a health check for which the value of `FullyQualifiedDomainName` matches the name of the records and you then associate the health check with those records, health check results will be unpredictable. * * In addition, if the value that you specify for `Type` is `HTTP` , `HTTPS` , `HTTP_STR_MATCH` , or `HTTPS_STR_MATCH` , Route 53 passes the value of `FullyQualifiedDomainName` in the `Host` header, as it does when you specify a value for `IPAddress` . If the value of `Type` is `TCP` , Route 53 doesn't pass a `Host` header. */ fullyQualifiedDomainName?: pulumi.Input; /** * The number of child health checks that are associated with a `CALCULATED` health check that Amazon Route 53 must consider healthy for the `CALCULATED` health check to be considered healthy. To specify the child health checks that you want to associate with a `CALCULATED` health check, use the [ChildHealthChecks](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-ChildHealthChecks) element. * * Note the following: * * - If you specify a number greater than the number of child health checks, Route 53 always considers this health check to be unhealthy. * - If you specify `0` , Route 53 always considers this health check to be healthy. */ healthThreshold?: pulumi.Input; /** * When CloudWatch has insufficient data about the metric to determine the alarm state, the status that you want Amazon Route 53 to assign to the health check: * * - `Healthy` : Route 53 considers the health check to be healthy. * - `Unhealthy` : Route 53 considers the health check to be unhealthy. * - `LastKnownStatus` : Route 53 uses the status of the health check from the last time that CloudWatch had sufficient data to determine the alarm state. For new health checks that have no last known status, the default status for the health check is healthy. */ insufficientDataHealthStatus?: pulumi.Input; /** * Specify whether you want Amazon Route 53 to invert the status of a health check, for example, to consider a health check unhealthy when it otherwise would be considered healthy. */ inverted?: pulumi.Input; /** * The IPv4 or IPv6 IP address of the endpoint that you want Amazon Route 53 to perform health checks on. If you don't specify a value for `IPAddress` , Route 53 sends a DNS request to resolve the domain name that you specify in `FullyQualifiedDomainName` at the interval that you specify in `RequestInterval` . Using an IP address returned by DNS, Route 53 then checks the health of the endpoint. * * Use one of the following formats for the value of `IPAddress` : * * - *IPv4 address* : four values between 0 and 255, separated by periods (.), for example, `192.0.2.44` . * - *IPv6 address* : eight groups of four hexadecimal values, separated by colons (:), for example, `2001:0db8:85a3:0000:0000:abcd:0001:2345` . You can also shorten IPv6 addresses as described in RFC 5952, for example, `2001:db8:85a3::abcd:1:2345` . * * If the endpoint is an EC2 instance, we recommend that you create an Elastic IP address, associate it with your EC2 instance, and specify the Elastic IP address for `IPAddress` . This ensures that the IP address of your instance will never change. * * For more information, see [FullyQualifiedDomainName](https://docs.aws.amazon.com/Route53/latest/APIReference/API_UpdateHealthCheck.html#Route53-UpdateHealthCheck-request-FullyQualifiedDomainName) . * * Constraints: Route 53 can't check the health of endpoints for which the IP address is in local, private, non-routable, or multicast ranges. For more information about IP addresses for which you can't create health checks, see the following documents: * * - [RFC 5735, Special Use IPv4 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5735) * - [RFC 6598, IANA-Reserved IPv4 Prefix for Shared Address Space](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6598) * - [RFC 5156, Special-Use IPv6 Addresses](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc5156) * * When the value of `Type` is `CALCULATED` or `CLOUDWATCH_METRIC` , omit `IPAddress` . */ ipAddress?: pulumi.Input; /** * Specify whether you want Amazon Route 53 to measure the latency between health checkers in multiple AWS regions and your endpoint, and to display CloudWatch latency graphs on the *Health Checks* page in the Route 53 console. * * `MeasureLatency` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` . * * > You can't change the value of `MeasureLatency` after you create a health check. */ measureLatency?: pulumi.Input; /** * The port on the endpoint that you want Amazon Route 53 to perform health checks on. * * > Don't specify a value for `Port` when you specify a value for [Type](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-route53-healthcheck-healthcheckconfig.html#cfn-route53-healthcheck-healthcheckconfig-type) of `CLOUDWATCH_METRIC` or `CALCULATED` . */ port?: pulumi.Input; /** * A complex type that contains one `Region` element for each region from which you want Amazon Route 53 health checkers to check the specified endpoint. * * If you don't specify any regions, Route 53 health checkers automatically performs checks from all of the regions that are listed under *Valid Values* . * * If you update a health check to remove a region that has been performing health checks, Route 53 will briefly continue to perform checks from that region to ensure that some health checkers are always checking the endpoint (for example, if you replace three regions with four different regions). */ regions?: pulumi.Input[]>; /** * The number of seconds between the time that Amazon Route 53 gets a response from your endpoint and the time that it sends the next health check request. Each Route 53 health checker makes requests at this interval. * * `RequestInterval` is not supported when you specify a value for `Type` of `RECOVERY_CONTROL` . * * > You can't change the value of `RequestInterval` after you create a health check. * * If you don't specify a value for `RequestInterval` , the default value is `30` seconds. */ requestInterval?: pulumi.Input; /** * The path, if any, that you want Amazon Route 53 to request when performing health checks. The path can be any value for which your endpoint will return an HTTP status code of 2xx or 3xx when the endpoint is healthy, for example, the file /docs/route53-health-check.html. You can also include query string parameters, for example, `/welcome.html?language=jp&login=y` . */ resourcePath?: pulumi.Input; /** * The Amazon Resource Name (ARN) for the Route 53 Application Recovery Controller routing control. * * For more information about Route 53 Application Recovery Controller, see [Route 53 Application Recovery Controller Developer Guide.](https://docs.aws.amazon.com/r53recovery/latest/dg/what-is-route-53-recovery.html) . */ routingControlArn?: pulumi.Input; /** * If the value of Type is `HTTP_STR_MATCH` or `HTTPS_STR_MATCH` , the string that you want Amazon Route 53 to search for in the response body from the specified resource. If the string appears in the response body, Route 53 considers the resource healthy. * * Route 53 considers case when searching for `SearchString` in the response body. */ searchString?: pulumi.Input; /** * The type of health check that you want to create, which indicates how Amazon Route 53 determines whether an endpoint is healthy. * * > You can't change the value of `Type` after you create a health check. * * You can create the following types of health checks: * * - *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400. * - *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400. * * > If you specify `HTTPS` for the value of `Type` , the endpoint must support TLS v1.0 or later. * - *HTTP_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` . * - *HTTPS_STR_MATCH* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an `HTTPS` request and searches the first 5,120 bytes of the response body for the string that you specify in `SearchString` . * - *TCP* : Route 53 tries to establish a TCP connection. * - *CLOUDWATCH_METRIC* : The health check is associated with a CloudWatch alarm. If the state of the alarm is `OK` , the health check is considered healthy. If the state is `ALARM` , the health check is considered unhealthy. If CloudWatch doesn't have sufficient data to determine whether the state is `OK` or `ALARM` , the health check status depends on the setting for `InsufficientDataHealthStatus` : `Healthy` , `Unhealthy` , or `LastKnownStatus` . * * > Route 53 supports CloudWatch alarms with the following features: * > * > - Standard-resolution metrics. High-resolution metrics aren't supported. For more information, see [High-Resolution Metrics](https://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/publishingMetrics.html#high-resolution-metrics) in the *Amazon CloudWatch User Guide* . * > - Statistics: Average, Minimum, Maximum, Sum, and SampleCount. Extended statistics aren't supported. * - *CALCULATED* : For health checks that monitor the status of other health checks, Route 53 adds up the number of health checks that Route 53 health checkers consider to be healthy and compares that number with the value of `HealthThreshold` . * - *RECOVERY_CONTROL* : The health check is assocated with a Route53 Application Recovery Controller routing control. If the routing control state is `ON` , the health check is considered healthy. If the state is `OFF` , the health check is considered unhealthy. * * For more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Amazon Route 53 Developer Guide* . */ type: pulumi.Input; } /** * A complex type that contains an optional comment about your hosted zone. If you don't want to specify a comment, omit both the ``HostedZoneConfig`` and ``Comment`` elements. */ interface HostedZoneConfigArgs { /** * Any comments that you want to include about the hosted zone. */ comment?: pulumi.Input; } /** * Represents the features configuration for a hosted zone, including the status of various features and any associated failure reasons. */ interface HostedZoneFeaturesArgs { enableAcceleratedRecovery?: pulumi.Input; } /** * A complex type that contains information about a configuration for DNS query logging. */ interface HostedZoneQueryLoggingConfigArgs { /** * The Amazon Resource Name (ARN) of the CloudWatch Logs log group that Amazon Route 53 is publishing logs to. */ cloudWatchLogsLogGroupArn: pulumi.Input; } /** * *Private hosted zones only:* A complex type that contains information about an Amazon VPC. Route 53 Resolver uses the records in the private hosted zone to route traffic in that VPC. * For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``. */ interface HostedZoneVpcArgs { /** * *Private hosted zones only:* The ID of an Amazon VPC. * For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``. */ vpcId: pulumi.Input; /** * *Private hosted zones only:* The region that an Amazon VPC was created in. * For public hosted zones, omit ``VPCs``, ``VPCId``, and ``VPCRegion``. */ vpcRegion: pulumi.Input; } } export declare namespace route53globalresolver { } export declare namespace route53profiles { } export declare namespace route53recoverycontrol { /** * An assertion rule enforces that, when a routing control state is changed, that the criteria set by the rule configuration is met. Otherwise, the change to the routing control is not accepted. */ interface SafetyRuleAssertionRuleArgs { /** * The routing controls that are part of transactions that are evaluated to determine if a request to change a routing control state is allowed. For example, you might include three routing controls, one for each of three AWS Regions. */ assertedControls: pulumi.Input[]>; /** * An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent "flapping" of state. The wait period is 5000 ms by default, but you can choose a custom value. */ waitPeriodMs: pulumi.Input; } /** * A gating rule verifies that a set of gating controls evaluates as true, based on a rule configuration that you specify. If the gating rule evaluates to true, Amazon Route 53 Application Recovery Controller allows a set of routing control state changes to run and complete against the set of target controls. */ interface SafetyRuleGatingRuleArgs { /** * The gating controls for the gating rule. That is, routing controls that are evaluated by the rule configuration that you specify. */ gatingControls: pulumi.Input[]>; /** * Routing controls that can only be set or unset if the specified RuleConfig evaluates to true for the specified GatingControls. For example, say you have three gating controls, one for each of three AWS Regions. Now you specify AtLeast 2 as your RuleConfig. With these settings, you can only change (set or unset) the routing controls that you have specified as TargetControls if that rule evaluates to true. * In other words, your ability to change the routing controls that you have specified as TargetControls is gated by the rule that you set for the routing controls in GatingControls. */ targetControls: pulumi.Input[]>; /** * An evaluation period, in milliseconds (ms), during which any request against the target routing controls will fail. This helps prevent "flapping" of state. The wait period is 5000 ms by default, but you can choose a custom value. */ waitPeriodMs: pulumi.Input; } /** * The rule configuration for an assertion rule or gating rule. This is the criteria that you set for specific assertion controls (routing controls) or gating controls. This configuration specifies how many controls must be enabled after a transaction completes. */ interface SafetyRuleRuleConfigArgs { /** * Logical negation of the rule. If the rule would usually evaluate true, it's evaluated as false, and vice versa. */ inverted: pulumi.Input; /** * The value of N, when you specify an ATLEAST rule type. That is, Threshold is the number of controls that must be set when you specify an ATLEAST type. */ threshold: pulumi.Input; /** * A rule can be one of the following: `ATLEAST` , `AND` , or `OR` . */ type: pulumi.Input; } } export declare namespace route53recoveryreadiness { /** * A component for DNS/routing control readiness checks. */ interface ResourceSetDnsTargetResourceArgs { /** * The domain name that acts as an ingress point to a portion of the customer application. */ domainName?: pulumi.Input; /** * The hosted zone Amazon Resource Name (ARN) that contains the DNS record with the provided name of the target resource. */ hostedZoneArn?: pulumi.Input; /** * The Route 53 record set ID that will uniquely identify a DNS record, given a name and a type. */ recordSetId?: pulumi.Input; /** * The type of DNS record of the target resource. */ recordType?: pulumi.Input; /** * The target resource that the Route 53 record points to. */ targetResource?: pulumi.Input; } /** * The Network Load Balancer resource that a DNS target resource points to. */ interface ResourceSetNlbResourceArgs { /** * A Network Load Balancer resource Amazon Resource Name (ARN). */ arn?: pulumi.Input; } /** * The Route 53 resource that a DNS target resource record points to. */ interface ResourceSetR53ResourceRecordArgs { /** * The DNS target domain name. */ domainName?: pulumi.Input; /** * The Resource Record set id. */ recordSetId?: pulumi.Input; } /** * The resource element of a ResourceSet */ interface ResourceSetResourceArgs { /** * The component identifier of the resource, generated when DNS target resource is used. */ componentId?: pulumi.Input; /** * A component for DNS/routing control readiness checks. This is a required setting when `ResourceSet` `ResourceSetType` is set to `AWS::Route53RecoveryReadiness::DNSTargetResource` . Do not set it for any other `ResourceSetType` setting. */ dnsTargetResource?: pulumi.Input; /** * A list of recovery group Amazon Resource Names (ARNs) and cell ARNs that this resource is contained within. */ readinessScopes?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the AWS resource. */ resourceArn?: pulumi.Input; } /** * The target resource that the Route 53 record points to. */ interface ResourceSetTargetResourceArgs { /** * The Network Load Balancer resource that a DNS target resource points to. */ nlbResource?: pulumi.Input; /** * The Route 53 resource that a DNS target resource record points to. */ r53Resource?: pulumi.Input; } } export declare namespace route53resolver { /** * Firewall Rule associating the Rule Group to a Domain List */ interface FirewallRuleGroupFirewallRuleArgs { /** * Rule Action */ action: pulumi.Input; /** * BlockOverrideDnsType */ blockOverrideDnsType?: pulumi.Input; /** * BlockOverrideDomain */ blockOverrideDomain?: pulumi.Input; /** * BlockOverrideTtl */ blockOverrideTtl?: pulumi.Input; /** * BlockResponse */ blockResponse?: pulumi.Input; /** * FirewallDomainRedirectionAction */ confidenceThreshold?: pulumi.Input; /** * FirewallDomainRedirectionAction */ dnsThreatProtection?: pulumi.Input; /** * ResourceId */ firewallDomainListId?: pulumi.Input; /** * FirewallDomainRedirectionAction */ firewallDomainRedirectionAction?: pulumi.Input; /** * ResourceId */ firewallThreatProtectionId?: pulumi.Input; /** * Rule Priority */ priority: pulumi.Input; /** * Qtype */ qtype?: pulumi.Input; } interface ResolverEndpointIpAddressRequestArgs { /** * The IPv4 address that you want to use for DNS queries. */ ip?: pulumi.Input; /** * The IPv6 address that you want to use for DNS queries. */ ipv6?: pulumi.Input; /** * The ID of the subnet that contains the IP address. */ subnetId: pulumi.Input; } interface ResolverRuleTargetAddressArgs { /** * One IP address that you want to forward DNS queries to. You can specify only IPv4 addresses. */ ip?: pulumi.Input; /** * One IPv6 address that you want to forward DNS queries to. You can specify only IPv6 addresses. */ ipv6?: pulumi.Input; /** * The port at Ip that you want to forward DNS queries to. */ port?: pulumi.Input; /** * The protocol that you want to use to forward DNS queries. */ protocol?: pulumi.Input; /** * The SNI of the target name servers for DoH/DoH-FIPS outbound endpoints */ serverNameIndication?: pulumi.Input; } } export declare namespace rtbfabric { interface InboundExternalLinkLinkAttributesArgs { customerProvidedId?: pulumi.Input; responderErrorMasking?: pulumi.Input[]>; } interface InboundExternalLinkLinkLogSettingsArgs { applicationLogs: pulumi.Input; } interface InboundExternalLinkLinkLogSettingsApplicationLogsPropertiesArgs { linkApplicationLogSampling: pulumi.Input; } interface InboundExternalLinkLinkLogSettingsApplicationLogsPropertiesLinkApplicationLogSamplingPropertiesArgs { errorLog: pulumi.Input; filterLog: pulumi.Input; } interface InboundExternalLinkResponderErrorMaskingForHttpCodeArgs { action: pulumi.Input; httpCode: pulumi.Input; loggingTypes: pulumi.Input[]>; responseLoggingPercentage?: pulumi.Input; } interface LinkAttributesArgs { /** * The customer-provided unique identifier of the link. */ customerProvidedId?: pulumi.Input; /** * Describes the masking for HTTP error codes. */ responderErrorMasking?: pulumi.Input[]>; } interface LinkLogSettingsArgs { /** * Describes the configuration of a link application log. */ applicationLogs: pulumi.Input; } /** * Describes the configuration of a link application log. */ interface LinkLogSettingsApplicationLogsPropertiesArgs { linkApplicationLogSampling: pulumi.Input; } interface LinkLogSettingsApplicationLogsPropertiesLinkApplicationLogSamplingPropertiesArgs { errorLog: pulumi.Input; filterLog: pulumi.Input; } interface LinkModuleConfigurationArgs { dependsOn?: pulumi.Input[]>; moduleParameters?: pulumi.Input; name: pulumi.Input; version?: pulumi.Input; } interface LinkModuleParametersArgs { } interface LinkResponderErrorMaskingForHttpCodeArgs { /** * The action for the error.. */ action: pulumi.Input; /** * The HTTP error code. */ httpCode: pulumi.Input; /** * The error log type. */ loggingTypes: pulumi.Input[]>; /** * The percentage of response logging. */ responseLoggingPercentage?: pulumi.Input; } interface OutboundExternalLinkLinkAttributesArgs { customerProvidedId?: pulumi.Input; responderErrorMasking?: pulumi.Input[]>; } interface OutboundExternalLinkLinkLogSettingsArgs { applicationLogs: pulumi.Input; } interface OutboundExternalLinkLinkLogSettingsApplicationLogsPropertiesArgs { linkApplicationLogSampling: pulumi.Input; } interface OutboundExternalLinkLinkLogSettingsApplicationLogsPropertiesLinkApplicationLogSamplingPropertiesArgs { errorLog: pulumi.Input; filterLog: pulumi.Input; } interface OutboundExternalLinkResponderErrorMaskingForHttpCodeArgs { action: pulumi.Input; httpCode: pulumi.Input; loggingTypes: pulumi.Input[]>; responseLoggingPercentage?: pulumi.Input; } interface ResponderGatewayManagedEndpointConfigurationArgs { } interface ResponderGatewayTrustStoreConfigurationArgs { /** * The certificate authority certificate. */ certificateAuthorityCertificates: pulumi.Input[]>; } } export declare namespace rum { /** * AppMonitor configuration */ interface AppMonitorConfigurationArgs { /** * If you set this to true, the RUM web client sets two cookies, a session cookie and a user cookie. The cookies allow the RUM web client to collect data relating to the number of users an application has and the behavior of the application across a sequence of events. Cookies are stored in the top-level domain of the current page. */ allowCookies?: pulumi.Input; /** * If you set this to true, RUM enables xray tracing for the user sessions that RUM samples. RUM adds an xray trace header to allowed HTTP requests. It also records an xray segment for allowed HTTP requests. You can see traces and segments from these user sessions in the xray console and the CW ServiceLens console. */ enableXRay?: pulumi.Input; /** * A list of URLs in your website or application to exclude from RUM data collection. You can't include both ExcludedPages and IncludedPages in the same operation. */ excludedPages?: pulumi.Input[]>; /** * A list of pages in the RUM console that are to be displayed with a favorite icon. */ favoritePages?: pulumi.Input[]>; /** * The ARN of the guest IAM role that is attached to the identity pool that is used to authorize the sending of data to RUM. */ guestRoleArn?: pulumi.Input; /** * The ID of the identity pool that is used to authorize the sending of data to RUM. */ identityPoolId?: pulumi.Input; /** * If this app monitor is to collect data from only certain pages in your application, this structure lists those pages. You can't include both ExcludedPages and IncludedPages in the same operation. */ includedPages?: pulumi.Input[]>; /** * An array of structures which define the destinations and the metrics that you want to send. */ metricDestinations?: pulumi.Input[]>; /** * Specifies the percentage of user sessions to use for RUM data collection. Choosing a higher percentage gives you more data but also incurs more costs. The number you specify is the percentage of user sessions that will be used. If you omit this parameter, the default of 10 is used. */ sessionSampleRate?: pulumi.Input; /** * An array that lists the types of telemetry data that this app monitor is to collect. */ telemetries?: pulumi.Input[]>; } /** * AppMonitor custom events configuration */ interface AppMonitorCustomEventsArgs { /** * Indicates whether AppMonitor accepts custom events. */ status?: pulumi.Input; } /** * A structure that contains the configuration for how an app monitor can deobfuscate stack traces. */ interface AppMonitorDeobfuscationConfigurationArgs { /** * A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps. */ javaScriptSourceMaps?: pulumi.Input; } /** * A structure that contains the configuration for how an app monitor can unminify JavaScript error stack traces using source maps. */ interface AppMonitorDeobfuscationConfigurationJavaScriptSourceMapsPropertiesArgs { /** * The S3Uri of the bucket or folder that stores the source map files. It is required if status is ENABLED. */ s3Uri?: pulumi.Input; /** * Specifies whether JavaScript error stack traces should be unminified for this app monitor. The default is for JavaScript error stack trace unminification to be DISABLED */ status: pulumi.Input; } /** * A single metric definition */ interface AppMonitorMetricDefinitionArgs { /** * Use this field only if you are sending the metric to CloudWatch. * * This field is a map of field paths to dimension names. It defines the dimensions to associate with this metric in CloudWatch. For extended metrics, valid values for the entries in this field are the following: * * "metadata.pageId": "PageId" * * "metadata.browserName": "BrowserName" * * "metadata.deviceType": "DeviceType" * * "metadata.osName": "OSName" * * "metadata.countryCode": "CountryCode" * * "event_details.fileType": "FileType" * * All dimensions listed in this field must also be included in EventPattern. */ dimensionKeys?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The pattern that defines the metric, specified as a JSON object. RUM checks events that happen in a user's session against the pattern, and events that match the pattern are sent to the metric destination. * * When you define extended metrics, the metric definition is not valid if EventPattern is omitted. * * Example event patterns: * * '{ "event_type": ["com.amazon.rum.js_error_event"], "metadata": { "browserName": [ "Chrome", "Safari" ], } }' * * '{ "event_type": ["com.amazon.rum.performance_navigation_event"], "metadata": { "browserName": [ "Chrome", "Firefox" ] }, "event_details": { "duration": [{ "numeric": [ "<", 2000 ] }] } }' * * '{ "event_type": ["com.amazon.rum.performance_navigation_event"], "metadata": { "browserName": [ "Chrome", "Safari" ], "countryCode": [ "US" ] }, "event_details": { "duration": [{ "numeric": [ ">=", 2000, "<", 8000 ] }] } }' * * If the metrics destination' is CloudWatch and the event also matches a value in DimensionKeys, then the metric is published with the specified dimensions. */ eventPattern?: pulumi.Input; /** * The name for the metric that is defined in this structure. For extended metrics, valid values are the following: * * PerformanceNavigationDuration * * PerformanceResourceDuration * * NavigationSatisfiedTransaction * * NavigationToleratedTransaction * * NavigationFrustratedTransaction * * WebVitalsCumulativeLayoutShift * * WebVitalsFirstInputDelay * * WebVitalsLargestContentfulPaint * * WebVitalsInteractionToNextPaint * * JsErrorCount * * HttpErrorCount * * SessionCount * * PageViewCount * * Http4xxCount * * Http5xxCount * * SessionDuration * * PageViewCountPerSession * * JsErrorCountPerSession * * Http4xxCountPerSession * * Http5xxCountPerSession * * JsErrorCountPerPageView * * Http4xxCountPerPageView * * Http5xxCountPerPageView * * TimeOnPage * * ColdLaunchTime * * WarmLaunchTime * * CrashCount * * ANRCount * * AppHangCount * * ScreenLoadCount * * ScreenLoadTime * * NetworkLatency * * SpanPayloadSize * * LogEventPayloadSize */ name: pulumi.Input; /** * The namespace used by CloudWatch Metrics for the metric that is defined in this structure */ namespace?: pulumi.Input; /** * The CloudWatch metric unit to use for this metric. If you omit this field, the metric is recorded with no unit. */ unitLabel?: pulumi.Input; /** * The field within the event object that the metric value is sourced from. * * If you omit this field, a hardcoded value of 1 is pushed as the metric value. This is useful if you just want to count the number of events that the filter catches. * * If this metric is sent to Evidently, this field will be passed to Evidently raw and Evidently will handle data extraction from the event. Note: Evidently has been discontinued. */ valueKey?: pulumi.Input; } /** * An structure which defines the destination and the metrics that you want to send. */ interface AppMonitorMetricDestinationArgs { /** * Defines the destination to send the metrics to. Valid values are CloudWatch and Evidently. Note: Evidently has been discontinued and is no longer supported - requests with Evidently will be rejected. */ destination: pulumi.Input; /** * Evidently has been discontinued and therefore this is no longer an acceptable field. If Destination is CloudWatch, do not use this parameter. * * This parameter specifies the ARN of the Evidently experiment that will receive the extended metrics. */ destinationArn?: pulumi.Input; /** * Evidently has been discontinued and therefore this is no longer an acceptable field. If Destination is CloudWatch, do not use this parameter. * * This parameter specifies the ARN of an IAM role that RUM will assume to write to the Evidently experiment that you are sending metrics to. This role must have permission to write to that experiment. */ iamRoleArn?: pulumi.Input; /** * An array of structures which define the metrics that you want to send. */ metricDefinitions?: pulumi.Input[]>; } /** * A structure that defines resource policy attached to your app monitor. */ interface AppMonitorResourcePolicyArgs { /** * The JSON to use as the resource policy. The document can be up to 4 KB in size. */ policyDocument: pulumi.Input; /** * A string value that you can use to conditionally update your policy. You can provide the revision ID of your existing policy to make mutating requests against that policy. * * When you assign a policy revision ID, then later requests about that policy will be rejected with an InvalidPolicyRevisionIdException error if they don't provide the correct current revision ID. */ policyRevisionId?: pulumi.Input; } } export declare namespace s3 { interface AccessGrantGranteeArgs { /** * The unique identifier of the Grantee */ granteeIdentifier: pulumi.Input; /** * Configures the transfer acceleration state for an Amazon S3 bucket. */ granteeType: pulumi.Input; } interface AccessGrantsLocationConfigurationArgs { /** * The S3 sub prefix of a registered location in your S3 Access Grants instance */ s3SubPrefix: pulumi.Input; } interface AccessPointPublicAccessBlockConfigurationArgs { /** * Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior: * - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public. * - PUT Object calls fail if the request includes a public ACL. * . - PUT Bucket calls fail if the request includes a public ACL. * Enabling this setting doesn't affect existing policies or ACLs. */ blockPublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. */ blockPublicPolicy?: pulumi.Input; /** * Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. */ ignorePublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. * Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. */ restrictPublicBuckets?: pulumi.Input; } /** * The Virtual Private Cloud (VPC) configuration for a bucket access point. */ interface AccessPointVpcConfigurationArgs { /** * If this field is specified, this access point will only allow connections from the specified VPC ID. */ vpcId?: pulumi.Input; } /** * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. For more information, see [Stopping Incomplete Multipart Uploads Using a Bucket Lifecycle Policy](https://docs.aws.amazon.com/AmazonS3/latest/dev/mpuoverview.html#mpu-abort-incomplete-mpu-lifecycle-config) in the *Amazon S3 User Guide*. */ interface BucketAbortIncompleteMultipartUploadArgs { /** * Specifies the number of days after which Amazon S3 stops an incomplete multipart upload. */ daysAfterInitiation: pulumi.Input; } /** * Configures the transfer acceleration state for an Amazon S3 bucket. For more information, see [Amazon S3 Transfer Acceleration](https://docs.aws.amazon.com/AmazonS3/latest/dev/transfer-acceleration.html) in the *Amazon S3 User Guide*. */ interface BucketAccelerateConfigurationArgs { /** * Specifies the transfer acceleration status of the bucket. */ accelerationStatus: pulumi.Input; } /** * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object. */ interface BucketAccessControlTranslationArgs { /** * Specifies the replica ownership. For default and valid values, see [PUT bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) in the *Amazon S3 API Reference*. */ owner: pulumi.Input; } /** * Specifies the configuration and any analyses for the analytics filter of an Amazon S3 bucket. */ interface BucketAnalyticsConfigurationArgs { /** * The ID that identifies the analytics configuration. */ id: pulumi.Input; /** * The prefix that an object must have to be included in the analytics results. */ prefix?: pulumi.Input; /** * Contains data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes. */ storageClassAnalysis: pulumi.Input; /** * The tags to use when evaluating an analytics filter. * The analytics only includes objects that meet the filter's criteria. If no filter is specified, all of the contents of the bucket are included in the analysis. */ tagFilters?: pulumi.Input[]>; } /** * A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block ``PutObject``, ``CopyObject``, ``PostObject``, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). * This data type is used with the following actions: * + [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketEncryption.html) * + [GetBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_GetBucketEncryption.html) * + [DeleteBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/API_DeleteBucketEncryption.html) * * + Permissions You must have the s3:PutEncryptionConfiguration permission to block or unblock an encryption type for a bucket. You must have the s3:GetEncryptionConfiguration permission to view a bucket's encryption type. */ interface BucketBlockedEncryptionTypesArgs { /** * The object encryption type that you want to block or unblock for an Amazon S3 general purpose bucket. * Currently, this parameter only supports blocking or unblocking server side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html). */ encryptionType?: pulumi.Input[]>; } /** * Describes the cross-origin access configuration for objects in an Amazon S3 bucket. For more information, see [Enabling Cross-Origin Resource Sharing](https://docs.aws.amazon.com/AmazonS3/latest/dev/cors.html) in the *Amazon S3 User Guide*. */ interface BucketCorsConfigurationArgs { /** * A set of origins and methods (cross-origin access that you want to allow). You can add up to 100 rules to the configuration. */ corsRules: pulumi.Input[]>; } /** * Specifies a cross-origin access rule for an Amazon S3 bucket. */ interface BucketCorsRuleArgs { /** * Headers that are specified in the ``Access-Control-Request-Headers`` header. These headers are allowed in a preflight OPTIONS request. In response to any preflight OPTIONS request, Amazon S3 returns any requested headers that are allowed. */ allowedHeaders?: pulumi.Input[]>; /** * An HTTP method that you allow the origin to run. * *Allowed values*: ``GET`` | ``PUT`` | ``HEAD`` | ``POST`` | ``DELETE`` */ allowedMethods: pulumi.Input[]>; /** * One or more origins you want customers to be able to access the bucket from. */ allowedOrigins: pulumi.Input[]>; /** * One or more headers in the response that you want customers to be able to access from their applications (for example, from a JavaScript ``XMLHttpRequest`` object). */ exposedHeaders?: pulumi.Input[]>; /** * A unique identifier for this rule. The value must be no more than 255 characters. */ id?: pulumi.Input; /** * The time in seconds that your browser is to cache the preflight response for the specified resource. */ maxAge?: pulumi.Input; } /** * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported. */ interface BucketDataExportArgs { /** * The place to store the data for an analysis. */ destination: pulumi.Input; /** * The version of the output schema to use when exporting data. Must be ``V_1``. */ outputSchemaVersion: pulumi.Input; } /** * The container element for optionally specifying the default Object Lock retention settings for new objects placed in the specified bucket. * + The ``DefaultRetention`` settings require both a mode and a period. * + The ``DefaultRetention`` period can be either ``Days`` or ``Years`` but you must select one. You cannot specify ``Days`` and ``Years`` at the same time. */ interface BucketDefaultRetentionArgs { /** * The number of days that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. */ days?: pulumi.Input; /** * The default Object Lock retention mode you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. */ mode?: pulumi.Input; /** * The number of years that you want to specify for the default retention period. If Object Lock is turned on, you must specify ``Mode`` and specify either ``Days`` or ``Years``. */ years?: pulumi.Input; } /** * Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication````Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). * For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). * If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). */ interface BucketDeleteMarkerReplicationArgs { /** * Indicates whether to replicate delete markers. */ status?: pulumi.Input; } /** * Specifies information about where to publish analysis or configuration results for an Amazon S3 bucket. */ interface BucketDestinationArgs { /** * The account ID that owns the destination S3 bucket. If no account ID is provided, the owner is not validated before exporting data. * Although this value is optional, we strongly recommend that you set it to help prevent problems if the destination bucket ownership changes. */ bucketAccountId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the bucket to which data is exported. */ bucketArn: pulumi.Input; /** * Specifies the file format used when exporting data to Amazon S3. * *Allowed values*: ``CSV`` | ``ORC`` | ``Parquet`` */ format: pulumi.Input; /** * The prefix to use when exporting data. The prefix is prepended to all results. */ prefix?: pulumi.Input; } /** * Specifies default encryption for a bucket using server-side encryption with Amazon S3-managed keys (SSE-S3), AWS KMS-managed keys (SSE-KMS), or dual-layer server-side encryption with KMS-managed keys (DSSE-KMS). For information about the Amazon S3 default encryption feature, see [Amazon S3 Default Encryption for S3 Buckets](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html) in the *Amazon S3 User Guide*. */ interface BucketEncryptionArgs { /** * Specifies the default server-side-encryption configuration. */ serverSideEncryptionConfiguration: pulumi.Input[]>; } /** * Specifies encryption-related information for an Amazon S3 bucket that is a destination for replicated objects. * If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. */ interface BucketEncryptionConfigurationArgs { /** * Specifies the ID (Key ARN or Alias ARN) of the customer managed AWS KMS key stored in AWS Key Management Service (KMS) for the destination bucket. Amazon S3 uses this key to encrypt replica objects. Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*. */ replicaKmsKeyId: pulumi.Input; } /** * Amazon S3 can send events to Amazon EventBridge whenever certain events happen in your bucket, see [Using EventBridge](https://docs.aws.amazon.com/AmazonS3/latest/userguide/EventBridge.html) in the *Amazon S3 User Guide*. * Unlike other destinations, delivery of events to EventBridge can be either enabled or disabled for a bucket. If enabled, all events will be sent to EventBridge and you can use EventBridge rules to route events to additional targets. For more information, see [What Is Amazon EventBridge](https://docs.aws.amazon.com/eventbridge/latest/userguide/eb-what-is.html) in the *Amazon EventBridge User Guide* */ interface BucketEventBridgeConfigurationArgs { /** * Enables delivery of events to Amazon EventBridge. */ eventBridgeEnabled: pulumi.Input; } /** * Specifies the Amazon S3 object key name to filter on. An object key name is the name assigned to an object in your Amazon S3 bucket. You specify whether to filter on the suffix or prefix of the object key name. A prefix is a specific string of characters at the beginning of an object key name, which you can use to organize objects. For example, you can start the key names of related objects with a prefix, such as ``2023-`` or ``engineering/``. Then, you can use ``FilterRule`` to find objects in a bucket with key names that have the same prefix. A suffix is similar to a prefix, but it is at the end of the object key name instead of at the beginning. */ interface BucketFilterRuleArgs { /** * The object key name prefix or suffix identifying one or more objects to which the filtering rule applies. The maximum length is 1,024 characters. Overlapping prefixes and suffixes are not supported. For more information, see [Configuring Event Notifications](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. */ name: pulumi.Input; /** * The value that the filter searches for in object key names. */ value: pulumi.Input; } /** * Specifies the S3 Intelligent-Tiering configuration for an Amazon S3 bucket. * For information about the S3 Intelligent-Tiering storage class, see [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access). */ interface BucketIntelligentTieringConfigurationArgs { /** * The ID used to identify the S3 Intelligent-Tiering configuration. */ id: pulumi.Input; /** * An object key name prefix that identifies the subset of objects to which the rule applies. */ prefix?: pulumi.Input; /** * Specifies the status of the configuration. */ status: pulumi.Input; /** * A container for a key-value pair. */ tagFilters?: pulumi.Input[]>; /** * Specifies a list of S3 Intelligent-Tiering storage class tiers in the configuration. At least one tier must be defined in the list. At most, you can specify two tiers in the list, one for each available AccessTier: ``ARCHIVE_ACCESS`` and ``DEEP_ARCHIVE_ACCESS``. * You only need Intelligent Tiering Configuration enabled on a bucket if you want to automatically move objects stored in the Intelligent-Tiering storage class to Archive Access or Deep Archive Access tiers. */ tierings: pulumi.Input[]>; } /** * Specifies the S3 Inventory configuration for an Amazon S3 bucket. For more information, see [GET Bucket inventory](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketGETInventoryConfig.html) in the *Amazon S3 API Reference*. */ interface BucketInventoryConfigurationArgs { /** * Contains information about where to publish the inventory results. */ destination: pulumi.Input; /** * Specifies whether the inventory is enabled or disabled. If set to ``True``, an inventory list is generated. If set to ``False``, no inventory list is generated. */ enabled: pulumi.Input; /** * The ID used to identify the inventory configuration. */ id: pulumi.Input; /** * Object versions to include in the inventory list. If set to ``All``, the list includes all the object versions, which adds the version-related fields ``VersionId``, ``IsLatest``, and ``DeleteMarker`` to the list. If set to ``Current``, the list does not contain these version-related fields. */ includedObjectVersions: pulumi.Input; /** * Contains the optional fields that are included in the inventory results. */ optionalFields?: pulumi.Input[]>; /** * Specifies the inventory filter prefix. */ prefix?: pulumi.Input; /** * Specifies the schedule for generating inventory results. */ scheduleFrequency: pulumi.Input; } /** * The inventory table configuration for an S3 Metadata configuration. */ interface BucketInventoryTableConfigurationArgs { /** * The configuration state of the inventory table, indicating whether the inventory table is enabled or disabled. */ configurationState: pulumi.Input; /** * The encryption configuration for the inventory table. */ encryptionConfiguration?: pulumi.Input; /** * The Amazon Resource Name (ARN) for the inventory table. */ tableArn?: pulumi.Input; /** * The name of the inventory table. */ tableName?: pulumi.Input; } /** * The journal table configuration for an S3 Metadata configuration. */ interface BucketJournalTableConfigurationArgs { /** * The encryption configuration for the journal table. */ encryptionConfiguration?: pulumi.Input; /** * The journal table record expiration settings for the journal table. */ recordExpiration: pulumi.Input; /** * The Amazon Resource Name (ARN) for the journal table. */ tableArn?: pulumi.Input; /** * The name of the journal table. */ tableName?: pulumi.Input; } /** * Describes the LAMlong functions to invoke and the events for which to invoke them. */ interface BucketLambdaConfigurationArgs { /** * The Amazon S3 bucket event for which to invoke the LAMlong function. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. */ event: pulumi.Input; /** * The filtering rules that determine which objects invoke the AWS Lambda function. For example, you can create a filter so that only image files with a ``.jpg`` extension invoke the function when they are added to the Amazon S3 bucket. */ filter?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the LAMlong function that Amazon S3 invokes when the specified event type occurs. */ function: pulumi.Input; } /** * Specifies the lifecycle configuration for objects in an Amazon S3 bucket. For more information, see [Object Lifecycle Management](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lifecycle-mgmt.html) in the *Amazon S3 User Guide*. */ interface BucketLifecycleConfigurationArgs { /** * A lifecycle rule for individual objects in an Amazon S3 bucket. */ rules: pulumi.Input[]>; /** * Indicates which default minimum object size behavior is applied to the lifecycle configuration. * This parameter applies to general purpose buckets only. It isn't supported for directory bucket lifecycle configurations. * + ``all_storage_classes_128K`` - Objects smaller than 128 KB will not transition to any storage class by default. * + ``varies_by_storage_class`` - Objects smaller than 128 KB will transition to Glacier Flexible Retrieval or Glacier Deep Archive storage classes. By default, all other storage classes will prevent transitions smaller than 128 KB. * * To customize the minimum object size for any transition you can add a filter that specifies a custom ``ObjectSizeGreaterThan`` or ``ObjectSizeLessThan`` in the body of your transition rule. Custom filters always take precedence over the default transition behavior. */ transitionDefaultMinimumObjectSize?: pulumi.Input; } /** * Describes where logs are stored and the prefix that Amazon S3 assigns to all log object keys for a bucket. For examples and more information, see [PUT Bucket logging](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlogging.html) in the *Amazon S3 API Reference*. * To successfully complete the ``AWS::S3::Bucket LoggingConfiguration`` request, you must have ``s3:PutObject`` and ``s3:PutObjectAcl`` in your IAM permissions. */ interface BucketLoggingConfigurationArgs { /** * The name of the bucket where Amazon S3 should store server access log files. You can store log files in any bucket that you own. By default, logs are stored in the bucket where the ``LoggingConfiguration`` property is defined. */ destinationBucketName?: pulumi.Input; /** * A prefix for all log object keys. If you store log files from multiple Amazon S3 buckets in a single bucket, you can use a prefix to distinguish which log files came from which bucket. */ logFilePrefix?: pulumi.Input; /** * Amazon S3 key format for log objects. Only one format, either PartitionedPrefix or SimplePrefix, is allowed. */ targetObjectKeyFormat?: pulumi.Input; } /** * Creates a V2 S3 Metadata configuration of a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. */ interface BucketMetadataConfigurationArgs { /** * The destination information for the S3 Metadata configuration. */ destination?: pulumi.Input; /** * The inventory table configuration for a metadata configuration. */ inventoryTableConfiguration?: pulumi.Input; /** * The journal table configuration for a metadata configuration. */ journalTableConfiguration: pulumi.Input; } /** * The destination information for the S3 Metadata configuration. */ interface BucketMetadataDestinationArgs { /** * The Amazon Resource Name (ARN) of the table bucket where the metadata configuration is stored. */ tableBucketArn?: pulumi.Input; /** * The type of the table bucket where the metadata configuration is stored. The ``aws`` value indicates an AWS managed table bucket, and the ``customer`` value indicates a customer-managed table bucket. V2 metadata configurations are stored in AWS managed table buckets, and V1 metadata configurations are stored in customer-managed table buckets. */ tableBucketType: pulumi.Input; /** * The namespace in the table bucket where the metadata tables for a metadata configuration are stored. */ tableNamespace?: pulumi.Input; } /** * We recommend that you create your S3 Metadata configurations by using the V2 [MetadataConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-s3-bucket-metadataconfiguration.html) resource type. We no longer recommend using the V1 ``MetadataTableConfiguration`` resource type. * If you created your S3 Metadata configuration before July 15, 2025, we recommend that you delete and re-create your configuration by using the [MetadataConfiguration](https://docs.aws.amazon.com/AWSCloudFormation/latest/TemplateReference/aws-properties-s3-bucket-metadataconfiguration.html) resource type so that you can expire journal table records and create a live inventory table. * Creates a V1 S3 Metadata configuration for a general purpose bucket. For more information, see [Accelerating data discovery with S3 Metadata](https://docs.aws.amazon.com/AmazonS3/latest/userguide/metadata-tables-overview.html) in the *Amazon S3 User Guide*. */ interface BucketMetadataTableConfigurationArgs { /** * The destination information for the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket. */ s3TablesDestination: pulumi.Input; } /** * The encryption settings for an S3 Metadata journal table or inventory table configuration. */ interface BucketMetadataTableEncryptionConfigurationArgs { /** * If server-side encryption with KMSlong (KMS) keys (SSE-KMS) is specified, you must also specify the KMS key Amazon Resource Name (ARN). You must specify a customer-managed KMS key that's located in the same Region as the general purpose bucket that corresponds to the metadata table configuration. */ kmsKeyArn?: pulumi.Input; /** * The encryption type specified for a metadata table. To specify server-side encryption with KMSlong (KMS) keys (SSE-KMS), use the ``aws:kms`` value. To specify server-side encryption with Amazon S3 managed keys (SSE-S3), use the ``AES256`` value. */ sseAlgorithm: pulumi.Input; } /** * A container specifying replication metrics-related settings enabling replication metrics and events. */ interface BucketMetricsArgs { /** * A container specifying the time threshold for emitting the ``s3:Replication:OperationMissedThreshold`` event. */ eventThreshold?: pulumi.Input; /** * Specifies whether the replication metrics are enabled. */ status: pulumi.Input; } /** * Specifies a metrics configuration for the CloudWatch request metrics (specified by the metrics configuration ID) from an Amazon S3 bucket. If you're updating an existing metrics configuration, note that this is a full replacement of the existing metrics configuration. If you don't include the elements you want to keep, they are erased. For examples, see [AWS::S3::Bucket](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket.html#aws-properties-s3-bucket--examples). For more information, see [PUT Bucket metrics](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTMetricConfiguration.html) in the *Amazon S3 API Reference*. */ interface BucketMetricsConfigurationArgs { /** * The access point that was used while performing operations on the object. The metrics configuration only includes objects that meet the filter's criteria. */ accessPointArn?: pulumi.Input; /** * The ID used to identify the metrics configuration. This can be any value you choose that helps you identify your metrics configuration. */ id: pulumi.Input; /** * The prefix that an object must have to be included in the metrics results. */ prefix?: pulumi.Input; /** * Specifies a list of tag filters to use as a metrics configuration filter. The metrics configuration includes only objects that meet the filter's criteria. */ tagFilters?: pulumi.Input[]>; } /** * Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. For more information about setting a lifecycle rule configuration, see [AWS::S3::Bucket Rule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-lifecycleconfig-rule.html). */ interface BucketNoncurrentVersionExpirationArgs { /** * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*. */ newerNoncurrentVersions?: pulumi.Input; /** * Specifies the number of days an object is noncurrent before S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates When an Object Became Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*. */ noncurrentDays: pulumi.Input; } /** * Container for the transition rule that describes when noncurrent objects transition to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class. If your bucket is versioning-enabled (or versioning is suspended), you can set this action to request that Amazon S3 transition noncurrent object versions to the ``STANDARD_IA``, ``ONEZONE_IA``, ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE`` storage class at a specific period in the object's lifetime. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property. */ interface BucketNoncurrentVersionTransitionArgs { /** * Specifies how many noncurrent versions S3 will retain. If there are this many more recent noncurrent versions, S3 will take the associated action. For more information about noncurrent versions, see [Lifecycle configuration elements](https://docs.aws.amazon.com/AmazonS3/latest/userguide/intro-lifecycle-rules.html) in the *Amazon S3 User Guide*. */ newerNoncurrentVersions?: pulumi.Input; /** * The class of storage used to store the object. */ storageClass: pulumi.Input; /** * Specifies the number of days an object is noncurrent before Amazon S3 can perform the associated action. For information about the noncurrent days calculations, see [How Amazon S3 Calculates How Long an Object Has Been Noncurrent](https://docs.aws.amazon.com/AmazonS3/latest/dev/intro-lifecycle-rules.html#non-current-days-calculations) in the *Amazon S3 User Guide*. */ transitionInDays: pulumi.Input; } /** * Describes the notification configuration for an Amazon S3 bucket. * If you create the target resource and related permissions in the same template, you might have a circular dependency. * For example, you might use the ``AWS::Lambda::Permission`` resource to grant the bucket permission to invoke an AWS Lambda function. However, AWS CloudFormation can't create the bucket until the bucket has permission to invoke the function (AWS CloudFormation checks whether the bucket can invoke the function). If you're using Refs to pass the bucket name, this leads to a circular dependency. * To avoid this dependency, you can create all resources without specifying the notification configuration. Then, update the stack with a notification configuration. * For more information on permissions, see [AWS::Lambda::Permission](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html) and [Granting Permissions to Publish Event Notification Messages to a Destination](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html#grant-destinations-permissions-to-s3). */ interface BucketNotificationConfigurationArgs { /** * Enables delivery of events to Amazon EventBridge. */ eventBridgeConfiguration?: pulumi.Input; /** * Describes the LAMlong functions to invoke and the events for which to invoke them. */ lambdaConfigurations?: pulumi.Input[]>; /** * The Amazon Simple Queue Service queues to publish messages to and the events for which to publish messages. */ queueConfigurations?: pulumi.Input[]>; /** * The topic to which notifications are sent and the events for which notifications are generated. */ topicConfigurations?: pulumi.Input[]>; } /** * Specifies object key name filtering rules. For information about key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. */ interface BucketNotificationFilterArgs { /** * A container for object key name prefix and suffix filtering rules. */ s3Key: pulumi.Input; } /** * Places an Object Lock configuration on the specified bucket. The rule specified in the Object Lock configuration will be applied by default to every new object placed in the specified bucket. For more information, see [Locking Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/object-lock.html). */ interface BucketObjectLockConfigurationArgs { /** * Indicates whether this bucket has an Object Lock configuration enabled. Enable ``ObjectLockEnabled`` when you apply ``ObjectLockConfiguration`` to a bucket. */ objectLockEnabled?: pulumi.Input; /** * Specifies the Object Lock rule for the specified object. Enable this rule when you apply ``ObjectLockConfiguration`` to a bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information, see [ObjectLockRule](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-objectlockrule.html) and [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html). */ rule?: pulumi.Input; } /** * Specifies the Object Lock rule for the specified object. Enable the this rule when you apply ``ObjectLockConfiguration`` to a bucket. */ interface BucketObjectLockRuleArgs { /** * The default Object Lock retention mode and period that you want to apply to new objects placed in the specified bucket. If Object Lock is turned on, bucket settings require both ``Mode`` and a period of either ``Days`` or ``Years``. You cannot specify ``Days`` and ``Years`` at the same time. For more information about allowable values for mode and period, see [DefaultRetention](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-s3-bucket-defaultretention.html). */ defaultRetention?: pulumi.Input; } /** * Specifies the container element for Object Ownership rules. * S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. */ interface BucketOwnershipControlsArgs { /** * Specifies the container element for Object Ownership rules. */ rules: pulumi.Input[]>; } /** * Specifies an Object Ownership rule. * S3 Object Ownership is an Amazon S3 bucket-level setting that you can use to disable access control lists (ACLs) and take ownership of every object in your bucket, simplifying access management for data stored in Amazon S3. For more information, see [Controlling ownership of objects and disabling ACLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/about-object-ownership.html) in the *Amazon S3 User Guide*. */ interface BucketOwnershipControlsRuleArgs { /** * Specifies an object ownership rule. */ objectOwnership?: pulumi.Input; } /** * The PublicAccessBlock configuration that you want to apply to this Amazon S3 bucket. You can enable the configuration options in any combination. Bucket-level settings work alongside account-level settings (which may inherit from organization-level policies). For more information about when Amazon S3 considers a bucket or object public, see [The Meaning of "Public"](https://docs.aws.amazon.com/AmazonS3/latest/dev/access-control-block-public-access.html#access-control-block-public-access-policy-status) in the *Amazon S3 User Guide*. */ interface BucketPublicAccessBlockConfigurationArgs { /** * Specifies whether Amazon S3 should block public access control lists (ACLs) for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes the following behavior: * + PUT Bucket ACL and PUT Object ACL calls fail if the specified ACL is public. * + PUT Object calls fail if the request includes a public ACL. * + PUT Bucket calls fail if the request includes a public ACL. * * Enabling this setting doesn't affect existing policies or ACLs. */ blockPublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should block public bucket policies for this bucket. Setting this element to ``TRUE`` causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. * Enabling this setting doesn't affect existing bucket policies. */ blockPublicPolicy?: pulumi.Input; /** * Specifies whether Amazon S3 should ignore public ACLs for this bucket and objects in this bucket. Setting this element to ``TRUE`` causes Amazon S3 to ignore all public ACLs on this bucket and objects in this bucket. * Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. */ ignorePublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to ``TRUE`` restricts access to this bucket to only AWS-service principals and authorized users within this account if the bucket has a public policy. * Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. */ restrictPublicBuckets?: pulumi.Input; } /** * Specifies the configuration for publishing messages to an Amazon Simple Queue Service (Amazon SQS) queue when Amazon S3 detects specified events. */ interface BucketQueueConfigurationArgs { /** * The Amazon S3 bucket event about which you want to publish messages to Amazon SQS. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. */ event: pulumi.Input; /** * The filtering rules that determine which objects trigger notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. For more information, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/user-guide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. */ filter?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon SQS queue to which Amazon S3 publishes a message when it detects events of the specified type. FIFO queues are not allowed when enabling an SQS queue as the event notification destination. */ queue: pulumi.Input; } /** * The journal table record expiration settings for a journal table in an S3 Metadata configuration. */ interface BucketRecordExpirationArgs { /** * If you enable journal table record expiration, you can set the number of days to retain your journal table records. Journal table records must be retained for a minimum of 7 days. To set this value, specify any whole number from ``7`` to ``2147483647``. For example, to retain your journal table records for one year, set this value to ``365``. */ days?: pulumi.Input; /** * Specifies whether journal table record expiration is enabled or disabled. */ expiration: pulumi.Input; } /** * Specifies the redirect behavior of all requests to a website endpoint of an Amazon S3 bucket. */ interface BucketRedirectAllRequestsToArgs { /** * Name of the host where requests are redirected. */ hostName: pulumi.Input; /** * Protocol to use when redirecting requests. The default is the protocol that is used in the original request. */ protocol?: pulumi.Input; } /** * Specifies how requests are redirected. In the event of an error, you can specify a different error code to return. */ interface BucketRedirectRuleArgs { /** * The host name to use in the redirect request. */ hostName?: pulumi.Input; /** * The HTTP redirect code to use on the response. Not required if one of the siblings is present. */ httpRedirectCode?: pulumi.Input; /** * Protocol to use when redirecting requests. The default is the protocol that is used in the original request. */ protocol?: pulumi.Input; /** * The object key prefix to use in the redirect request. For example, to redirect requests for all pages with prefix ``docs/`` (objects in the ``docs/`` folder) to ``documents/``, you can set a condition block with ``KeyPrefixEquals`` set to ``docs/`` and in the Redirect set ``ReplaceKeyPrefixWith`` to ``/documents``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyWith`` is not provided. * Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). */ replaceKeyPrefixWith?: pulumi.Input; /** * The specific object key to use in the redirect request. For example, redirect request to ``error.html``. Not required if one of the siblings is present. Can be present only if ``ReplaceKeyPrefixWith`` is not provided. * Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). */ replaceKeyWith?: pulumi.Input; } /** * A filter that you can specify for selection for modifications on replicas. */ interface BucketReplicaModificationsArgs { /** * Specifies whether Amazon S3 replicates modifications on replicas. * *Allowed values*: ``Enabled`` | ``Disabled`` */ status: pulumi.Input; } /** * A container for replication rules. You can add up to 1,000 rules. The maximum size of a replication configuration is 2 MB. The latest version of the replication configuration XML is V2. For more information about XML V2 replication configurations, see [Replication configuration](https://docs.aws.amazon.com/AmazonS3/latest/userguide/replication-add-config.html) in the *Amazon S3 User Guide*. */ interface BucketReplicationConfigurationArgs { /** * The Amazon Resource Name (ARN) of the IAMlong (IAM) role that Amazon S3 assumes when replicating objects. For more information, see [How to Set Up Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-how-setup.html) in the *Amazon S3 User Guide*. */ role: pulumi.Input; /** * A container for one or more replication rules. A replication configuration must have at least one rule and can contain a maximum of 1,000 rules. */ rules: pulumi.Input[]>; } /** * A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC). */ interface BucketReplicationDestinationArgs { /** * Specify this only in a cross-account scenario (where source and destination bucket owners are not the same), and you want to change replica ownership to the AWS-account that owns the destination bucket. If this is not specified in the replication configuration, the replicas are owned by same AWS-account that owns the source object. */ accessControlTranslation?: pulumi.Input; /** * Destination bucket owner account ID. In a cross-account scenario, if you direct Amazon S3 to change replica ownership to the AWS-account that owns the destination bucket by specifying the ``AccessControlTranslation`` property, this is the account ID of the destination bucket owner. For more information, see [Cross-Region Replication Additional Configuration: Change Replica Owner](https://docs.aws.amazon.com/AmazonS3/latest/dev/crr-change-owner.html) in the *Amazon S3 User Guide*. * If you specify the ``AccessControlTranslation`` property, the ``Account`` property is required. */ account?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the bucket where you want Amazon S3 to store the results. */ bucket: pulumi.Input; /** * Specifies encryption-related information. */ encryptionConfiguration?: pulumi.Input; /** * A container specifying replication metrics-related settings enabling replication metrics and events. */ metrics?: pulumi.Input; /** * A container specifying S3 Replication Time Control (S3 RTC), including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block. */ replicationTime?: pulumi.Input; /** * The storage class to use when replicating objects, such as S3 Standard or reduced redundancy. By default, Amazon S3 uses the storage class of the source object to create the object replica. * For valid values, see the ``StorageClass`` element of the [PUT Bucket replication](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTreplication.html) action in the *Amazon S3 API Reference*. * ``FSX_OPENZFS`` is not an accepted value when replicating objects. */ storageClass?: pulumi.Input; } /** * Specifies which Amazon S3 objects to replicate and where to store the replicas. */ interface BucketReplicationRuleArgs { /** * Specifies whether Amazon S3 replicates delete markers. If you specify a ``Filter`` in your replication configuration, you must also include a ``DeleteMarkerReplication`` element. If your ``Filter`` includes a ``Tag`` element, the ``DeleteMarkerReplication````Status`` must be set to Disabled, because Amazon S3 does not support replicating delete markers for tag-based rules. For an example configuration, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-config-min-rule-config). * For more information about delete marker replication, see [Basic Rule Configuration](https://docs.aws.amazon.com/AmazonS3/latest/dev/delete-marker-replication.html). * If you are using an earlier version of the replication configuration, Amazon S3 handles replication of delete markers differently. For more information, see [Backward Compatibility](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication-add-config.html#replication-backward-compat-considerations). */ deleteMarkerReplication?: pulumi.Input; /** * A container for information about the replication destination and its configurations including enabling the S3 Replication Time Control (S3 RTC). */ destination: pulumi.Input; /** * A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. The use of the filter field indicates that this is a V2 replication configuration. This field isn't supported in a V1 replication configuration. * V1 replication configuration only supports filtering by key prefix. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element. */ filter?: pulumi.Input; /** * A unique identifier for the rule. The maximum value is 255 characters. If you don't specify a value, AWS CloudFormation generates a random ID. When using a V2 replication configuration this property is capitalized as "ID". */ id?: pulumi.Input; /** * An object key name prefix that identifies the object or objects to which the rule applies. The maximum prefix length is 1,024 characters. To include all objects in a bucket, specify an empty string. To filter using a V1 replication configuration, add the ``Prefix`` directly as a child element of the ``Rule`` element. * Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). */ prefix?: pulumi.Input; /** * The priority indicates which rule has precedence whenever two or more replication rules conflict. Amazon S3 will attempt to replicate objects according to all replication rules. However, if there are two or more rules with the same destination bucket, then objects will be replicated according to the rule with the highest priority. The higher the number, the higher the priority. * For more information, see [Replication](https://docs.aws.amazon.com/AmazonS3/latest/dev/replication.html) in the *Amazon S3 User Guide*. */ priority?: pulumi.Input; /** * A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. */ sourceSelectionCriteria?: pulumi.Input; /** * Specifies whether the rule is enabled. */ status: pulumi.Input; } /** * A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. * For example: * + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. * + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag */ interface BucketReplicationRuleAndOperatorArgs { /** * An object key name prefix that identifies the subset of objects to which the rule applies. */ prefix?: pulumi.Input; /** * An array of tags containing key and value pairs. */ tagFilters?: pulumi.Input[]>; } /** * A filter that identifies the subset of objects to which the replication rule applies. A ``Filter`` must specify exactly one ``Prefix``, ``TagFilter``, or an ``And`` child element. */ interface BucketReplicationRuleFilterArgs { /** * A container for specifying rule filters. The filters determine the subset of objects to which the rule applies. This element is required only if you specify more than one filter. For example: * + If you specify both a ``Prefix`` and a ``TagFilter``, wrap these filters in an ``And`` tag. * + If you specify a filter based on multiple tags, wrap the ``TagFilter`` elements in an ``And`` tag. */ and?: pulumi.Input; /** * An object key name prefix that identifies the subset of objects to which the rule applies. * Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). */ prefix?: pulumi.Input; /** * A container for specifying a tag key and value. * The rule applies only to objects that have the tag in their tag set. */ tagFilter?: pulumi.Input; } /** * A container specifying S3 Replication Time Control (S3 RTC) related information, including whether S3 RTC is enabled and the time when all objects and operations on objects must be replicated. Must be specified together with a ``Metrics`` block. */ interface BucketReplicationTimeArgs { /** * Specifies whether the replication time is enabled. */ status: pulumi.Input; /** * A container specifying the time by which replication should be complete for all objects and operations on objects. */ time: pulumi.Input; } /** * A container specifying the time value for S3 Replication Time Control (S3 RTC) and replication metrics ``EventThreshold``. */ interface BucketReplicationTimeValueArgs { /** * Contains an integer specifying time in minutes. * Valid value: 15 */ minutes: pulumi.Input; } /** * Specifies the redirect behavior and when a redirect is applied. For more information about routing rules, see [Configuring advanced conditional redirects](https://docs.aws.amazon.com/AmazonS3/latest/dev/how-to-page-redirect.html#advanced-conditional-redirects) in the *Amazon S3 User Guide*. */ interface BucketRoutingRuleArgs { /** * Container for redirect information. You can redirect requests to another host, to another page, or with another protocol. In the event of an error, you can specify a different error code to return. */ redirectRule: pulumi.Input; /** * A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error. */ routingRuleCondition?: pulumi.Input; } /** * A container for describing a condition that must be met for the specified redirect to apply. For example, 1. If request is for pages in the ``/docs`` folder, redirect to the ``/documents`` folder. 2. If request results in HTTP error 4xx, redirect request to another host where you might process the error. */ interface BucketRoutingRuleConditionArgs { /** * The HTTP error code when the redirect is applied. In the event of an error, if the error code equals this value, then the specified redirect is applied. * Required when parent element ``Condition`` is specified and sibling ``KeyPrefixEquals`` is not specified. If both are specified, then both must be true for the redirect to be applied. */ httpErrorCodeReturnedEquals?: pulumi.Input; /** * The object key name prefix when the redirect is applied. For example, to redirect requests for ``ExamplePage.html``, the key prefix will be ``ExamplePage.html``. To redirect request for all pages with the prefix ``docs/``, the key prefix will be ``docs/``, which identifies all objects in the docs/ folder. * Required when the parent element ``Condition`` is specified and sibling ``HttpErrorCodeReturnedEquals`` is not specified. If both conditions are specified, both must be true for the redirect to be applied. */ keyPrefixEquals?: pulumi.Input; } /** * Specifies lifecycle rules for an Amazon S3 bucket. For more information, see [Put Bucket Lifecycle Configuration](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTlifecycle.html) in the *Amazon S3 API Reference*. * You must specify at least one of the following properties: ``AbortIncompleteMultipartUpload``, ``ExpirationDate``, ``ExpirationInDays``, ``NoncurrentVersionExpirationInDays``, ``NoncurrentVersionTransition``, ``NoncurrentVersionTransitions``, ``Transition``, or ``Transitions``. */ interface BucketRuleArgs { /** * Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3 bucket. */ abortIncompleteMultipartUpload?: pulumi.Input; /** * Indicates when objects are deleted from Amazon S3 and Amazon S3 Glacier. The date value must be in ISO 8601 format. The time is always midnight UTC. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. */ expirationDate?: pulumi.Input; /** * Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. */ expirationInDays?: pulumi.Input; /** * Indicates whether Amazon S3 will remove a delete marker without any noncurrent versions. If set to true, the delete marker will be removed if there are no noncurrent versions. This cannot be specified with ``ExpirationInDays``, ``ExpirationDate``, or ``TagFilters``. */ expiredObjectDeleteMarker?: pulumi.Input; /** * Unique identifier for the rule. The value can't be longer than 255 characters. */ id?: pulumi.Input; /** * Specifies when noncurrent object versions expire. Upon expiration, S3 permanently deletes the noncurrent object versions. You set this lifecycle configuration action on a bucket that has versioning enabled (or suspended) to request that S3 delete noncurrent object versions at a specific period in the object's lifetime. */ noncurrentVersionExpiration?: pulumi.Input; /** * (Deprecated.) For buckets with versioning enabled (or suspended), specifies the time, in days, between when a new version of the object is uploaded to the bucket and when old versions of the object expire. When object versions expire, Amazon S3 permanently deletes them. If you specify a transition and expiration time, the expiration time must be later than the transition time. */ noncurrentVersionExpirationInDays?: pulumi.Input; /** * (Deprecated.) For buckets with versioning enabled (or suspended), specifies when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransitions`` property. */ noncurrentVersionTransition?: pulumi.Input; /** * For buckets with versioning enabled (or suspended), one or more transition rules that specify when non-current objects transition to a specified storage class. If you specify a transition and expiration time, the expiration time must be later than the transition time. If you specify this property, don't specify the ``NoncurrentVersionTransition`` property. */ noncurrentVersionTransitions?: pulumi.Input[]>; /** * Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*. */ objectSizeGreaterThan?: pulumi.Input; /** * Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide*. */ objectSizeLessThan?: pulumi.Input; /** * Object key prefix that identifies one or more objects to which this rule applies. * Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints). */ prefix?: pulumi.Input; /** * If ``Enabled``, the rule is currently being applied. If ``Disabled``, the rule is not currently being applied. */ status: pulumi.Input; /** * Tags to use to identify a subset of objects to which the lifecycle rule applies. */ tagFilters?: pulumi.Input[]>; /** * (Deprecated.) Specifies when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transitions`` property. */ transition?: pulumi.Input; /** * One or more transition rules that specify when an object transitions to a specified storage class. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. If you specify this property, don't specify the ``Transition`` property. */ transitions?: pulumi.Input[]>; } /** * A container for object key name prefix and suffix filtering rules. For more information about object key name filtering, see [Configuring event notifications using object key name filtering](https://docs.aws.amazon.com/AmazonS3/latest/userguide/notification-how-to-filtering.html) in the *Amazon S3 User Guide*. * The same type of filter rule cannot be used more than once. For example, you cannot specify two prefix rules. */ interface BucketS3KeyFilterArgs { /** * A list of containers for the key-value pair that defines the criteria for the filter rule. */ rules: pulumi.Input[]>; } /** * The destination information for a V1 S3 Metadata configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket. */ interface BucketS3TablesDestinationArgs { /** * The Amazon Resource Name (ARN) for the metadata table in the metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket. */ tableArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) for the table bucket that's specified as the destination in the metadata table configuration. The destination table bucket must be in the same Region and AWS-account as the general purpose bucket. */ tableBucketArn: pulumi.Input; /** * The name for the metadata table in your metadata table configuration. The specified metadata table name must be unique within the ``aws_s3_metadata`` namespace in the destination table bucket. */ tableName: pulumi.Input; /** * The table bucket namespace for the metadata table in your metadata table configuration. This value is always ``aws_s3_metadata``. */ tableNamespace?: pulumi.Input; } /** * Describes the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. For more information, see [PutBucketEncryption](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTencryption.html). * + *General purpose buckets* - If you don't specify a customer managed key at configuration, Amazon S3 automatically creates an AWS KMS key (``aws/s3``) in your AWS account the first time that you add an object encrypted with SSE-KMS to a bucket. By default, Amazon S3 uses this KMS key for SSE-KMS. * + *Directory buckets* - Your SSE-KMS configuration can only support 1 [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) per directory bucket's lifetime. The [managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#aws-managed-cmk) (``aws/s3``) isn't supported. * + *Directory buckets* - For directory buckets, there are only two supported options for server-side encryption: SSE-S3 and SSE-KMS. */ interface BucketServerSideEncryptionByDefaultArgs { /** * AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. * + *General purpose buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms`` or ``aws:kms:dsse``. * + *Directory buckets* - This parameter is allowed if and only if ``SSEAlgorithm`` is set to ``aws:kms``. * * You can specify the key ID, key alias, or the Amazon Resource Name (ARN) of the KMS key. * + Key ID: ``1234abcd-12ab-34cd-56ef-1234567890ab`` * + Key ARN: ``arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab`` * + Key Alias: ``alias/alias-name`` * * If you are using encryption with cross-account or AWS service operations, you must use a fully qualified KMS key ARN. For more information, see [Using encryption for cross-account operations](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-encryption.html#bucket-encryption-update-bucket-policy). * + *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. Also, if you use a key ID, you can run into a LogDestination undeliverable error when creating a VPC flow log. * + *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. * * Amazon S3 only supports symmetric encryption KMS keys. For more information, see [Asymmetric keys in KMS](https://docs.aws.amazon.com//kms/latest/developerguide/symmetric-asymmetric.html) in the *Key Management Service Developer Guide*. */ kmsMasterKeyId?: pulumi.Input; /** * Server-side encryption algorithm to use for the default encryption. * For directory buckets, there are only two supported values for server-side encryption: ``AES256`` and ``aws:kms``. */ sseAlgorithm: pulumi.Input; } /** * Specifies the default server-side encryption configuration. * + *General purpose buckets* - If you're specifying a customer managed KMS key, we recommend using a fully qualified KMS key ARN. If you use a KMS key alias instead, then KMS resolves the key within the requester’s account. This behavior can result in data that's encrypted with a KMS key that belongs to the requester, and not the bucket owner. * + *Directory buckets* - When you specify an [customer managed key](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#customer-cmk) for encryption in your directory bucket, only use the key ID or key ARN. The key alias format of the KMS key isn't supported. */ interface BucketServerSideEncryptionRuleArgs { /** * A bucket-level setting for Amazon S3 general purpose buckets used to prevent the upload of new objects encrypted with the specified server-side encryption type. For example, blocking an encryption type will block ``PutObject``, ``CopyObject``, ``PostObject``, multipart upload, and replication requests to the bucket for objects with the specified encryption type. However, you can continue to read and list any pre-existing objects already encrypted with the specified encryption type. For more information, see [Blocking or unblocking SSE-C for a general purpose bucket](https://docs.aws.amazon.com/AmazonS3/latest/userguide/blocking-unblocking-s3-c-encryption-gpb.html). * Currently, this parameter only supports blocking or unblocking server-side encryption with customer-provided keys (SSE-C). For more information about SSE-C, see [Using server-side encryption with customer-provided keys (SSE-C)](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ServerSideEncryptionCustomerKeys.html). */ blockedEncryptionTypes?: pulumi.Input; /** * Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Setting the ``BucketKeyEnabled`` element to ``true`` causes Amazon S3 to use an S3 Bucket Key. By default, S3 Bucket Key is not enabled. * For more information, see [Amazon S3 Bucket Keys](https://docs.aws.amazon.com/AmazonS3/latest/dev/bucket-key.html) in the *Amazon S3 User Guide*. */ bucketKeyEnabled?: pulumi.Input; /** * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. */ serverSideEncryptionByDefault?: pulumi.Input; } /** * A container that describes additional filters for identifying the source objects that you want to replicate. You can choose to enable or disable the replication of these objects. */ interface BucketSourceSelectionCriteriaArgs { /** * A filter that you can specify for selection for modifications on replicas. */ replicaModifications?: pulumi.Input; /** * A container for filter information for the selection of Amazon S3 objects encrypted with AWS KMS. */ sseKmsEncryptedObjects?: pulumi.Input; } /** * A container for filter information for the selection of S3 objects encrypted with AWS KMS. */ interface BucketSseKmsEncryptedObjectsArgs { /** * Specifies whether Amazon S3 replicates objects created with server-side encryption using an AWS KMS key stored in AWS Key Management Service. */ status: pulumi.Input; } /** * Specifies data related to access patterns to be collected and made available to analyze the tradeoffs between different storage classes for an Amazon S3 bucket. */ interface BucketStorageClassAnalysisArgs { /** * Specifies how data related to the storage class analysis for an Amazon S3 bucket should be exported. */ dataExport?: pulumi.Input; } /** * Specifies tags to use to identify a subset of objects for an Amazon S3 bucket. For more information, see [Categorizing your storage using tags](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-tagging.html) in the *Amazon Simple Storage Service User Guide*. */ interface BucketTagFilterArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } /** * Describes the key format for server access log file in the target bucket. You can choose between SimplePrefix and PartitionedPrefix. */ interface BucketTargetObjectKeyFormatArgs { } /** * The S3 Intelligent-Tiering storage class is designed to optimize storage costs by automatically moving data to the most cost-effective storage access tier, without additional operational overhead. */ interface BucketTieringArgs { /** * S3 Intelligent-Tiering access tier. See [Storage class for automatically optimizing frequently and infrequently accessed objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/storage-class-intro.html#sc-dynamic-data-access) for a list of access tiers in the S3 Intelligent-Tiering storage class. */ accessTier: pulumi.Input; /** * The number of consecutive days of no access after which an object will be eligible to be transitioned to the corresponding tier. The minimum number of days specified for Archive Access tier must be at least 90 days and Deep Archive Access tier must be at least 180 days. The maximum can be up to 2 years (730 days). */ days: pulumi.Input; } /** * A container for specifying the configuration for publication of messages to an Amazon Simple Notification Service (Amazon SNS) topic when Amazon S3 detects specified events. */ interface BucketTopicConfigurationArgs { /** * The Amazon S3 bucket event about which to send notifications. For more information, see [Supported Event Types](https://docs.aws.amazon.com/AmazonS3/latest/dev/NotificationHowTo.html) in the *Amazon S3 User Guide*. */ event: pulumi.Input; /** * The filtering rules that determine for which objects to send notifications. For example, you can create a filter so that Amazon S3 sends notifications only when image files with a ``.jpg`` extension are added to the bucket. */ filter?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Amazon SNS topic to which Amazon S3 publishes a message when it detects events of the specified type. */ topic: pulumi.Input; } /** * Specifies when an object transitions to a specified storage class. For more information about Amazon S3 lifecycle configuration rules, see [Transitioning Objects Using Amazon S3 Lifecycle](https://docs.aws.amazon.com/AmazonS3/latest/dev/lifecycle-transition-general-considerations.html) in the *Amazon S3 User Guide*. */ interface BucketTransitionArgs { /** * The storage class to which you want the object to transition. */ storageClass: pulumi.Input; /** * Indicates when objects are transitioned to the specified storage class. The date value must be in ISO 8601 format. The time is always midnight UTC. */ transitionDate?: pulumi.Input; /** * Indicates the number of days after creation when objects are transitioned to the specified storage class. If the specified storage class is ``INTELLIGENT_TIERING``, ``GLACIER_IR``, ``GLACIER``, or ``DEEP_ARCHIVE``, valid values are ``0`` or positive integers. If the specified storage class is ``STANDARD_IA`` or ``ONEZONE_IA``, valid values are positive integers greater than ``30``. Be aware that some storage classes have a minimum storage duration and that you're charged for transitioning objects before their minimum storage duration. For more information, see [Constraints and considerations for transitions](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-transition-general-considerations.html#lifecycle-configuration-constraints) in the *Amazon S3 User Guide*. */ transitionInDays?: pulumi.Input; } /** * Describes the versioning state of an Amazon S3 bucket. For more information, see [PUT Bucket versioning](https://docs.aws.amazon.com/AmazonS3/latest/API/RESTBucketPUTVersioningStatus.html) in the *Amazon S3 API Reference*. * Keep the following timing in mind when enabling, suspending, or transitioning between versioning states: * + *Enabling versioning* - Changes may take up to 15 minutes to propagate across all AWS regions for full consistency. * + *Suspending versioning* - Takes effect immediately with no propagation delay. * + *Transitioning between states* - Any change from Suspended to Enabled has a 15-minute delay. */ interface BucketVersioningConfigurationArgs { /** * The versioning state of the bucket. */ status: pulumi.Input; } /** * Specifies website configuration parameters for an Amazon S3 bucket. */ interface BucketWebsiteConfigurationArgs { /** * The name of the error document for the website. */ errorDocument?: pulumi.Input; /** * The name of the index document for the website. */ indexDocument?: pulumi.Input; /** * The redirect behavior for every request to this bucket's website endpoint. * If you specify this property, you can't specify any other property. */ redirectAllRequestsTo?: pulumi.Input; /** * Rules that define when a redirect is applied and the redirect behavior. */ routingRules?: pulumi.Input[]>; } interface MultiRegionAccessPointPublicAccessBlockConfigurationArgs { /** * Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior: * - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public. * - PUT Object calls fail if the request includes a public ACL. * . - PUT Bucket calls fail if the request includes a public ACL. * Enabling this setting doesn't affect existing policies or ACLs. */ blockPublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. */ blockPublicPolicy?: pulumi.Input; /** * Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. */ ignorePublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. * Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. */ restrictPublicBuckets?: pulumi.Input; } interface MultiRegionAccessPointRegionArgs { /** * The name of the associated bucket for the Region. */ bucket: pulumi.Input; /** * The AWS account ID that owns the Amazon S3 bucket that's associated with this Multi-Region Access Point. */ bucketAccountId?: pulumi.Input; } /** * Account-level metrics configurations. */ interface StorageLensAccountLevelArgs { /** * This property contains the details of account-level activity metrics for S3 Storage Lens. */ activityMetrics?: pulumi.Input; /** * This property contains the details of account-level advanced cost optimization metrics for S3 Storage Lens. */ advancedCostOptimizationMetrics?: pulumi.Input; /** * This property contains the details of account-level advanced data protection metrics for S3 Storage Lens. */ advancedDataProtectionMetrics?: pulumi.Input; /** * This property contains the account-level details for S3 Storage Lens advanced performance metrics. */ advancedPerformanceMetrics?: pulumi.Input; /** * This property contains the details of the account-level bucket-level configurations for Amazon S3 Storage Lens. To enable bucket-level configurations, make sure to also set the same metrics at the account level. */ bucketLevel: pulumi.Input; /** * This property contains the details of account-level detailed status code metrics for S3 Storage Lens. */ detailedStatusCodesMetrics?: pulumi.Input; /** * This property determines the scope of Storage Lens group data that is displayed in the Storage Lens dashboard. */ storageLensGroupLevel?: pulumi.Input; } /** * Enables activity metrics. */ interface StorageLensActivityMetricsArgs { /** * Specifies whether activity metrics are enabled or disabled. */ isEnabled?: pulumi.Input; } /** * Enables advanced cost optimization metrics. */ interface StorageLensAdvancedCostOptimizationMetricsArgs { /** * Specifies whether advanced cost optimization metrics are enabled or disabled. */ isEnabled?: pulumi.Input; } /** * Enables advanced data protection metrics. */ interface StorageLensAdvancedDataProtectionMetricsArgs { /** * Specifies whether advanced data protection metrics are enabled or disabled. */ isEnabled?: pulumi.Input; } /** * Advanced Performance Metrics. */ interface StorageLensAdvancedPerformanceMetricsArgs { /** * Specifies whether the Advanced Performance Metrics is enabled or disabled. */ isEnabled?: pulumi.Input; } /** * The AWS Organizations ARN to use in the Amazon S3 Storage Lens configuration. */ interface StorageLensAwsOrgArgs { /** * This resource contains the ARN of the AWS Organization. */ arn: pulumi.Input; } /** * Bucket-level metrics configurations. */ interface StorageLensBucketLevelArgs { /** * A property for bucket-level activity metrics for S3 Storage Lens. */ activityMetrics?: pulumi.Input; /** * A property for bucket-level advanced cost optimization metrics for S3 Storage Lens. */ advancedCostOptimizationMetrics?: pulumi.Input; /** * A property for bucket-level advanced data protection metrics for S3 Storage Lens. */ advancedDataProtectionMetrics?: pulumi.Input; /** * A property for bucket-level advanced performance metrics for S3 Storage Lens. */ advancedPerformanceMetrics?: pulumi.Input; /** * A property for bucket-level detailed status code metrics for S3 Storage Lens. */ detailedStatusCodesMetrics?: pulumi.Input; /** * A property for bucket-level prefix-level storage metrics for S3 Storage Lens. */ prefixLevel?: pulumi.Input; } /** * S3 buckets and Regions to include/exclude in the Amazon S3 Storage Lens configuration. */ interface StorageLensBucketsAndRegionsArgs { /** * This property contains the details of the buckets for the Amazon S3 Storage Lens configuration. This should be the bucket Amazon Resource Name(ARN). For valid values, see [Buckets ARN format here](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_Include.html#API_control_Include_Contents) in the *Amazon S3 API Reference* . */ buckets?: pulumi.Input[]>; /** * This property contains the details of the Regions for the S3 Storage Lens configuration. */ regions?: pulumi.Input[]>; } /** * CloudWatch metrics settings for the Amazon S3 Storage Lens metrics export. */ interface StorageLensCloudWatchMetricsArgs { /** * Specifies whether CloudWatch metrics are enabled or disabled. */ isEnabled: pulumi.Input; } /** * Specifies the details of Amazon S3 Storage Lens configuration. */ interface StorageLensConfigurationArgs { /** * This property contains the details of the account-level metrics for Amazon S3 Storage Lens configuration. */ accountLevel: pulumi.Input; /** * This property contains the details of the AWS Organization for the S3 Storage Lens configuration. */ awsOrg?: pulumi.Input; /** * This property contains the details of this S3 Storage Lens configuration's metrics export. */ dataExport?: pulumi.Input; /** * This property contains the details of the bucket and or Regions excluded for Amazon S3 Storage Lens configuration. */ exclude?: pulumi.Input; /** * This property configures your S3 Storage Lens expanded prefixes metrics report. */ expandedPrefixesDataExport?: pulumi.Input; /** * This property contains the details of the ID of the S3 Storage Lens configuration. */ id: pulumi.Input; /** * This property contains the details of the bucket and or Regions included for Amazon S3 Storage Lens configuration. */ include?: pulumi.Input; /** * Specifies whether the Amazon S3 Storage Lens configuration is enabled or disabled. */ isEnabled: pulumi.Input; /** * The delimiter to divide S3 key into hierarchy of prefixes. */ prefixDelimiter?: pulumi.Input; /** * The ARN for the Amazon S3 Storage Lens configuration. */ storageLensArn?: pulumi.Input; } /** * Specifies how Amazon S3 Storage Lens metrics should be exported. */ interface StorageLensDataExportArgs { /** * This property enables the Amazon CloudWatch publishing option for S3 Storage Lens metrics. */ cloudWatchMetrics?: pulumi.Input; /** * This property contains the details of the bucket where the S3 Storage Lens metrics export will be placed. */ s3BucketDestination?: pulumi.Input; /** * This property contains the details of the S3 table bucket where the S3 Storage Lens default metrics report will be placed. This property enables you to store your Storage Lens metrics in read-only S3 Tables. */ storageLensTableDestination?: pulumi.Input; } /** * Enables detailed status codes metrics. */ interface StorageLensDetailedStatusCodesMetricsArgs { /** * Specifies whether detailed status codes metrics are enabled or disabled. */ isEnabled?: pulumi.Input; } /** * Configures the server-side encryption for Amazon S3 Storage Lens report files with either S3-managed keys (SSE-S3) or KMS-managed keys (SSE-KMS). */ interface StorageLensEncryptionArgs { } /** * Expanded Prefixes Data Export. */ interface StorageLensExpandedPrefixesDataExportArgs { /** * This property specifies the general purpose bucket where the S3 Storage Lens Expanded Prefixes metrics export files are located. At least one export destination must be specified. */ s3BucketDestination?: pulumi.Input; /** * This property configures S3 Storage Lens Expanded Prefixes metrics report to read-only S3 table buckets. */ storageLensTableDestination?: pulumi.Input; } /** * The Storage Lens group will include objects that match all of the specified filter values. */ interface StorageLensGroupAndArgs { /** * This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed. */ matchAnyPrefix?: pulumi.Input[]>; /** * This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed. */ matchAnySuffix?: pulumi.Input[]>; /** * This property contains the list of object tags. At least one object tag must be specified. Up to 10 object tags are allowed. */ matchAnyTag?: pulumi.Input[]>; /** * This property contains `DaysGreaterThan` and `DaysLessThan` properties to define the object age range (minimum and maximum number of days). */ matchObjectAge?: pulumi.Input; /** * This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes). */ matchObjectSize?: pulumi.Input; } /** * Sets the Storage Lens Group filter. */ interface StorageLensGroupFilterArgs { /** * This property contains the `And` logical operator, which allows multiple filter conditions to be joined for more complex comparisons of Storage Lens group data. Objects must match all of the listed filter conditions that are joined by the `And` logical operator. Only one of each filter condition is allowed. */ and?: pulumi.Input; /** * This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed. */ matchAnyPrefix?: pulumi.Input[]>; /** * This property contains a list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed. */ matchAnySuffix?: pulumi.Input[]>; /** * This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed. */ matchAnyTag?: pulumi.Input[]>; /** * This property contains `DaysGreaterThan` and `DaysLessThan` to define the object age range (minimum and maximum number of days). */ matchObjectAge?: pulumi.Input; /** * This property contains `BytesGreaterThan` and `BytesLessThan` to define the object size range (minimum and maximum number of Bytes). */ matchObjectSize?: pulumi.Input; /** * This property contains the `Or` logical operator, which allows multiple filter conditions to be joined. Objects can match any of the listed filter conditions, which are joined by the `Or` logical operator. Only one of each filter condition is allowed. */ or?: pulumi.Input; } /** * Specifies the details of Amazon S3 Storage Lens Group configuration. */ interface StorageLensGroupLevelArgs { /** * This property indicates which Storage Lens group ARNs to include or exclude in the Storage Lens group aggregation. If this value is left null, then all Storage Lens groups are selected. */ storageLensGroupSelectionCriteria?: pulumi.Input; } /** * Filter to match all of the specified values for the minimum and maximum object age. */ interface StorageLensGroupMatchObjectAgeArgs { /** * Minimum object age to which the rule applies. */ daysGreaterThan?: pulumi.Input; /** * Maximum object age to which the rule applies. */ daysLessThan?: pulumi.Input; } /** * Filter to match all of the specified values for the minimum and maximum object size. */ interface StorageLensGroupMatchObjectSizeArgs { /** * Minimum object size to which the rule applies. */ bytesGreaterThan?: pulumi.Input; /** * Maximum object size to which the rule applies. */ bytesLessThan?: pulumi.Input; } /** * The Storage Lens group will include objects that match any of the specified filter values. */ interface StorageLensGroupOrArgs { /** * This property contains a list of prefixes. At least one prefix must be specified. Up to 10 prefixes are allowed. */ matchAnyPrefix?: pulumi.Input[]>; /** * This property contains the list of suffixes. At least one suffix must be specified. Up to 10 suffixes are allowed. */ matchAnySuffix?: pulumi.Input[]>; /** * This property contains the list of S3 object tags. At least one object tag must be specified. Up to 10 object tags are allowed. */ matchAnyTag?: pulumi.Input[]>; /** * This property filters objects that match the specified object age range. */ matchObjectAge?: pulumi.Input; /** * This property contains the `BytesGreaterThan` and `BytesLessThan` values to define the object size range (minimum and maximum number of Bytes). */ matchObjectSize?: pulumi.Input; } /** * Selection criteria for Storage Lens Group level metrics */ interface StorageLensGroupSelectionCriteriaArgs { /** * This property indicates which Storage Lens group ARNs to exclude from the Storage Lens group aggregation. */ exclude?: pulumi.Input[]>; /** * This property indicates which Storage Lens group ARNs to include in the Storage Lens group aggregation. */ include?: pulumi.Input[]>; } interface StorageLensGroupTagArgs { key: pulumi.Input; value: pulumi.Input; } /** * Prefix-level metrics configurations. */ interface StorageLensPrefixLevelArgs { /** * A property for the prefix-level storage metrics for Amazon S3 Storage Lens. */ storageMetrics: pulumi.Input; } interface StorageLensPrefixLevelStorageMetricsArgs { /** * Specifies whether prefix-level storage metrics are enabled or disabled. */ isEnabled?: pulumi.Input; /** * This property identifies whether the details of the prefix-level storage metrics for S3 Storage Lens are enabled. */ selectionCriteria?: pulumi.Input; } /** * S3 bucket destination settings for the Amazon S3 Storage Lens metrics export. */ interface StorageLensS3BucketDestinationArgs { /** * The AWS account ID that owns the destination S3 bucket. */ accountId: pulumi.Input; /** * The ARN of the bucket to which Amazon S3 Storage Lens exports will be placed. */ arn: pulumi.Input; /** * This property contains the details of the encryption of the bucket destination of the Amazon S3 Storage Lens metrics export. */ encryption?: pulumi.Input; /** * Specifies the file format to use when exporting Amazon S3 Storage Lens metrics export. */ format: pulumi.Input; /** * The version of the output schema to use when exporting Amazon S3 Storage Lens metrics. */ outputSchemaVersion: pulumi.Input; /** * The prefix to use for Amazon S3 Storage Lens export. */ prefix?: pulumi.Input; } /** * Selection criteria for prefix-level metrics. */ interface StorageLensSelectionCriteriaArgs { /** * Delimiter to divide S3 key into hierarchy of prefixes. */ delimiter?: pulumi.Input; /** * Max depth of prefixes of S3 key that Amazon S3 Storage Lens will analyze. */ maxDepth?: pulumi.Input; /** * The minimum storage bytes threshold for the prefixes to be included in the analysis. */ minStorageBytesPercentage?: pulumi.Input; } /** * S3 Tables destination settings for the Amazon S3 Storage Lens metrics export. */ interface StorageLensTableDestinationArgs { /** * This resource configures your data encryption settings for Storage Lens metrics in read-only S3 table buckets. */ encryption?: pulumi.Input; /** * Specifies whether the export to S3 Tables is enabled or disabled. */ isEnabled: pulumi.Input; } } export declare namespace s3express { interface AccessPointPublicAccessBlockConfigurationArgs { /** * Specifies whether Amazon S3 should block public access control lists (ACLs) for buckets in this account. Setting this element to TRUE causes the following behavior: * - PUT Bucket acl and PUT Object acl calls fail if the specified ACL is public. * - PUT Object calls fail if the request includes a public ACL. * . - PUT Bucket calls fail if the request includes a public ACL. * Enabling this setting doesn't affect existing policies or ACLs. */ blockPublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should block public bucket policies for buckets in this account. Setting this element to TRUE causes Amazon S3 to reject calls to PUT Bucket policy if the specified bucket policy allows public access. Enabling this setting doesn't affect existing bucket policies. */ blockPublicPolicy?: pulumi.Input; /** * Specifies whether Amazon S3 should ignore public ACLs for buckets in this account. Setting this element to TRUE causes Amazon S3 to ignore all public ACLs on buckets in this account and any objects that they contain. Enabling this setting doesn't affect the persistence of any existing ACLs and doesn't prevent new public ACLs from being set. */ ignorePublicAcls?: pulumi.Input; /** * Specifies whether Amazon S3 should restrict public bucket policies for this bucket. Setting this element to TRUE restricts access to this bucket to only AWS services and authorized users within this account if the bucket has a public policy. * Enabling this setting doesn't affect previously stored bucket policies, except that public and cross-account access within any public bucket policy, including non-public delegation to specific accounts, is blocked. */ restrictPublicBuckets?: pulumi.Input; } interface AccessPointScopeArgs { /** * You can include one or more API operations as permissions */ permissions?: pulumi.Input[]>; /** * You can specify any amount of prefixes, but the total length of characters of all prefixes must be less than 256 bytes in size. */ prefixes?: pulumi.Input[]>; } /** * The Virtual Private Cloud (VPC) configuration for a bucket access point. */ interface AccessPointVpcConfigurationArgs { /** * If this field is specified, this access point will only allow connections from the specified VPC ID. */ vpcId?: pulumi.Input; } /** * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. */ interface DirectoryBucketAbortIncompleteMultipartUploadArgs { /** * Specifies the number of days after which Amazon S3 aborts an incomplete multipart upload. */ daysAfterInitiation: pulumi.Input; } /** * Specifies default encryption for a bucket using server-side encryption with Amazon S3 managed keys (SSE-S3) or AWS KMS keys (SSE-KMS). */ interface DirectoryBucketBucketEncryptionArgs { /** * Specifies the default server-side-encryption configuration. */ serverSideEncryptionConfiguration: pulumi.Input[]>; } interface DirectoryBucketLifecycleConfigurationArgs { /** * A lifecycle rule for individual objects in an Amazon S3 Express bucket. */ rules: pulumi.Input[]>; } /** * Specifies a metrics configuration for the CloudWatch request metrics from an Amazon S3 Express bucket. */ interface DirectoryBucketMetricsConfigurationArgs { /** * The access point ARN used when evaluating a metrics filter. */ accessPointArn?: pulumi.Input; /** * The ID used to identify the metrics configuration. */ id?: pulumi.Input; /** * The prefix used when evaluating a metrics filter. */ prefix?: pulumi.Input; } /** * You must specify at least one of the following properties: AbortIncompleteMultipartUpload, or ExpirationInDays. */ interface DirectoryBucketRuleArgs { /** * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3 will wait before permanently removing all parts of the upload. */ abortIncompleteMultipartUpload?: pulumi.Input; /** * Indicates the number of days after creation when objects are deleted from Amazon S3 and Amazon S3 Glacier. If you specify an expiration and transition time, you must use the same time unit for both properties (either in days or by date). The expiration time must also be later than the transition time. */ expirationInDays?: pulumi.Input; /** * Unique identifier for the rule. The value can't be longer than 255 characters. */ id?: pulumi.Input; /** * Specifies the minimum object size in bytes for this rule to apply to. Objects must be larger than this value in bytes. For more information about size based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* . */ objectSizeGreaterThan?: pulumi.Input; /** * Specifies the maximum object size in bytes for this rule to apply to. Objects must be smaller than this value in bytes. For more information about sized based rules, see [Lifecycle configuration using size-based rules](https://docs.aws.amazon.com/AmazonS3/latest/userguide/lifecycle-configuration-examples.html#lc-size-rules) in the *Amazon S3 User Guide* . */ objectSizeLessThan?: pulumi.Input; /** * Object key prefix that identifies one or more objects to which this rule applies. * * > Replacement must be made for object keys containing special characters (such as carriage returns) when using XML requests. For more information, see [XML related object key constraints](https://docs.aws.amazon.com/AmazonS3/latest/userguide/object-keys.html#object-key-xml-related-constraints) . */ prefix?: pulumi.Input; /** * If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied. */ status: pulumi.Input; } /** * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. */ interface DirectoryBucketServerSideEncryptionByDefaultArgs { /** * AWS Key Management Service (KMS) customer managed key ID to use for the default encryption. This parameter is allowed only if SSEAlgorithm is set to aws:kms. You can specify this parameter with the key ID or the Amazon Resource Name (ARN) of the KMS key */ kmsMasterKeyId?: pulumi.Input; /** * Server-side encryption algorithm to use for the default encryption. * * > For directory buckets, there are only two supported values for server-side encryption: `AES256` and `aws:kms` . */ sseAlgorithm: pulumi.Input; } /** * Specifies the default server-side encryption configuration. */ interface DirectoryBucketServerSideEncryptionRuleArgs { /** * Specifies whether Amazon S3 should use an S3 Bucket Key with server-side encryption using KMS (SSE-KMS) for new objects in the bucket. Existing objects are not affected. Amazon S3 Express One Zone uses an S3 Bucket Key with SSE-KMS and S3 Bucket Key cannot be disabled. It's only allowed to set the BucketKeyEnabled element to true. */ bucketKeyEnabled?: pulumi.Input; /** * Specifies the default server-side encryption to apply to new objects in the bucket. If a PUT Object request doesn't specify any server-side encryption, this default encryption will be applied. */ serverSideEncryptionByDefault?: pulumi.Input; } } export declare namespace s3files { interface AccessPointCreationPermissionsArgs { /** * Specifies the POSIX group ID to apply to the RootDirectory. Accepts values from 0 to 2^32 (4294967295). */ ownerGid: pulumi.Input; /** * Specifies the POSIX user ID to apply to the RootDirectory. Accepts values from 0 to 2^32 (4294967295). */ ownerUid: pulumi.Input; /** * Specifies the POSIX permissions to apply to the RootDirectory, in the format of an octal number representing the file's mode bits. */ permissions: pulumi.Input; } interface AccessPointPosixUserArgs { /** * The POSIX group ID used for all file system operations using this access point. */ gid: pulumi.Input; /** * Secondary POSIX group IDs used for all file system operations using this access point. */ secondaryGids?: pulumi.Input[]>; /** * The POSIX user ID used for all file system operations using this access point. */ uid: pulumi.Input; } interface AccessPointRootDirectoryArgs { /** * (Optional) Specifies the POSIX IDs and permissions to apply to the access point's RootDirectory. If the RootDirectory>Path specified does not exist, EFS creates the root directory using the CreationPermissions settings when a client connects to an access point. When specifying the CreationPermissions, you must provide values for all properties. If you do not provide CreationPermissions and the specified RootDirectory>Path does not exist, attempts to mount the file system using the access point will fail. */ creationPermissions?: pulumi.Input; /** * Specifies the path on the EFS file system to expose as the root directory to NFS clients using the access point to access the EFS file system. A path can have up to four subdirectories. If the specified path does not exist, you are required to provide the CreationPermissions. */ path?: pulumi.Input; } interface FileSystemExpirationDataRuleArgs { daysAfterLastAccess: pulumi.Input; } interface FileSystemImportDataRuleArgs { prefix: pulumi.Input; sizeLessThan: pulumi.Input; trigger: pulumi.Input; } interface FileSystemSynchronizationConfigurationArgs { expirationDataRules: pulumi.Input[]>; importDataRules: pulumi.Input[]>; latestVersionNumber?: pulumi.Input; } } export declare namespace s3objectlambda { interface AccessPointAwsLambdaArgs { functionArn: pulumi.Input; functionPayload?: pulumi.Input; } /** * Configuration to be applied to this Object lambda Access Point. It specifies Supporting Access Point, Transformation Configurations. Customers can also set if they like to enable Cloudwatch metrics for accesses to this Object lambda Access Point. Default setting for Cloudwatch metrics is disable. */ interface AccessPointObjectLambdaConfigurationArgs { /** * A container for allowed features. Valid inputs are `GetObject-Range` , `GetObject-PartNumber` , `HeadObject-Range` , and `HeadObject-PartNumber` . */ allowedFeatures?: pulumi.Input[]>; /** * A container for whether the CloudWatch metrics configuration is enabled. */ cloudWatchMetricsEnabled?: pulumi.Input; /** * Standard access point associated with the Object Lambda Access Point. */ supportingAccessPoint: pulumi.Input; /** * A container for transformation configurations for an Object Lambda Access Point. */ transformationConfigurations: pulumi.Input[]>; } /** * Configuration to define what content transformation will be applied on which S3 Action. */ interface AccessPointTransformationConfigurationArgs { /** * A container for the action of an Object Lambda Access Point configuration. Valid inputs are `GetObject` , `HeadObject` , `ListObject` , and `ListObjectV2` . */ actions: pulumi.Input[]>; /** * A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . */ contentTransformation: pulumi.Input; } /** * A container for the content transformation of an Object Lambda Access Point configuration. Can include the FunctionArn and FunctionPayload. For more information, see [AwsLambdaTransformation](https://docs.aws.amazon.com/AmazonS3/latest/API/API_control_AwsLambdaTransformation.html) in the *Amazon S3 API Reference* . */ interface AccessPointTransformationConfigurationContentTransformationPropertiesArgs { awsLambda: pulumi.Input; } } export declare namespace s3outposts { interface AccessPointVpcConfigurationArgs { /** * Virtual Private Cloud (VPC) Id from which AccessPoint will allow requests. */ vpcId?: pulumi.Input; } /** * Specifies the days since the initiation of an incomplete multipart upload that Amazon S3Outposts will wait before permanently removing all parts of the upload. */ interface BucketAbortIncompleteMultipartUploadArgs { /** * Specifies the number of days after which Amazon S3Outposts aborts an incomplete multipart upload. */ daysAfterInitiation: pulumi.Input; } interface BucketFilterAndOperatorPropertiesArgs { /** * Prefix identifies one or more objects to which the rule applies. */ prefix?: pulumi.Input; /** * All of these tags must exist in the object's tag set in order for the rule to apply. */ tags: pulumi.Input[]>; } /** * Tag used to identify a subset of objects for an Amazon S3Outposts bucket. */ interface BucketFilterTagArgs { key: pulumi.Input; value: pulumi.Input; } interface BucketLifecycleConfigurationArgs { /** * A list of lifecycle rules for individual objects in an Amazon S3Outposts bucket. */ rules: pulumi.Input[]>; } /** * Specifies lifecycle rules for an Amazon S3Outposts bucket. You must specify at least one of the following: AbortIncompleteMultipartUpload, ExpirationDate, ExpirationInDays. */ interface BucketRuleArgs { /** * Specifies a lifecycle rule that stops incomplete multipart uploads to an Amazon S3Outposts bucket. */ abortIncompleteMultipartUpload?: pulumi.Input; /** * Indicates when objects are deleted from Amazon S3Outposts. The date value must be in ISO 8601 format. The time is always midnight UTC. */ expirationDate?: pulumi.Input; /** * Indicates the number of days after creation when objects are deleted from Amazon S3Outposts. */ expirationInDays?: pulumi.Input; /** * The container for the filter of the lifecycle rule. */ filter?: pulumi.Input; /** * Unique identifier for the lifecycle rule. The value can't be longer than 255 characters. */ id?: pulumi.Input; /** * If `Enabled` , the rule is currently being applied. If `Disabled` , the rule is not currently being applied. */ status?: pulumi.Input; } /** * The container for the filter of the lifecycle rule. */ interface BucketRuleFilterPropertiesArgs { /** * The container for the AND condition for the lifecycle rule. A combination of Prefix and 1 or more Tags OR a minimum of 2 or more tags. */ andOperator?: pulumi.Input; /** * Object key prefix that identifies one or more objects to which this rule applies. */ prefix?: pulumi.Input; /** * Specifies a tag used to identify a subset of objects for an Amazon S3Outposts bucket. */ tag?: pulumi.Input; } interface EndpointFailedReasonArgs { /** * The failure code, if any, for a create or delete endpoint operation. */ errorCode?: pulumi.Input; /** * Additional error details describing the endpoint failure and recommended action. */ message?: pulumi.Input; } } export declare namespace s3tables { /** * Specifies encryption settings for the table bucket */ interface TableBucketEncryptionConfigurationArgs { /** * ARN of the KMS key to use for encryption */ kmsKeyArn?: pulumi.Input; /** * Server-side encryption algorithm */ sseAlgorithm?: pulumi.Input; } /** * Settings governing the Metric configuration for the table bucket. */ interface TableBucketMetricsConfigurationArgs { /** * Indicates whether Metrics are enabled. */ status?: pulumi.Input; } /** * A policy document containing permissions to add to the specified table bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. */ interface TableBucketPolicyResourcePolicyArgs { } /** * Specifies replication configuration for the table bucket */ interface TableBucketReplicationConfigurationArgs { /** * The ARN of the IAM role to use for replication */ role: pulumi.Input; /** * List of replication rules */ rules: pulumi.Input[]>; } /** * A replication destination */ interface TableBucketReplicationDestinationArgs { /** * The ARN of the destination table bucket */ destinationTableBucketArn: pulumi.Input; } /** * A replication rule for the table bucket */ interface TableBucketReplicationRuleArgs { /** * List of replication destinations */ destinations: pulumi.Input[]>; } /** * Specifies storage class settings for the table bucket */ interface TableBucketStorageClassConfigurationArgs { /** * The storage class for the table bucket */ storageClass?: pulumi.Input; } /** * Settings governing the Unreferenced File Removal maintenance action. Unreferenced file removal identifies and deletes all objects that are not referenced by any table snapshots. */ interface TableBucketUnreferencedFileRemovalArgs { /** * S3 permanently deletes noncurrent objects after the number of days specified by the NoncurrentDays property. */ noncurrentDays?: pulumi.Input; /** * Indicates whether the Unreferenced File Removal maintenance action is enabled. */ status?: pulumi.Input; /** * For any object not referenced by your table and older than the UnreferencedDays property, S3 creates a delete marker and marks the object version as noncurrent. */ unreferencedDays?: pulumi.Input; } /** * Settings governing the Compaction maintenance action. Contains details about the compaction settings for an Iceberg table. */ interface TableCompactionArgs { /** * Indicates whether the Compaction maintenance action is enabled. */ status?: pulumi.Input; /** * The target file size for the table in MB. */ targetFileSizeMb?: pulumi.Input; } /** * Contains details about the metadata for an Iceberg table. Specify either IcebergSchema (for simple flat schemas with primitive types only) or IcebergSchemaV2 (for schemas with nested types like struct, list, map), but not both. */ interface TableIcebergMetadataArgs { icebergPartitionSpec?: pulumi.Input; /** * Schema definition for flat tables with primitive types only. Mutually exclusive with IcebergSchemaV2. */ icebergSchema?: pulumi.Input; /** * Schema definition that supports Apache Iceberg nested types (struct, list, map) and primitive types. Mutually exclusive with IcebergSchema. */ icebergSchemaV2?: pulumi.Input; icebergSortOrder?: pulumi.Input; tableProperties?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * A partition field specification for an Iceberg table */ interface TableIcebergPartitionFieldArgs { /** * The partition field ID (auto-assigned starting from 1000 if not specified) */ fieldId?: pulumi.Input; /** * The name of the partition field */ name: pulumi.Input; /** * The source column ID to partition on */ sourceId: pulumi.Input; /** * The partition transform function (identity, bucket[N], truncate[N], year, month, day, hour) */ transform: pulumi.Input; } /** * Partition specification for an Iceberg table */ interface TableIcebergPartitionSpecArgs { /** * List of partition fields */ fields: pulumi.Input[]>; /** * The partition spec ID (defaults to 0 if not specified) */ specId?: pulumi.Input; } /** * Contains details about the schema for an Iceberg table */ interface TableIcebergSchemaArgs { /** * The schema fields for the table */ schemaFieldList: pulumi.Input[]>; } /** * Contains details about the schema version 2 (V2) for an Iceberg table that supports Apache Iceberg Nested Types (struct, list, map). Primitive types are also supported. */ interface TableIcebergSchemaV2Args { /** * A list of field IDs that are used as the identifier fields for the table. Identifier fields uniquely identify a row in the table. */ identifierFieldIds?: pulumi.Input[]>; /** * An optional unique identifier for the schema */ schemaId?: pulumi.Input; /** * The schema fields for the table */ schemaV2FieldList: pulumi.Input[]>; /** * The type of the top-level schema, which is always 'struct' */ schemaV2FieldType: pulumi.Input; } /** * A sort field specification for an Iceberg table */ interface TableIcebergSortFieldArgs { /** * Sort direction (asc or desc) */ direction: pulumi.Input; /** * Null value ordering (nulls-first or nulls-last) */ nullOrder: pulumi.Input; /** * The source column ID to sort on */ sourceId: pulumi.Input; /** * The sort transform function */ transform: pulumi.Input; } /** * Sort order specification for an Iceberg table */ interface TableIcebergSortOrderArgs { /** * List of sort fields */ fields: pulumi.Input[]>; /** * The sort order ID (defaults to 1 if not specified, 0 is reserved for unsorted) */ orderId?: pulumi.Input; } /** * A policy document containing permissions to add to the specified table. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. */ interface TablePolicyResourcePolicyArgs { } /** * Contains details about the schema for an Iceberg table */ interface TableSchemaFieldArgs { /** * The unique identifier for the field */ id?: pulumi.Input; /** * The name of the field */ name: pulumi.Input; /** * A Boolean value that specifies whether values are required for each row in this field */ required?: pulumi.Input; /** * The field type */ type: pulumi.Input; } /** * Contains details about a schema field for an Iceberg table that supports nested types (struct, list, map) */ interface TableSchemaV2FieldArgs { /** * Optional documentation for the field */ doc?: pulumi.Input; /** * The unique identifier for the field */ id: pulumi.Input; /** * The name of the field */ name: pulumi.Input; /** * A Boolean value that specifies whether values are required for each row in this field */ required: pulumi.Input; /** * The field type. For primitive types, use a string (e.g., 'int', 'string', 'long'). For nested types, use an object (e.g., {'type': 'struct', 'fields': [...]} for struct, {'type': 'list', 'element-id': N, 'element': 'type'} for list, {'type': 'map', 'key-id': N, 'key': 'type', 'value-id': N, 'value': 'type'} for map). */ type: pulumi.Input; } /** * Contains details about the snapshot management settings for an Iceberg table. A snapshot is expired when it exceeds MinSnapshotsToKeep and MaxSnapshotAgeHours. */ interface TableSnapshotManagementArgs { /** * The maximum age of a snapshot before it can be expired. */ maxSnapshotAgeHours?: pulumi.Input; /** * The minimum number of snapshots to keep. */ minSnapshotsToKeep?: pulumi.Input; /** * Indicates whether the SnapshotManagement maintenance action is enabled. */ status?: pulumi.Input; } /** * Specifies storage class settings for the table */ interface TableStorageClassConfigurationArgs { /** * The storage class for the table */ storageClass?: pulumi.Input; } } export declare namespace s3vectors { /** * The encryption configuration for the index. */ interface IndexEncryptionConfigurationArgs { /** * AWS Key Management Service (KMS) customer managed key ID to use for the encryption configuration. This parameter is allowed if and only if sseType is set to aws:kms */ kmsKeyArn?: pulumi.Input; /** * Defines the server-side encryption type for index encryption configuration. Defaults to the parent vector bucket's encryption settings when unspecified. */ sseType?: pulumi.Input; } /** * The metadata configuration for the vector index. */ interface IndexMetadataConfigurationArgs { /** * Non-filterable metadata keys allow you to enrich vectors with additional context during storage and retrieval. Unlike default metadata keys, these keys cannot be used as query filters. Non-filterable metadata keys can be retrieved but cannot be searched, queried, or filtered. You can access non-filterable metadata keys of your vectors after finding the vectors. */ nonFilterableMetadataKeys?: pulumi.Input[]>; } /** * The encryption configuration for the vector bucket. */ interface VectorBucketEncryptionConfigurationArgs { /** * AWS Key Management Service (KMS) customer managed key ID to use for the encryption configuration. This parameter is allowed if and only if sseType is set to aws:kms */ kmsKeyArn?: pulumi.Input; /** * The server-side encryption type to use for the encryption configuration of the vector bucket. By default, if you don't specify, all new vectors in Amazon S3 vector buckets use server-side encryption with Amazon S3 managed keys (SSE-S3), specifically AES256. */ sseType?: pulumi.Input; } /** * A policy document containing permissions to add to the specified vector bucket. In IAM, you must provide policy documents in JSON format. However, in CloudFormation you can provide the policy in JSON or YAML format because CloudFormation converts YAML to JSON before submitting it to IAM. */ interface VectorBucketPolicyPolicyArgs { } } export declare namespace sagemaker { /** * The configuration for the kernels in a SageMaker image running as a CodeEditor app. */ interface AppImageConfigCodeEditorAppImageConfigArgs { /** * The container configuration for a SageMaker image. */ containerConfig?: pulumi.Input; } /** * The container configuration for a SageMaker image. */ interface AppImageConfigContainerConfigArgs { /** * A list of arguments to apply to the container. */ containerArguments?: pulumi.Input[]>; /** * The custom entry point to use on container. */ containerEntrypoint?: pulumi.Input[]>; /** * A list of variables to apply to the custom container. */ containerEnvironmentVariables?: pulumi.Input[]>; } interface AppImageConfigCustomImageContainerEnvironmentVariableArgs { /** * The key that identifies a container environment variable. */ key: pulumi.Input; /** * The value of the container environment variable. */ value: pulumi.Input; } /** * The Amazon Elastic File System (EFS) storage configuration for a SageMaker image. */ interface AppImageConfigFileSystemConfigArgs { /** * The default POSIX group ID (GID). If not specified, defaults to 100. */ defaultGid?: pulumi.Input; /** * The default POSIX user ID (UID). If not specified, defaults to 1000. */ defaultUid?: pulumi.Input; /** * The path within the image to mount the user's EFS home directory. The directory should be empty. If not specified, defaults to /home/sagemaker-user. */ mountPath?: pulumi.Input; } /** * The configuration for the kernels in a SageMaker image running as a JupyterLab app. */ interface AppImageConfigJupyterLabAppImageConfigArgs { /** * The container configuration for a SageMaker image. */ containerConfig?: pulumi.Input; } /** * The configuration for the file system and kernels in a SageMaker image running as a KernelGateway app. */ interface AppImageConfigKernelGatewayImageConfigArgs { /** * The Amazon Elastic File System (EFS) storage configuration for a SageMaker image. */ fileSystemConfig?: pulumi.Input; /** * The specification of the Jupyter kernels in the image. */ kernelSpecs: pulumi.Input[]>; } interface AppImageConfigKernelSpecArgs { /** * The display name of the kernel. */ displayName?: pulumi.Input; /** * The name of the kernel. */ name: pulumi.Input; } interface AppResourceSpecArgs { /** * The instance type that the image version runs on. */ instanceType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource. */ lifecycleConfigArn?: pulumi.Input; /** * The ARN of the SageMaker image that the image version belongs to. */ sageMakerImageArn?: pulumi.Input; /** * The ARN of the image version created on the instance. */ sageMakerImageVersionArn?: pulumi.Input; } /** * The details of the alarm to monitor during the AMI update. */ interface ClusterAlarmDetailsArgs { /** * The name of the alarm. */ alarmName: pulumi.Input; } /** * Configuration for cluster auto-scaling */ interface ClusterAutoScalingConfigArgs { /** * The type of auto-scaler to use */ autoScalerType?: pulumi.Input; /** * The auto-scaling mode for the cluster */ mode: pulumi.Input; } /** * Specifies the capacity requirements configuration for an instance group */ interface ClusterCapacityRequirementsArgs { onDemand?: pulumi.Input; spot?: pulumi.Input; } /** * The configuration of the size measurements of the AMI update. Using this configuration, you can specify whether SageMaker should update your instance group by an amount or percentage of instances. */ interface ClusterCapacitySizeConfigArgs { /** * Specifies whether SageMaker should process the update by amount or percentage of instances. */ type: pulumi.Input; /** * Specifies the amount or percentage of instances SageMaker updates at a time. */ value: pulumi.Input; } /** * The configuration to use when updating the AMI versions. */ interface ClusterDeploymentConfigArgs { autoRollbackConfiguration?: pulumi.Input[]>; rollingUpdatePolicy?: pulumi.Input; /** * The duration in seconds that SageMaker waits before updating more instances in the cluster. */ waitIntervalInSeconds?: pulumi.Input; } /** * The configuration for the restricted instance groups (RIG) environment. */ interface ClusterEnvironmentConfigArgs { fSxLustreConfig?: pulumi.Input; } /** * Configuration settings for an Amazon FSx for Lustre file system to be used with the cluster. */ interface ClusterFSxLustreConfigArgs { /** * The throughput capacity of the FSx for Lustre file system, measured in MB/s per TiB of storage. */ perUnitStorageThroughput: pulumi.Input; /** * The storage capacity of the FSx for Lustre file system, specified in gibibytes (GiB). */ sizeInGiB: pulumi.Input; } /** * Details of an instance group in a SageMaker HyperPod cluster. */ interface ClusterInstanceGroupArgs { capacityRequirements?: pulumi.Input; /** * The number of instances that are currently in the instance group of a SageMaker HyperPod cluster. */ currentCount?: pulumi.Input; executionRole: pulumi.Input; imageId?: pulumi.Input; /** * The number of instances you specified to add to the instance group of a SageMaker HyperPod cluster. */ instanceCount: pulumi.Input; instanceGroupName: pulumi.Input; instanceStorageConfigs?: pulumi.Input[]>; instanceType: pulumi.Input; kubernetesConfig?: pulumi.Input; lifeCycleConfig?: pulumi.Input; /** * The minimum number of instances required for the instance group to be InService. MinInstanceCount must be less than or equal to InstanceCount. */ minInstanceCount?: pulumi.Input; onStartDeepHealthChecks?: pulumi.Input[]>; overrideVpcConfig?: pulumi.Input; scheduledUpdateConfig?: pulumi.Input; slurmConfig?: pulumi.Input; /** * The number you specified to TreadsPerCore in CreateCluster for enabling or disabling multithreading. For instance types that support multithreading, you can specify 1 for disabling multithreading and 2 for enabling multithreading. */ threadsPerCore?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the training plan to use for this cluster instance group. For more information about how to reserve GPU capacity for your SageMaker HyperPod clusters using Amazon SageMaker Training Plan, see CreateTrainingPlan. */ trainingPlanArn?: pulumi.Input; } /** * Defines the configuration for attaching additional storage to the instances in the SageMaker HyperPod cluster instance group. */ interface ClusterInstanceStorageConfigArgs { } /** * Kubernetes configuration for cluster nodes including labels and taints. */ interface ClusterKubernetesConfigArgs { labels?: pulumi.Input<{ [key: string]: pulumi.Input; }>; taints?: pulumi.Input[]>; } /** * A Kubernetes taint to apply to cluster nodes. */ interface ClusterKubernetesTaintArgs { /** * The effect of the taint. */ effect: pulumi.Input; /** * The key of the taint. */ key: pulumi.Input; /** * The value of the taint. */ value?: pulumi.Input; } /** * The lifecycle configuration for a SageMaker HyperPod cluster. When omitted, the instance group uses Bootstrap mode. When provided with SourceS3Uri and OnCreate, uses Customer Managed mode. When provided with SourceS3Uri and OnInitComplete, uses Extended mode. */ interface ClusterLifeCycleConfigArgs { /** * The file name of the entrypoint script of lifecycle scripts under SourceS3Uri. This entrypoint script runs during cluster creation. Mutually exclusive with OnInitComplete. */ onCreate?: pulumi.Input; /** * The file name of the extension script under SourceS3Uri. This script runs after HyperPod configures the default software on the instance. Mutually exclusive with OnCreate. */ onInitComplete?: pulumi.Input; /** * An Amazon S3 bucket path where your lifecycle scripts are stored. */ sourceS3Uri?: pulumi.Input; } /** * Options for OnDemand capacity */ interface ClusterOnDemandOptionsArgs { } /** * Specifies parameter(s) specific to the orchestrator, e.g. specify the EKS cluster or Slurm configuration. */ interface ClusterOrchestratorArgs { } /** * Details of a restricted instance group in a SageMaker HyperPod cluster. */ interface ClusterRestrictedInstanceGroupArgs { /** * The number of instances that are currently in the restricted instance group of a SageMaker HyperPod cluster. */ currentCount?: pulumi.Input; environmentConfig: pulumi.Input; executionRole: pulumi.Input; /** * The number of instances you specified to add to the restricted instance group of a SageMaker HyperPod cluster. */ instanceCount: pulumi.Input; instanceGroupName: pulumi.Input; instanceStorageConfigs?: pulumi.Input[]>; instanceType: pulumi.Input; onStartDeepHealthChecks?: pulumi.Input[]>; overrideVpcConfig?: pulumi.Input; /** * The number you specified to TreadsPerCore in CreateCluster for enabling or disabling multithreading. For instance types that support multithreading, you can specify 1 for disabling multithreading and 2 for enabling multithreading. */ threadsPerCore?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the training plan to use for this cluster restricted instance group. For more information about how to reserve GPU capacity for your SageMaker HyperPod clusters using Amazon SageMaker Training Plan, see CreateTrainingPlan. */ trainingPlanArn?: pulumi.Input; } /** * The policy that SageMaker uses when updating the AMI versions of the cluster. */ interface ClusterRollingUpdatePolicyArgs { maximumBatchSize: pulumi.Input; rollbackMaximumBatchSize?: pulumi.Input; } /** * The configuration object of the schedule that SageMaker follows when updating the AMI. */ interface ClusterScheduledUpdateConfigArgs { deploymentConfig?: pulumi.Input; /** * A cron expression that specifies the schedule that SageMaker follows when updating the AMI. */ scheduleExpression: pulumi.Input; } /** * Slurm configuration for the instance group. */ interface ClusterSlurmConfigArgs { /** * The type of Slurm node for this instance group. */ nodeType: pulumi.Input; /** * The Slurm partitions that this instance group belongs to. Maximum of 1 partition. */ partitionNames?: pulumi.Input[]>; } /** * Options for Spot capacity */ interface ClusterSpotOptionsArgs { } /** * Configuration for tiered storage in the SageMaker HyperPod cluster. */ interface ClusterTieredStorageConfigArgs { /** * The percentage of instance memory to allocate for tiered storage. */ instanceMemoryAllocationPercentage?: pulumi.Input; /** * The mode of tiered storage. */ mode: pulumi.Input; } /** * Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. */ interface ClusterVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect your training job or model. */ subnets: pulumi.Input[]>; } /** * The batch transform input for a monitoring job. */ interface DataQualityJobDefinitionBatchTransformInputArgs { /** * A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. */ dataCapturedDestinationS3Uri: pulumi.Input; /** * The dataset format for your batch transform job. */ datasetFormat: pulumi.Input; /** * Indexes or names of the features to be excluded from analysis */ excludeFeaturesAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * Configuration for the cluster used to run model monitoring jobs. */ interface DataQualityJobDefinitionClusterConfigArgs { /** * The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * The baseline constraints resource for a monitoring job. */ interface DataQualityJobDefinitionConstraintsResourceArgs { /** * The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. */ s3Uri?: pulumi.Input; } /** * The CSV format */ interface DataQualityJobDefinitionCsvArgs { /** * A boolean flag indicating if given CSV has header */ header?: pulumi.Input; } /** * Container image configuration object for the monitoring job. */ interface DataQualityJobDefinitionDataQualityAppSpecificationArgs { /** * An array of arguments for the container used to run the monitoring job. */ containerArguments?: pulumi.Input[]>; /** * Specifies the entrypoint for a container used to run the monitoring job. */ containerEntrypoint?: pulumi.Input[]>; /** * Sets the environment variables in the Docker container */ environment?: any; /** * The container image to be run by the monitoring job. */ imageUri: pulumi.Input; /** * An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers. */ postAnalyticsProcessorSourceUri?: pulumi.Input; /** * An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers */ recordPreprocessorSourceUri?: pulumi.Input; } /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics. */ interface DataQualityJobDefinitionDataQualityBaselineConfigArgs { /** * The name of the job that performs baselining for the data quality monitoring job. */ baseliningJobName?: pulumi.Input; /** * The constraints resource for a monitoring job. */ constraintsResource?: pulumi.Input; /** * Configuration for monitoring constraints and monitoring statistics. These baseline resources are compared against the results of the current job from the series of jobs scheduled to collect data periodically. */ statisticsResource?: pulumi.Input; } /** * The inputs for a monitoring job. */ interface DataQualityJobDefinitionDataQualityJobInputArgs { /** * Input object for the batch transform job. */ batchTransformInput?: pulumi.Input; /** * Input object for the endpoint */ endpointInput?: pulumi.Input; } /** * The dataset format of the data to monitor */ interface DataQualityJobDefinitionDatasetFormatArgs { csv?: pulumi.Input; json?: pulumi.Input; parquet?: pulumi.Input; } /** * The endpoint for a monitoring job. */ interface DataQualityJobDefinitionEndpointInputArgs { /** * An endpoint in customer's account which has enabled `DataCaptureConfig` enabled. */ endpointName: pulumi.Input; /** * Indexes or names of the features to be excluded from analysis */ excludeFeaturesAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * The Json format */ interface DataQualityJobDefinitionJsonArgs { /** * A boolean flag indicating if it is JSON line format */ line?: pulumi.Input; } /** * The output object for a monitoring job. */ interface DataQualityJobDefinitionMonitoringOutputArgs { /** * The Amazon S3 storage location where the results of a monitoring job are saved. */ s3Output: pulumi.Input; } /** * The output configuration for monitoring jobs. */ interface DataQualityJobDefinitionMonitoringOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. */ monitoringOutputs: pulumi.Input[]>; } /** * Identifies the resources to deploy for a monitoring job. */ interface DataQualityJobDefinitionMonitoringResourcesArgs { /** * The configuration for the cluster resources used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface DataQualityJobDefinitionNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ vpcConfig?: pulumi.Input; } /** * Information about where and how to store the results of a monitoring job. */ interface DataQualityJobDefinitionS3OutputArgs { /** * The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. */ localPath: pulumi.Input; /** * Whether to upload the results of the monitoring job continuously or after the job completes. */ s3UploadMode?: pulumi.Input; /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * The baseline statistics resource for a monitoring job. */ interface DataQualityJobDefinitionStatisticsResourceArgs { /** * The Amazon S3 URI for the baseline statistics file in Amazon S3 that the current monitoring job should be validated against. */ s3Uri?: pulumi.Input; } /** * Specifies a time limit for how long the monitoring job is allowed to run. */ interface DataQualityJobDefinitionStoppingConditionArgs { /** * The maximum runtime allowed in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ interface DataQualityJobDefinitionVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. */ subnets: pulumi.Input[]>; } /** * Edge device you want to create */ interface DeviceArgs { /** * Description of the device */ description?: pulumi.Input; /** * The name of the device */ deviceName: pulumi.Input; /** * AWS Internet of Things (IoT) object name. */ iotThingName?: pulumi.Input; } interface DeviceFleetEdgeOutputConfigArgs { /** * The KMS key id used for encryption on the S3 bucket */ kmsKeyId?: pulumi.Input; /** * The Amazon Simple Storage (S3) bucket URI */ s3OutputLocation: pulumi.Input; } interface DomainAppLifecycleManagementArgs { /** * Settings related to idle shutdown of Studio applications. */ idleSettings?: pulumi.Input; } /** * The CodeEditor app settings. */ interface DomainCodeEditorAppSettingsArgs { /** * Settings that are used to configure and manage the lifecycle of CodeEditor applications. */ appLifecycleManagement?: pulumi.Input; /** * The lifecycle configuration that runs before the default lifecycle configuration. */ builtInLifecycleConfigArn?: pulumi.Input; /** * A list of custom images for use for CodeEditor apps. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with CodeEditor apps. */ lifecycleConfigArns?: pulumi.Input[]>; } interface DomainCodeRepositoryArgs { /** * A CodeRepository (valid URL) to be used within Jupyter's Git extension. */ repositoryUrl: pulumi.Input; } interface DomainCustomFileSystemConfigArgs { /** * The settings for a custom Amazon EFS file system. */ efsFileSystemConfig?: pulumi.Input; /** * The settings for a custom Amazon FSx for Lustre file system. */ fSxLustreFileSystemConfig?: pulumi.Input; /** * Configuration settings for a custom Amazon S3 file system. */ s3FileSystemConfig?: pulumi.Input; } /** * A custom SageMaker image. */ interface DomainCustomImageArgs { /** * The Name of the AppImageConfig. */ appImageConfigName: pulumi.Input; /** * The name of the CustomImage. Must be unique to your account. */ imageName: pulumi.Input; /** * The version number of the CustomImage. */ imageVersionNumber?: pulumi.Input; } interface DomainCustomPosixUserConfigArgs { /** * The POSIX group ID. */ gid: pulumi.Input; /** * The POSIX user ID. */ uid: pulumi.Input; } /** * Properties related to the Amazon Elastic Block Store volume. Must be provided if storage type is Amazon EBS and must not be provided if storage type is not Amazon EBS */ interface DomainDefaultEbsStorageSettingsArgs { /** * Default size of the Amazon EBS volume in Gb */ defaultEbsVolumeSizeInGb: pulumi.Input; /** * Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb. */ maximumEbsVolumeSizeInGb: pulumi.Input; } /** * A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the Create/Update Domain API is called. */ interface DomainDefaultSpaceSettingsArgs { /** * The settings for assigning a custom file system to a domain. Permitted users can access this file system in Amazon SageMaker AI Studio. */ customFileSystemConfigs?: pulumi.Input[]>; /** * The Jupyter lab's custom posix user configurations. */ customPosixUserConfig?: pulumi.Input; /** * The execution role for the space. */ executionRole: pulumi.Input; /** * The Jupyter lab's app settings. */ jupyterLabAppSettings?: pulumi.Input; /** * The Jupyter server's app settings. */ jupyterServerAppSettings?: pulumi.Input; /** * The kernel gateway app settings. */ kernelGatewayAppSettings?: pulumi.Input; /** * The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. */ securityGroups?: pulumi.Input[]>; /** * The Jupyter lab's space storage settings. */ spaceStorageSettings?: pulumi.Input; } /** * Default storage settings for a space. */ interface DomainDefaultSpaceStorageSettingsArgs { /** * The default EBS storage settings for a space. */ defaultEbsStorageSettings?: pulumi.Input; } /** * A collection of settings that are required to start docker-proxy server. */ interface DomainDockerSettingsArgs { /** * The flag to enable/disable docker-proxy server */ enableDockerAccess?: pulumi.Input; /** * A list of account id's that would be used to pull images from in VpcOnly mode */ vpcOnlyTrustedAccounts?: pulumi.Input[]>; } interface DomainEfsFileSystemConfigArgs { /** * The ID of your Amazon EFS file system. */ fileSystemId: pulumi.Input; /** * The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below. */ fileSystemPath?: pulumi.Input; } interface DomainFSxLustreFileSystemConfigArgs { /** * The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre. */ fileSystemId: pulumi.Input; /** * The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below. */ fileSystemPath?: pulumi.Input; } interface DomainHiddenSageMakerImageArgs { /** * The SageMaker image name that you are hiding from the Studio user interface. */ sageMakerImageName?: pulumi.Input; /** * The version aliases you are hiding from the Studio user interface. */ versionAliases?: pulumi.Input[]>; } interface DomainIdleSettingsArgs { /** * The time that SageMaker waits after the application becomes idle before shutting it down. */ idleTimeoutInMinutes?: pulumi.Input; /** * Indicates whether idle shutdown is activated for the application type. */ lifecycleManagement?: pulumi.Input; /** * The maximum value in minutes that custom idle shutdown can be set to by the user. */ maxIdleTimeoutInMinutes?: pulumi.Input; /** * The minimum value in minutes that custom idle shutdown can be set to by the user. */ minIdleTimeoutInMinutes?: pulumi.Input; } /** * The JupyterLab app settings. */ interface DomainJupyterLabAppSettingsArgs { /** * Indicates whether idle shutdown is activated for JupyterLab applications. */ appLifecycleManagement?: pulumi.Input; /** * The lifecycle configuration that runs before the default lifecycle configuration. */ builtInLifecycleConfigArn?: pulumi.Input; /** * A list of CodeRepositories available for use with JupyterLab apps. */ codeRepositories?: pulumi.Input[]>; /** * A list of custom images for use for JupyterLab apps. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with JupyterLab apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * The JupyterServer app settings. */ interface DomainJupyterServerAppSettingsArgs { /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with JupyterServer apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * The kernel gateway app settings. */ interface DomainKernelGatewayAppSettingsArgs { /** * A list of custom SageMaker images that are configured to run as a KernelGateway app. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with KernelGateway apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * A collection of settings that apply to an RSessionGateway app. */ interface DomainRSessionAppSettingsArgs { /** * A list of custom SageMaker images that are configured to run as a KernelGateway app. */ customImages?: pulumi.Input[]>; /** * Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on. */ defaultResourceSpec?: pulumi.Input; } /** * A collection of settings that configure user interaction with the RStudioServerPro app. */ interface DomainRStudioServerProAppSettingsArgs { /** * Indicates whether the current user has access to the RStudioServerPro app. */ accessStatus?: pulumi.Input; /** * The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard. */ userGroup?: pulumi.Input; } /** * A collection of settings that update the current configuration for the RStudioServerPro Domain-level app. */ interface DomainRStudioServerProDomainSettingsArgs { /** * A collection that defines the default `InstanceType` , `SageMakerImageArn` , and `SageMakerImageVersionArn` for the Domain. */ defaultResourceSpec?: pulumi.Input; /** * The ARN of the execution role for the RStudioServerPro Domain-level app. */ domainExecutionRoleArn: pulumi.Input; /** * A URL pointing to an RStudio Connect server. */ rStudioConnectUrl?: pulumi.Input; /** * A URL pointing to an RStudio Package Manager server. */ rStudioPackageManagerUrl?: pulumi.Input; } interface DomainResourceSpecArgs { /** * The instance type that the image version runs on. * * > *JupyterServer apps* only support the `system` value. * > * > For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types. */ instanceType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource. */ lifecycleConfigArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the SageMaker image that the image version belongs to. */ sageMakerImageArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the image version created on the instance. */ sageMakerImageVersionArn?: pulumi.Input; } interface DomainS3FileSystemConfigArgs { /** * The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment. */ mountPath?: pulumi.Input; /** * The Amazon S3 URI of the S3 file system configuration. */ s3Uri?: pulumi.Input; } /** * A collection of Domain settings. */ interface DomainSettingsArgs { /** * A collection of settings that configure the domain's Docker interaction. */ dockerSettings?: pulumi.Input; /** * The configuration for attaching a SageMaker user profile name to the execution role as a sts:SourceIdentity key. */ executionRoleIdentityConfig?: pulumi.Input; /** * The IP address type for the domain. Specify `ipv4` for IPv4-only connectivity or `dualstack` for both IPv4 and IPv6 connectivity. When you specify `dualstack` , the subnet must support IPv6 CIDR blocks. If not specified, defaults to `ipv4` . */ ipAddressType?: pulumi.Input; /** * A collection of settings that configure the `RStudioServerPro` Domain-level app. */ rStudioServerProDomainSettings?: pulumi.Input; /** * The security groups for the Amazon Virtual Private Cloud that the Domain uses for communication between Domain-level apps and user apps. */ securityGroupIds?: pulumi.Input[]>; /** * The settings that apply to an SageMaker AI domain when you use it in Amazon SageMaker Unified Studio. */ unifiedStudioSettings?: pulumi.Input; } /** * Specifies options when sharing an Amazon SageMaker Studio notebook. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called. */ interface DomainSharingSettingsArgs { /** * Whether to include the notebook cell output when sharing the notebook. The default is Disabled. */ notebookOutputOption?: pulumi.Input; /** * When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket. */ s3KmsKeyId?: pulumi.Input; /** * When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots. */ s3OutputPath?: pulumi.Input; } /** * Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level. */ interface DomainStudioWebPortalSettingsArgs { /** * Applications supported in Studio that are hidden from the Studio left navigation pane. */ hiddenAppTypes?: pulumi.Input[]>; /** * The instance types you are hiding from the Studio user interface. */ hiddenInstanceTypes?: pulumi.Input[]>; /** * The machine learning tools that are hidden from the Studio left navigation pane. */ hiddenMlTools?: pulumi.Input[]>; /** * The version aliases you are hiding from the Studio user interface. */ hiddenSageMakerImageVersionAliases?: pulumi.Input[]>; } /** * A collection of settings that apply to an Amazon SageMaker AI domain when you use it in Amazon SageMaker Unified Studio. */ interface DomainUnifiedStudioSettingsArgs { /** * The ID of the AWS account that has the Amazon SageMaker Unified Studio domain. The default value, if you don't specify an ID, is the ID of the account that has the Amazon SageMaker AI domain. */ domainAccountId?: pulumi.Input; /** * The ID of the Amazon SageMaker Unified Studio domain associated with this domain. */ domainId?: pulumi.Input; /** * The AWS Region where the domain is located in Amazon SageMaker Unified Studio. The default value, if you don't specify a Region, is the Region where the Amazon SageMaker AI domain is located. */ domainRegion?: pulumi.Input; /** * The ID of the environment that Amazon SageMaker Unified Studio associates with the domain. */ environmentId?: pulumi.Input; /** * The ID of the Amazon SageMaker Unified Studio project that corresponds to the domain. */ projectId?: pulumi.Input; /** * The location where Amazon S3 stores temporary execution data and other artifacts for the project that corresponds to the domain. */ projectS3Path?: pulumi.Input; /** * Sets whether you can access the domain in Amazon SageMaker Studio: * * ENABLED * You can access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it in both studio interfaces. * DISABLED * You can't access the domain in Amazon SageMaker Studio. If you migrate the domain to Amazon SageMaker Unified Studio, you can access it only in that studio interface. */ studioWebPortalAccess?: pulumi.Input; } /** * A collection of settings that apply to users of Amazon SageMaker Studio. These settings are specified when the CreateUserProfile API is called, and as DefaultUserSettings when the CreateDomain API is called. */ interface DomainUserSettingsArgs { /** * Indicates whether auto-mounting of an EFS volume is supported for the user profile. */ autoMountHomeEfs?: pulumi.Input; /** * The Code Editor application settings. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ codeEditorAppSettings?: pulumi.Input; /** * The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ customFileSystemConfigs?: pulumi.Input[]>; /** * Details about the POSIX identity that is used for file system operations. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ customPosixUserConfig?: pulumi.Input; /** * Defines which Amazon SageMaker application users are directed to by default. */ defaultLandingUri?: pulumi.Input; /** * The execution role for the user. */ executionRole: pulumi.Input; /** * The settings for the JupyterLab application. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ jupyterLabAppSettings?: pulumi.Input; /** * The Jupyter server's app settings. */ jupyterServerAppSettings?: pulumi.Input; /** * The kernel gateway app settings. */ kernelGatewayAppSettings?: pulumi.Input; /** * A collection of settings that configure the `RSessionGateway` app. */ rSessionAppSettings?: pulumi.Input; /** * A collection of settings that configure user interaction with the `RStudioServerPro` app. */ rStudioServerProAppSettings?: pulumi.Input; /** * The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. */ securityGroups?: pulumi.Input[]>; /** * The sharing settings. */ sharingSettings?: pulumi.Input; /** * The storage settings for a space. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ spaceStorageSettings?: pulumi.Input; /** * Indicates whether the Studio experience is available to users. If not, users cannot access Studio. */ studioWebPortal?: pulumi.Input; /** * Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level. */ studioWebPortalSettings?: pulumi.Input; } interface EndpointAlarmArgs { /** * The name of the CloudWatch alarm. */ alarmName: pulumi.Input; } interface EndpointAutoRollbackConfigArgs { /** * List of CloudWatch alarms to monitor during the deployment. If any alarm goes off, the deployment is rolled back. */ alarms: pulumi.Input[]>; } interface EndpointBlueGreenUpdatePolicyArgs { /** * The maximum time allowed for the blue/green update, in seconds. */ maximumExecutionTimeoutInSeconds?: pulumi.Input; /** * The wait time before terminating the old endpoint during a blue/green deployment. */ terminationWaitInSeconds?: pulumi.Input; /** * The traffic routing configuration for the blue/green deployment. */ trafficRoutingConfiguration: pulumi.Input; } interface EndpointCapacitySizeArgs { /** * Specifies whether the `Value` is an instance count or a capacity unit. */ type: pulumi.Input; /** * The value representing either the number of instances or the number of capacity units. */ value: pulumi.Input; } interface EndpointDeploymentConfigArgs { /** * Configuration for automatic rollback if an error occurs during deployment. */ autoRollbackConfiguration?: pulumi.Input; /** * Configuration for blue-green update deployment policies. */ blueGreenUpdatePolicy?: pulumi.Input; /** * Configuration for rolling update deployment policies. */ rollingUpdatePolicy?: pulumi.Input; } interface EndpointRollingUpdatePolicyArgs { /** * Specifies the maximum batch size for each rolling update. */ maximumBatchSize: pulumi.Input; /** * The maximum time allowed for the rolling update, in seconds. */ maximumExecutionTimeoutInSeconds?: pulumi.Input; /** * The maximum batch size for rollback during an update failure. */ rollbackMaximumBatchSize?: pulumi.Input; /** * The time to wait between steps during the rolling update, in seconds. */ waitIntervalInSeconds: pulumi.Input; } interface EndpointTrafficRoutingConfigArgs { /** * Specifies the size of the canary traffic in a canary deployment. */ canarySize?: pulumi.Input; /** * Specifies the step size for linear traffic routing. */ linearStepSize?: pulumi.Input; /** * Specifies the type of traffic routing (e.g., 'AllAtOnce', 'Canary', 'Linear'). */ type: pulumi.Input; /** * Specifies the wait interval between traffic shifts, in seconds. */ waitIntervalInSeconds?: pulumi.Input; } interface EndpointVariantPropertyArgs { /** * The type of variant property (e.g., 'DesiredInstanceCount', 'DesiredWeight', 'DataCaptureConfig'). */ variantPropertyType?: pulumi.Input; } interface FeatureGroupDataCatalogConfigArgs { /** * The name of the Glue table catalog. */ catalog: pulumi.Input; /** * The name of the Glue table database. */ database: pulumi.Input; /** * The name of the Glue table. */ tableName: pulumi.Input; } interface FeatureGroupFeatureDefinitionArgs { /** * The name of a feature. The type must be a string. `FeatureName` cannot be any of the following: `is_deleted` , `write_time` , `api_invocation_time` . * * The name: * * - Must start with an alphanumeric character. * - Can only include alphanumeric characters, underscores, and hyphens. Spaces are not allowed. */ featureName: pulumi.Input; /** * The value type of a feature. Valid values are Integral, Fractional, or String. */ featureType: pulumi.Input; } interface FeatureGroupOnlineStoreSecurityConfigArgs { /** * The AWS Key Management Service (KMS) key ARN that SageMaker Feature Store uses to encrypt the Amazon S3 objects at rest using Amazon S3 server-side encryption. * * The caller (either user or IAM role) of `CreateFeatureGroup` must have below permissions to the `OnlineStore` `KmsKeyId` : * * - `"kms:Encrypt"` * - `"kms:Decrypt"` * - `"kms:DescribeKey"` * - `"kms:CreateGrant"` * - `"kms:RetireGrant"` * - `"kms:ReEncryptFrom"` * - `"kms:ReEncryptTo"` * - `"kms:GenerateDataKey"` * - `"kms:ListAliases"` * - `"kms:ListGrants"` * - `"kms:RevokeGrant"` * * The caller (either user or IAM role) to all DataPlane operations ( `PutRecord` , `GetRecord` , `DeleteRecord` ) must have the following permissions to the `KmsKeyId` : * * - `"kms:Decrypt"` */ kmsKeyId?: pulumi.Input; } interface FeatureGroupS3StorageConfigArgs { /** * The AWS Key Management Service (KMS) key ARN of the key used to encrypt any objects written into the `OfflineStore` S3 location. * * The IAM `roleARN` that is passed as a parameter to `CreateFeatureGroup` must have below permissions to the `KmsKeyId` : * * - `"kms:GenerateDataKey"` */ kmsKeyId?: pulumi.Input; /** * The S3 URI, or location in Amazon S3, of `OfflineStore` . * * S3 URIs have a format similar to the following: `s3://example-bucket/prefix/` . */ s3Uri: pulumi.Input; } interface FeatureGroupThroughputConfigArgs { /** * For provisioned feature groups with online store enabled, this indicates the read throughput you are billed for and can consume without throttling. */ provisionedReadCapacityUnits?: pulumi.Input; /** * For provisioned feature groups, this indicates the write throughput you are billed for and can consume without throttling. */ provisionedWriteCapacityUnits?: pulumi.Input; /** * The mode used for your feature group throughput: `ON_DEMAND` or `PROVISIONED` . */ throughputMode: pulumi.Input; } /** * TTL configuration of the feature group */ interface FeatureGroupTtlDurationArgs { /** * `TtlDuration` time unit. */ unit?: pulumi.Input; /** * `TtlDuration` time value. */ value?: pulumi.Input; } interface InferenceComponentAlarmArgs { /** * The name of a CloudWatch alarm in your account. */ alarmName: pulumi.Input; } interface InferenceComponentAutoRollbackConfigurationArgs { alarms: pulumi.Input[]>; } /** * Capacity size configuration for the inference component */ interface InferenceComponentCapacitySizeArgs { /** * Specifies the endpoint capacity type. * * - **COPY_COUNT** - The endpoint activates based on the number of inference component copies. * - **CAPACITY_PERCENT** - The endpoint activates based on the specified percentage of capacity. */ type: pulumi.Input; /** * Defines the capacity size, either as a number of inference component copies or a capacity percentage. */ value: pulumi.Input; } interface InferenceComponentComputeResourceRequirementsArgs { /** * The maximum MB of memory to allocate to run a model that you assign to an inference component. */ maxMemoryRequiredInMb?: pulumi.Input; /** * The minimum MB of memory to allocate to run a model that you assign to an inference component. */ minMemoryRequiredInMb?: pulumi.Input; /** * The number of accelerators to allocate to run a model that you assign to an inference component. Accelerators include GPUs and AWS Inferentia. */ numberOfAcceleratorDevicesRequired?: pulumi.Input; /** * The number of CPU cores to allocate to run a model that you assign to an inference component. */ numberOfCpuCoresRequired?: pulumi.Input; } interface InferenceComponentContainerSpecificationArgs { /** * The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). */ artifactUrl?: pulumi.Input; deployedImage?: pulumi.Input; /** * The environment variables to set in the Docker container. Each key and value in the Environment string-to-string map can have length of up to 1024. We support up to 16 entries in the map. */ environment?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The Amazon Elastic Container Registry (Amazon ECR) path where the Docker image for the model is stored. */ image?: pulumi.Input; } interface InferenceComponentDeployedImageArgs { /** * The date and time when the image path for the model resolved to the `ResolvedImage` */ resolutionTime?: pulumi.Input; /** * The specific digest path of the image hosted in this `ProductionVariant` . */ resolvedImage?: pulumi.Input; /** * The image path you specified when you created the model. */ specifiedImage?: pulumi.Input; } /** * The deployment config for the inference component */ interface InferenceComponentDeploymentConfigArgs { autoRollbackConfiguration?: pulumi.Input; /** * Specifies a rolling deployment strategy for updating a SageMaker AI endpoint. */ rollingUpdatePolicy?: pulumi.Input; } /** * The rolling update policy for the inference component */ interface InferenceComponentRollingUpdatePolicyArgs { /** * The batch size for each rolling step in the deployment process. For each step, SageMaker AI provisions capacity on the new endpoint fleet, routes traffic to that fleet, and terminates capacity on the old endpoint fleet. The value must be between 5% to 50% of the copy count of the inference component. */ maximumBatchSize?: pulumi.Input; /** * The time limit for the total deployment. Exceeding this limit causes a timeout. */ maximumExecutionTimeoutInSeconds?: pulumi.Input; /** * The batch size for a rollback to the old endpoint fleet. If this field is absent, the value is set to the default, which is 100% of the total capacity. When the default is used, SageMaker AI provisions the entire capacity of the old fleet at once during rollback. */ rollbackMaximumBatchSize?: pulumi.Input; /** * The length of the baking period, during which SageMaker AI monitors alarms for each batch on the new fleet. */ waitIntervalInSeconds?: pulumi.Input; } /** * The runtime config for the inference component */ interface InferenceComponentRuntimeConfigArgs { /** * The number of runtime copies of the model container to deploy with the inference component. Each copy can serve inference requests. */ copyCount?: pulumi.Input; currentCopyCount?: pulumi.Input; desiredCopyCount?: pulumi.Input; } /** * The specification for the inference component */ interface InferenceComponentSpecificationArgs { /** * The name of an existing inference component that is to contain the inference component that you're creating with your request. * * Specify this parameter only if your request is meant to create an adapter inference component. An adapter inference component contains the path to an adapter model. The purpose of the adapter model is to tailor the inference output of a base foundation model, which is hosted by the base inference component. The adapter inference component uses the compute resources that you assigned to the base inference component. * * When you create an adapter inference component, use the `Container` parameter to specify the location of the adapter artifacts. In the parameter value, use the `ArtifactUrl` parameter of the `InferenceComponentContainerSpecification` data type. * * Before you can create an adapter inference component, you must have an existing inference component that contains the foundation model that you want to adapt. */ baseInferenceComponentName?: pulumi.Input; /** * The compute resources allocated to run the model, plus any adapter models, that you assign to the inference component. * * Omit this parameter if your request is meant to create an adapter inference component. An adapter inference component is loaded by a base inference component, and it uses the compute resources of the base inference component. */ computeResourceRequirements?: pulumi.Input; /** * Defines a container that provides the runtime environment for a model that you deploy with an inference component. */ container?: pulumi.Input; /** * The name of an existing SageMaker AI model object in your account that you want to deploy with the inference component. */ modelName?: pulumi.Input; /** * Settings that take effect while the model container starts up. */ startupParameters?: pulumi.Input; } interface InferenceComponentStartupParametersArgs { /** * The timeout value, in seconds, for your inference container to pass health check by Amazon S3 Hosting. For more information about health check, see [How Your Container Should Respond to Health Check (Ping) Requests](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-inference-code.html#your-algorithms-inference-algo-ping-requests) . */ containerStartupHealthCheckTimeoutInSeconds?: pulumi.Input; /** * The timeout value, in seconds, to download and extract the model that you want to host from Amazon S3 to the individual inference instance associated with this inference component. */ modelDataDownloadTimeoutInSeconds?: pulumi.Input; } /** * Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data. */ interface InferenceExperimentCaptureContentTypeHeaderArgs { /** * The list of all content type headers that SageMaker will treat as CSV and capture accordingly. */ csvContentTypes?: pulumi.Input[]>; /** * The list of all content type headers that SageMaker will treat as JSON and capture accordingly. */ jsonContentTypes?: pulumi.Input[]>; } /** * The Amazon S3 location and configuration for storing inference request and response data. */ interface InferenceExperimentDataStorageConfigArgs { /** * Configuration specifying how to treat different headers. If no headers are specified SageMaker will by default base64 encode when capturing the data. */ contentType?: pulumi.Input; /** * The Amazon S3 bucket where the inference request and response data is stored. */ destination: pulumi.Input; /** * The AWS Key Management Service key that Amazon SageMaker uses to encrypt captured data at rest using Amazon S3 server-side encryption. */ kmsKey?: pulumi.Input; } /** * The configuration for the infrastructure that the model will be deployed to. */ interface InferenceExperimentModelInfrastructureConfigArgs { /** * The type of the inference experiment that you want to run. */ infrastructureType: pulumi.Input; /** * The infrastructure configuration for deploying the model to real-time inference. */ realTimeInferenceConfig: pulumi.Input; } /** * Contains information about the deployment options of a model. */ interface InferenceExperimentModelVariantConfigArgs { /** * The configuration for the infrastructure that the model will be deployed to. */ infrastructureConfig: pulumi.Input; /** * The name of the Amazon SageMaker Model entity. */ modelName: pulumi.Input; /** * The name of the variant. */ variantName: pulumi.Input; } /** * The infrastructure configuration for deploying the model to a real-time inference endpoint. */ interface InferenceExperimentRealTimeInferenceConfigArgs { /** * The number of instances of the type specified by InstanceType. */ instanceCount: pulumi.Input; /** * The instance type the model is deployed to. */ instanceType: pulumi.Input; } /** * The duration for which you want the inference experiment to run. */ interface InferenceExperimentScheduleArgs { /** * The timestamp at which the inference experiment ended or will end. */ endTime?: pulumi.Input; /** * The timestamp at which the inference experiment started or will start. */ startTime?: pulumi.Input; } /** * The configuration of ShadowMode inference experiment type. Use this field to specify a production variant which takes all the inference requests, and a shadow variant to which Amazon SageMaker replicates a percentage of the inference requests. For the shadow variant also specify the percentage of requests that Amazon SageMaker replicates. */ interface InferenceExperimentShadowModeConfigArgs { /** * List of shadow variant configurations. */ shadowModelVariants: pulumi.Input[]>; /** * The name of the production variant, which takes all the inference requests. */ sourceModelVariantName: pulumi.Input; } /** * The name and sampling percentage of a shadow variant. */ interface InferenceExperimentShadowModelVariantConfigArgs { /** * The percentage of inference requests that Amazon SageMaker replicates from the production variant to the shadow variant. */ samplingPercentage: pulumi.Input; /** * The name of the shadow variant. */ shadowModelVariantName: pulumi.Input; } /** * The access configuration file to control access to the ML model. You can explicitly accept the model end-user license agreement (EULA) within the `ModelAccessConfig`. */ interface ModelAccessConfigArgs { /** * Specifies agreement to the model end-user license agreement (EULA). The `AcceptEula` value must be explicitly defined as `True` in order to accept the EULA that this model requires. You are responsible for reviewing and complying with any applicable license terms and making sure they are acceptable for your use case before downloading or using a model. */ acceptEula: pulumi.Input; } /** * The batch transform input for a monitoring job. */ interface ModelBiasJobDefinitionBatchTransformInputArgs { /** * A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. */ dataCapturedDestinationS3Uri: pulumi.Input; /** * The dataset format for your batch transform job. */ datasetFormat: pulumi.Input; /** * Monitoring end time offset, e.g. PT0H */ endTimeOffset?: pulumi.Input; /** * JSONpath to locate features in JSONlines dataset */ featuresAttribute?: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * The threshold for the class probability to be evaluated as a positive result. */ probabilityThresholdAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; /** * Monitoring start time offset, e.g. -PT1H */ startTimeOffset?: pulumi.Input; } /** * Configuration for the cluster used to run model monitoring jobs. */ interface ModelBiasJobDefinitionClusterConfigArgs { /** * The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * The baseline constraints resource for a monitoring job. */ interface ModelBiasJobDefinitionConstraintsResourceArgs { /** * The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. */ s3Uri?: pulumi.Input; } /** * The CSV format */ interface ModelBiasJobDefinitionCsvArgs { /** * A boolean flag indicating if given CSV has header */ header?: pulumi.Input; } /** * The dataset format of the data to monitor */ interface ModelBiasJobDefinitionDatasetFormatArgs { csv?: pulumi.Input; json?: pulumi.Input; parquet?: pulumi.Input; } /** * The endpoint for a monitoring job. */ interface ModelBiasJobDefinitionEndpointInputArgs { /** * Monitoring end time offset, e.g. PT0H */ endTimeOffset?: pulumi.Input; /** * An endpoint in customer's account which has enabled `DataCaptureConfig` enabled. */ endpointName: pulumi.Input; /** * JSONpath to locate features in JSONlines dataset */ featuresAttribute?: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * The threshold for the class probability to be evaluated as a positive result. */ probabilityThresholdAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; /** * Monitoring start time offset, e.g. -PT1H */ startTimeOffset?: pulumi.Input; } /** * The Json format */ interface ModelBiasJobDefinitionJsonArgs { /** * A boolean flag indicating if it is JSON line format */ line?: pulumi.Input; } /** * Container image configuration object for the monitoring job. */ interface ModelBiasJobDefinitionModelBiasAppSpecificationArgs { /** * The S3 URI to an analysis configuration file */ configUri: pulumi.Input; /** * Sets the environment variables in the Docker container */ environment?: any; /** * The container image to be run by the monitoring job. */ imageUri: pulumi.Input; } /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics. */ interface ModelBiasJobDefinitionModelBiasBaselineConfigArgs { /** * The name of the baseline model bias job. */ baseliningJobName?: pulumi.Input; /** * The constraints resource for a monitoring job. */ constraintsResource?: pulumi.Input; } /** * The inputs for a monitoring job. */ interface ModelBiasJobDefinitionModelBiasJobInputArgs { /** * Input object for the batch transform job. */ batchTransformInput?: pulumi.Input; /** * Input object for the endpoint */ endpointInput?: pulumi.Input; /** * Location of ground truth labels to use in model bias job. */ groundTruthS3Input: pulumi.Input; } /** * Ground truth input provided in S3 */ interface ModelBiasJobDefinitionMonitoringGroundTruthS3InputArgs { /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * The output object for a monitoring job. */ interface ModelBiasJobDefinitionMonitoringOutputArgs { /** * The Amazon S3 storage location where the results of a monitoring job are saved. */ s3Output: pulumi.Input; } /** * The output configuration for monitoring jobs. */ interface ModelBiasJobDefinitionMonitoringOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. */ monitoringOutputs: pulumi.Input[]>; } /** * Identifies the resources to deploy for a monitoring job. */ interface ModelBiasJobDefinitionMonitoringResourcesArgs { /** * The configuration for the cluster resources used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface ModelBiasJobDefinitionNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ vpcConfig?: pulumi.Input; } /** * Information about where and how to store the results of a monitoring job. */ interface ModelBiasJobDefinitionS3OutputArgs { /** * The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. */ localPath: pulumi.Input; /** * Whether to upload the results of the monitoring job continuously or after the job completes. */ s3UploadMode?: pulumi.Input; /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * Specifies a time limit for how long the monitoring job is allowed to run. */ interface ModelBiasJobDefinitionStoppingConditionArgs { /** * The maximum runtime allowed in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ interface ModelBiasJobDefinitionVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. */ subnets: pulumi.Input[]>; } interface ModelCardAdditionalInformationArgs { /** * Caveats and recommendations for people who might use this model in their applications. */ caveatsAndRecommendations?: pulumi.Input; /** * customer details. */ customDetails?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Any ethical considerations that the author wants to provide. */ ethicalConsiderations?: pulumi.Input; } interface ModelCardBarChartMetricArgs { name: pulumi.Input; notes?: pulumi.Input; type: pulumi.Input; value: pulumi.Input[]>; xAxisName?: pulumi.Input[]>; yAxisName?: pulumi.Input; } /** * Business details. */ interface ModelCardBusinessDetailsArgs { /** * What business problem does the model solve? */ businessProblem?: pulumi.Input; /** * Business stakeholders. */ businessStakeholders?: pulumi.Input; /** * Line of business. */ lineOfBusiness?: pulumi.Input; } interface ModelCardContainerArgs { /** * Inference environment path. The Amazon EC2 Container Registry (Amazon ECR) path where inference code is stored. */ image: pulumi.Input; /** * The Amazon S3 path where the model artifacts, which result from model training, are stored. */ modelDataUrl?: pulumi.Input; /** * The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. */ nearestModelName?: pulumi.Input; } /** * The content of the model card. */ interface ModelCardContentArgs { /** * Additional information about the model. */ additionalInformation?: pulumi.Input; /** * Information about how the model supports business goals. */ businessDetails?: pulumi.Input; /** * An overview about the model's evaluation. */ evaluationDetails?: pulumi.Input[]>; /** * The intended usage of the model. */ intendedUses?: pulumi.Input; /** * An overview about the model */ modelOverview?: pulumi.Input; modelPackageDetails?: pulumi.Input; /** * An overview about model training. */ trainingDetails?: pulumi.Input; } /** * item of evaluation details */ interface ModelCardEvaluationDetailArgs { datasets?: pulumi.Input[]>; evaluationJobArn?: pulumi.Input; evaluationObservation?: pulumi.Input; /** * additional attributes associated with the evaluation results. */ metadata?: pulumi.Input<{ [key: string]: pulumi.Input; }>; metricGroups?: pulumi.Input[]>; name: pulumi.Input; } interface ModelCardInferenceSpecificationArgs { /** * Contains inference related information which were used to create model package. */ containers: pulumi.Input[]>; } /** * Intended usage of model. */ interface ModelCardIntendedUsesArgs { /** * An explanation of why your organization categorizes the model with its risk rating. */ explanationsForRiskRating?: pulumi.Input; /** * Factors affecting model efficacy. */ factorsAffectingModelEfficiency?: pulumi.Input; /** * intended use cases. */ intendedUses?: pulumi.Input; /** * Why the model was developed? */ purposeOfModel?: pulumi.Input; /** * Your organization's risk rating. You can specify one the following values as the risk rating: * * - High * - Medium * - Low * - Unknown */ riskRating?: pulumi.Input; } /** * Linear graph metric. */ interface ModelCardLinearGraphMetricArgs { name: pulumi.Input; notes?: pulumi.Input; type: pulumi.Input; value: pulumi.Input[]>[]>; xAxisName?: pulumi.Input; yAxisName?: pulumi.Input; } interface ModelCardMatrixMetricArgs { name: pulumi.Input; notes?: pulumi.Input; type: pulumi.Input; value: pulumi.Input[]>[]>; xAxisName?: pulumi.Input[]>; yAxisName?: pulumi.Input[]>; } /** * item in metric groups */ interface ModelCardMetricGroupArgs { metricData: pulumi.Input[]>; name: pulumi.Input; } /** * Overview about the model. */ interface ModelCardModelOverviewArgs { /** * Algorithm used to solve the problem. */ algorithmType?: pulumi.Input; /** * Overview about the inference. */ inferenceEnvironment?: pulumi.Input; /** * Location of the model artifact. */ modelArtifact?: pulumi.Input[]>; /** * Creator of model. */ modelCreator?: pulumi.Input; /** * description of model. */ modelDescription?: pulumi.Input; /** * SageMaker Model Arn or Non SageMaker Model id. */ modelId?: pulumi.Input; /** * Name of the model. */ modelName?: pulumi.Input; /** * Owner of model. */ modelOwner?: pulumi.Input; /** * Version of the model. */ modelVersion?: pulumi.Input; /** * Problem being solved with the model. */ problemType?: pulumi.Input; } /** * Overview about the inference. */ interface ModelCardModelOverviewInferenceEnvironmentPropertiesArgs { /** * SageMaker inference image uri. */ containerImage?: pulumi.Input[]>; } interface ModelCardModelPackageCreatorArgs { /** * The name of the user's profile in Studio */ userProfileName?: pulumi.Input; } /** * Metadata information related to model package version */ interface ModelCardModelPackageDetailsArgs { /** * A description provided for the model approval */ approvalDescription?: pulumi.Input; /** * Information about the user who created model package. */ createdBy?: pulumi.Input; /** * The machine learning domain of the model package you specified. Common machine learning domains include computer vision and natural language processing. */ domain?: pulumi.Input; /** * Details about inference jobs that can be run with models based on this model package. */ inferenceSpecification?: pulumi.Input; /** * Current approval status of model package */ modelApprovalStatus?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the model package */ modelPackageArn?: pulumi.Input; /** * A brief summary of the model package */ modelPackageDescription?: pulumi.Input; /** * If the model is a versioned model, the name of the model group that the versioned model belongs to. */ modelPackageGroupName?: pulumi.Input; /** * Name of the model package */ modelPackageName?: pulumi.Input; /** * Current status of model package */ modelPackageStatus?: pulumi.Input; /** * Version of the model package */ modelPackageVersion?: pulumi.Input; /** * A list of algorithms that were used to create a model package. */ sourceAlgorithms?: pulumi.Input[]>; /** * The machine learning task you specified that your model package accomplishes. Common machine learning tasks include object detection and image classification. */ task?: pulumi.Input; } /** * the objective function the model will optimize for. */ interface ModelCardObjectiveFunctionArgs { /** * objective function that training job is optimized for. */ function?: pulumi.Input; /** * Notes about the object function, including other considerations for possible objective functions. */ notes?: pulumi.Input; } /** * objective function that training job is optimized for. */ interface ModelCardObjectiveFunctionFunctionPropertiesArgs { condition?: pulumi.Input; facet?: pulumi.Input; function?: pulumi.Input; } /** * An optional Key Management Service key to encrypt, decrypt, and re-encrypt model card content for regulated workloads with highly sensitive data. */ interface ModelCardSecurityConfigArgs { /** * A Key Management Service key ID to use for encrypting a model card. */ kmsKeyId?: pulumi.Input; } /** * metric data */ interface ModelCardSimpleMetricArgs { name: pulumi.Input; notes?: pulumi.Input; type: pulumi.Input; value: pulumi.Input; xAxisName?: pulumi.Input; yAxisName?: pulumi.Input; } interface ModelCardSourceAlgorithmArgs { /** * The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your SageMaker account or an algorithm in AWS Marketplace that you are subscribed to. */ algorithmName: pulumi.Input; /** * The Amazon S3 path where the model artifacts, which result from model training, are stored. */ modelDataUrl?: pulumi.Input; } /** * Overview about the training. */ interface ModelCardTrainingDetailsArgs { /** * The function that is optimized during model training. */ objectiveFunction?: pulumi.Input; /** * Details about any associated training jobs. */ trainingJobDetails?: pulumi.Input; /** * Any observations about training. */ trainingObservations?: pulumi.Input; } /** * Details about any associated training jobs. */ interface ModelCardTrainingDetailsTrainingJobDetailsPropertiesArgs { hyperParameters?: pulumi.Input[]>; /** * SageMaker Training job arn. */ trainingArn?: pulumi.Input; /** * Location of the model datasets. */ trainingDatasets?: pulumi.Input[]>; trainingEnvironment?: pulumi.Input; trainingMetrics?: pulumi.Input[]>; userProvidedHyperParameters?: pulumi.Input[]>; userProvidedTrainingMetrics?: pulumi.Input[]>; } interface ModelCardTrainingDetailsTrainingJobDetailsPropertiesTrainingEnvironmentPropertiesArgs { /** * SageMaker training image uri. */ containerImage?: pulumi.Input[]>; } /** * training hyper parameter */ interface ModelCardTrainingHyperParameterArgs { /** * The name of the hyper parameter. */ name: pulumi.Input; /** * The value specified for the hyper parameter. */ value: pulumi.Input; } /** * training metric data. */ interface ModelCardTrainingMetricArgs { /** * The name of the result from the SageMaker AI training job. */ name: pulumi.Input; /** * Any additional notes describing the result of the training job. */ notes?: pulumi.Input; /** * The value of a result from the SageMaker AI training job. */ value: pulumi.Input; } /** * Information about the user who created or modified an experiment, trial, trial component, lineage group, project, or model card. */ interface ModelCardUserContextArgs { /** * The domain associated with the user. */ domainId?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the user's profile. */ userProfileArn?: pulumi.Input; /** * The name of the user's profile. */ userProfileName?: pulumi.Input; } /** * Describes the container, as part of model definition. */ interface ModelContainerDefinitionArgs { /** * This parameter is ignored for models that contain only a PrimaryContainer. * * When a ContainerDefinition is part of an inference pipeline, the value of the parameter uniquely identifies the container for the purposes of logging and metrics. For information, see [Use Logs and Metrics to Monitor an Inference Pipeline](https://docs.aws.amazon.com/sagemaker/latest/dg/inference-pipeline-logs-metrics.html). If you don't specify a value for this parameter for a ContainerDefinition that is part of an inference pipeline, a unique name is automatically assigned based on the position of the ContainerDefinition in the pipeline. If you specify a value for the ContainerHostName for any ContainerDefinition that is part of an inference pipeline, you must specify a value for the ContainerHostName parameter of every ContainerDefinition in that pipeline. */ containerHostname?: pulumi.Input; /** * The environment variables to set in the Docker container. Don't include any sensitive data in your environment variables. * * The maximum length of each key and value in the Environment map is 1024 bytes. The maximum length of all keys and values in the map, combined, is 32 KB. If you pass multiple containers to a CreateModel request, then the maximum length of all of their maps, combined, is also 32 KB. */ environment?: any; /** * The path where inference code is stored. This can be either in Amazon EC2 Container Registry or in a Docker registry that is accessible from the same VPC that you configure for your endpoint. If you are using your own custom algorithm instead of an algorithm provided by SageMaker, the inference code must meet SageMaker requirements. SageMaker supports both registry/repository[:tag] and registry/repository[@digest] image path formats. For more information, see [Using Your Own Algorithms with Amazon SageMaker](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms.html). */ image?: pulumi.Input; /** * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). For information about storing containers in a private Docker registry, see [Use a Private Docker Registry for Real-Time Inference Containers](https://docs.aws.amazon.com/sagemaker/latest/dg/your-algorithms-containers-inference-private.html) . * * > The model artifacts in an Amazon S3 bucket and the Docker image for inference container in Amazon EC2 Container Registry must be in the same region as the model or endpoint you are creating. */ imageConfig?: pulumi.Input; /** * The inference specification name in the model package version. */ inferenceSpecificationName?: pulumi.Input; /** * Whether the container hosts a single model or multiple models. */ mode?: pulumi.Input; /** * Specifies the location of ML model data to deploy. * * > Currently you cannot use `ModelDataSource` in conjunction with SageMaker batch transform, SageMaker serverless endpoints, SageMaker multi-model endpoints, and SageMaker Marketplace. */ modelDataSource?: pulumi.Input; /** * The S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). The S3 path is required for SageMaker built-in algorithms, but not if you use your own algorithms. For more information on built-in algorithms, see [Common Parameters](https://docs.aws.amazon.com/sagemaker/latest/dg/sagemaker-algo-docker-registry-paths.html). * * If you provide a value for this parameter, SageMaker uses AWS Security Token Service to download model artifacts from the S3 path you provide. AWS STS is activated in your AWS account by default. If you previously deactivated AWS STS for a region, you need to reactivate AWS STS for that region. For more information, see [Activating and Deactivating AWS STS in an AWS Region](https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_temp_enable-regions.html) in the AWS Identity and Access Management User Guide */ modelDataUrl?: pulumi.Input; /** * The name or Amazon Resource Name (ARN) of the model package to use to create the model. */ modelPackageName?: pulumi.Input; /** * Specifies additional configuration for multi-model endpoints. */ multiModelConfig?: pulumi.Input; } /** * Specifies the location of ML model data to deploy. If specified, you must specify one and only one of the available data sources. */ interface ModelDataSourceArgs { /** * Specifies the S3 location of ML model data to deploy. */ s3DataSource: pulumi.Input; } /** * The batch transform input for a monitoring job. */ interface ModelExplainabilityJobDefinitionBatchTransformInputArgs { /** * A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. */ dataCapturedDestinationS3Uri: pulumi.Input; /** * The dataset format for your batch transform job. */ datasetFormat: pulumi.Input; /** * JSONpath to locate features in JSONlines dataset */ featuresAttribute?: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * Configuration for the cluster used to run model monitoring jobs. */ interface ModelExplainabilityJobDefinitionClusterConfigArgs { /** * The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * The baseline constraints resource for a monitoring job. */ interface ModelExplainabilityJobDefinitionConstraintsResourceArgs { /** * The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. */ s3Uri?: pulumi.Input; } /** * The CSV format */ interface ModelExplainabilityJobDefinitionCsvArgs { /** * A boolean flag indicating if given CSV has header */ header?: pulumi.Input; } /** * The dataset format of the data to monitor */ interface ModelExplainabilityJobDefinitionDatasetFormatArgs { csv?: pulumi.Input; json?: pulumi.Input; parquet?: pulumi.Input; } /** * The endpoint for a monitoring job. */ interface ModelExplainabilityJobDefinitionEndpointInputArgs { /** * An endpoint in customer's account which has enabled `DataCaptureConfig` enabled. */ endpointName: pulumi.Input; /** * JSONpath to locate features in JSONlines dataset */ featuresAttribute?: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * The Json format */ interface ModelExplainabilityJobDefinitionJsonArgs { /** * A boolean flag indicating if it is JSON line format */ line?: pulumi.Input; } /** * Container image configuration object for the monitoring job. */ interface ModelExplainabilityJobDefinitionModelExplainabilityAppSpecificationArgs { /** * The S3 URI to an analysis configuration file */ configUri: pulumi.Input; /** * Sets the environment variables in the Docker container */ environment?: any; /** * The container image to be run by the monitoring job. */ imageUri: pulumi.Input; } /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics. */ interface ModelExplainabilityJobDefinitionModelExplainabilityBaselineConfigArgs { /** * The name of the baseline model explainability job. */ baseliningJobName?: pulumi.Input; /** * The constraints resource for a model explainability job. */ constraintsResource?: pulumi.Input; } /** * The inputs for a monitoring job. */ interface ModelExplainabilityJobDefinitionModelExplainabilityJobInputArgs { /** * Input object for the batch transform job. */ batchTransformInput?: pulumi.Input; /** * Input object for the endpoint */ endpointInput?: pulumi.Input; } /** * The output object for a monitoring job. */ interface ModelExplainabilityJobDefinitionMonitoringOutputArgs { /** * The Amazon S3 storage location where the results of a monitoring job are saved. */ s3Output: pulumi.Input; } /** * The output configuration for monitoring jobs. */ interface ModelExplainabilityJobDefinitionMonitoringOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. */ monitoringOutputs: pulumi.Input[]>; } /** * Identifies the resources to deploy for a monitoring job. */ interface ModelExplainabilityJobDefinitionMonitoringResourcesArgs { /** * The configuration for the cluster resources used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface ModelExplainabilityJobDefinitionNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ vpcConfig?: pulumi.Input; } /** * Information about where and how to store the results of a monitoring job. */ interface ModelExplainabilityJobDefinitionS3OutputArgs { /** * The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. */ localPath: pulumi.Input; /** * Whether to upload the results of the monitoring job continuously or after the job completes. */ s3UploadMode?: pulumi.Input; /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * Specifies a time limit for how long the monitoring job is allowed to run. */ interface ModelExplainabilityJobDefinitionStoppingConditionArgs { /** * The maximum runtime allowed in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ interface ModelExplainabilityJobDefinitionVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. */ subnets: pulumi.Input[]>; } /** * Configuration information specifying which hub contents have accessible deployment options. */ interface ModelHubAccessConfigArgs { /** * The ARN of the hub content for which deployment access is allowed. */ hubContentArn: pulumi.Input; } /** * Specifies whether the model container is in Amazon ECR or a private Docker registry accessible from your Amazon Virtual Private Cloud (VPC). */ interface ModelImageConfigArgs { /** * Set this to one of the following values: Platform - The model image is hosted in Amazon ECR. Vpc - The model image is hosted in a private Docker registry in your VPC. */ repositoryAccessMode: pulumi.Input; /** * (Optional) Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field, and the private Docker registry where the model image is hosted requires authentication. */ repositoryAuthConfig?: pulumi.Input; } /** * Specifies details about how containers in a multi-container endpoint are run. */ interface ModelInferenceExecutionConfigArgs { /** * How containers in a multi-container are run. */ mode: pulumi.Input; } /** * Specifies additional configuration for multi-model endpoints. */ interface ModelMultiModelConfigArgs { /** * Whether to cache models for a multi-model endpoint. By default, multi-model endpoints cache models so that a model does not have to be loaded into memory each time it is invoked. Some use cases do not benefit from model caching. For example, if an endpoint hosts a large number of models that are each invoked infrequently, the endpoint might perform better if you disable model caching. To disable model caching, set the value of this parameter to `Disabled`. */ modelCacheSetting?: pulumi.Input; } /** * Additional Inference Specification specifies details about inference jobs that can be run with models based on this model package.AdditionalInferenceSpecifications can be added to existing model packages using AdditionalInferenceSpecificationsToAdd. */ interface ModelPackageAdditionalInferenceSpecificationDefinitionArgs { /** * The Amazon ECR registry path of the Docker image that contains the inference code. */ containers: pulumi.Input[]>; /** * A description of the additional Inference specification. */ description?: pulumi.Input; /** * A unique name to identify the additional inference specification. The name must be unique within the list of your additional inference specifications for a particular model package. */ name: pulumi.Input; /** * The supported MIME types for the input data. */ supportedContentTypes?: pulumi.Input[]>; /** * A list of the instance types that are used to generate inferences in real-time */ supportedRealtimeInferenceInstanceTypes?: pulumi.Input[]>; /** * The supported MIME types for the output data. */ supportedResponseMimeTypes?: pulumi.Input[]>; /** * A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed. */ supportedTransformInstanceTypes?: pulumi.Input[]>; } /** * Contains bias metrics for a model. */ interface ModelPackageBiasArgs { /** * The post-training bias report for a model. */ postTrainingReport?: pulumi.Input; /** * The pre-training bias report for a model. */ preTrainingReport?: pulumi.Input; /** * The bias report for a model */ report?: pulumi.Input; } /** * Describes the Docker container for the model package. */ interface ModelPackageContainerDefinitionArgs { /** * The DNS host name for the Docker container. */ containerHostname?: pulumi.Input; environment?: pulumi.Input; /** * The machine learning framework of the model package container image. */ framework?: pulumi.Input; /** * The framework version of the Model Package Container Image. */ frameworkVersion?: pulumi.Input; /** * The Amazon EC2 Container Registry (Amazon ECR) path where inference code is stored. */ image: pulumi.Input; /** * An MD5 hash of the training algorithm that identifies the Docker image used for training. */ imageDigest?: pulumi.Input; modelDataSource?: pulumi.Input; /** * A structure with Model Input details. */ modelDataUrl?: pulumi.Input; modelInput?: pulumi.Input; /** * The name of a pre-trained machine learning benchmarked by Amazon SageMaker Inference Recommender model that matches your model. */ nearestModelName?: pulumi.Input; } interface ModelPackageContainerDefinitionModelInputPropertiesArgs { /** * The input configuration object for the model. */ dataInputConfig: pulumi.Input; } /** * The metadata properties associated with the model package versions. */ interface ModelPackageCustomerMetadataPropertiesArgs { } /** * Describes the input source of a transform job and the way the transform job consumes it. */ interface ModelPackageDataSourceArgs { /** * The S3 location of the data source that is associated with a channel. */ s3DataSource: pulumi.Input; } /** * Represents the drift check baselines that can be used when the model monitor is set using the model package. */ interface ModelPackageDriftCheckBaselinesArgs { /** * Represents the drift check bias baselines that can be used when the model monitor is set using the model package. */ bias?: pulumi.Input; /** * Represents the drift check explainability baselines that can be used when the model monitor is set using the model package. */ explainability?: pulumi.Input; /** * Represents the drift check model data quality baselines that can be used when the model monitor is set using the model package. */ modelDataQuality?: pulumi.Input; /** * Represents the drift check model quality baselines that can be used when the model monitor is set using the model package. */ modelQuality?: pulumi.Input; } /** * Represents the drift check bias baselines that can be used when the model monitor is set using the model package. */ interface ModelPackageDriftCheckBiasArgs { /** * The bias config file for a model. */ configFile?: pulumi.Input; /** * The post-training constraints. */ postTrainingConstraints?: pulumi.Input; /** * The pre-training constraints. */ preTrainingConstraints?: pulumi.Input; } /** * Contains explainability metrics for a model. */ interface ModelPackageDriftCheckExplainabilityArgs { /** * The explainability config file for the model. */ configFile?: pulumi.Input; /** * The drift check explainability constraints. */ constraints?: pulumi.Input; } /** * Represents the drift check data quality baselines that can be used when the model monitor is set using the model package. */ interface ModelPackageDriftCheckModelDataQualityArgs { /** * The drift check model data quality constraints. */ constraints?: pulumi.Input; /** * The drift check model data quality statistics. */ statistics?: pulumi.Input; } /** * Represents the drift check model quality baselines that can be used when the model monitor is set using the model package. */ interface ModelPackageDriftCheckModelQualityArgs { /** * The drift check model quality constraints. */ constraints?: pulumi.Input; /** * The drift check model quality statistics. */ statistics?: pulumi.Input; } /** * Sets the environment variables in the Docker container */ interface ModelPackageEnvironmentArgs { } /** * Contains explainability metrics for a model. */ interface ModelPackageExplainabilityArgs { /** * The explainability report for a model. */ report?: pulumi.Input; } /** * Represents a File Source Object. */ interface ModelPackageFileSourceArgs { /** * The digest of the file source. */ contentDigest?: pulumi.Input; /** * The type of content stored in the file source. */ contentType?: pulumi.Input; /** * The Amazon S3 URI for the file source. */ s3Uri: pulumi.Input; } /** * Details about inference jobs that can be run with models based on this model package. */ interface ModelPackageInferenceSpecificationArgs { /** * The Amazon ECR registry path of the Docker image that contains the inference code. */ containers: pulumi.Input[]>; /** * The supported MIME types for the input data. */ supportedContentTypes: pulumi.Input[]>; /** * A list of the instance types that are used to generate inferences in real-time */ supportedRealtimeInferenceInstanceTypes?: pulumi.Input[]>; /** * The supported MIME types for the output data. */ supportedResponseMimeTypes: pulumi.Input[]>; /** * A list of the instance types on which a transformation job can be run or on which an endpoint can be deployed. */ supportedTransformInstanceTypes?: pulumi.Input[]>; } /** * Metadata properties of the tracking entity, trial, or trial component. */ interface ModelPackageMetadataPropertiesArgs { /** * The commit ID. */ commitId?: pulumi.Input; /** * The entity this entity was generated by. */ generatedBy?: pulumi.Input; /** * The project ID metadata. */ projectId?: pulumi.Input; /** * The repository metadata. */ repository?: pulumi.Input; } /** * Represents a Metric Source Object. */ interface ModelPackageMetricsSourceArgs { /** * The digest of the metric source. */ contentDigest?: pulumi.Input; /** * The type of content stored in the metric source. */ contentType: pulumi.Input; /** * The Amazon S3 URI for the metric source. */ s3Uri: pulumi.Input; } /** * Specifies the access configuration file for the ML model. */ interface ModelPackageModelAccessConfigArgs { /** * Specifies agreement to the model end-user license agreement (EULA). */ acceptEula: pulumi.Input; } /** * The model card associated with the model package. */ interface ModelPackageModelCardArgs { /** * The content of the model card. */ modelCardContent: pulumi.Input; /** * The approval status of the model card within your organization. */ modelCardStatus: pulumi.Input; } /** * Metrics that measure the quality of the input data for a model. */ interface ModelPackageModelDataQualityArgs { /** * Data quality constraints for a model. */ constraints?: pulumi.Input; /** * Data quality statistics for a model. */ statistics?: pulumi.Input; } /** * Specifies the location of ML model data to deploy during endpoint creation. */ interface ModelPackageModelDataSourceArgs { s3DataSource?: pulumi.Input; } /** * A structure that contains model metrics reports. */ interface ModelPackageModelMetricsArgs { /** * Metrics that measure bias in a model. */ bias?: pulumi.Input; /** * Metrics that help explain a model. */ explainability?: pulumi.Input; /** * Metrics that measure the quality of the input data for a model. */ modelDataQuality?: pulumi.Input; /** * Metrics that measure the quality of a model. */ modelQuality?: pulumi.Input; } /** * Metrics that measure the quality of a model. */ interface ModelPackageModelQualityArgs { /** * Model quality constraints. */ constraints?: pulumi.Input; /** * Model quality statistics. */ statistics?: pulumi.Input; } /** * Describes the S3 data source. */ interface ModelPackageS3DataSourceArgs { /** * The S3 Data Source Type */ s3DataType: pulumi.Input; /** * Depending on the value specified for the S3DataType, identifies either a key name prefix or a manifest. */ s3Uri: pulumi.Input; } /** * Specifies the S3 location of ML model data to deploy. */ interface ModelPackageS3ModelDataSourceArgs { /** * Specifies how the ML model data is prepared. */ compressionType: pulumi.Input; modelAccessConfig?: pulumi.Input; /** * Specifies the type of ML model data to deploy. */ s3DataType: pulumi.Input; /** * Specifies the S3 path of ML model data to deploy. */ s3Uri: pulumi.Input; } /** * An optional AWS Key Management Service key to encrypt, decrypt, and re-encrypt model package information for regulated workloads with highly sensitive data. */ interface ModelPackageSecurityConfigArgs { /** * The AWS KMS Key ID (KMSKeyId) used for encryption of model package information. */ kmsKeyId: pulumi.Input; } /** * Specifies an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your Amazon SageMaker account or an algorithm in AWS Marketplace that you are subscribed to. */ interface ModelPackageSourceAlgorithmArgs { /** * The name of an algorithm that was used to create the model package. The algorithm must be either an algorithm resource in your Amazon SageMaker account or an algorithm in AWS Marketplace that you are subscribed to. */ algorithmName: pulumi.Input; /** * The Amazon S3 path where the model artifacts, which result from model training, are stored. This path must point to a single gzip compressed tar archive (.tar.gz suffix). */ modelDataUrl?: pulumi.Input; } /** * Details about the algorithm that was used to create the model package. */ interface ModelPackageSourceAlgorithmSpecificationArgs { /** * A list of algorithms that were used to create a model package. */ sourceAlgorithms: pulumi.Input[]>; } /** * Details about the current status of the model package. */ interface ModelPackageStatusDetailsArgs { /** * The validation status of the model package. */ validationStatuses?: pulumi.Input[]>; } /** * Represents the overall status of a model package. */ interface ModelPackageStatusItemArgs { /** * If the overall status is Failed, the reason for the failure. */ failureReason?: pulumi.Input; /** * The name of the model package for which the overall status is being reported. */ name: pulumi.Input; /** * The current status. */ status: pulumi.Input; } /** * Describes the input source of a transform job and the way the transform job consumes it. */ interface ModelPackageTransformInputArgs { /** * If your transform data is compressed, specify the compression type. Amazon SageMaker automatically decompresses the data for the transform job accordingly. The default value is None. */ compressionType?: pulumi.Input; /** * The multipurpose internet mail extension (MIME) type of the data. Amazon SageMaker uses the MIME type with each http call to transfer data to the transform job. */ contentType?: pulumi.Input; /** * Describes the location of the channel data, which is, the S3 location of the input data that the model can consume. */ dataSource: pulumi.Input; /** * The method to use to split the transform job's data files into smaller batches. */ splitType?: pulumi.Input; } /** * Defines the input needed to run a transform job using the inference specification specified in the algorithm. */ interface ModelPackageTransformJobDefinitionArgs { /** * A string that determines the number of records included in a single mini-batch. */ batchStrategy?: pulumi.Input; /** * The environment variables to set in the Docker container. We support up to 16 key and values entries in the map. */ environment?: pulumi.Input; /** * The maximum number of parallel requests that can be sent to each instance in a transform job. The default value is 1. */ maxConcurrentTransforms?: pulumi.Input; /** * The maximum payload size allowed, in MB. A payload is the data portion of a record (without metadata). */ maxPayloadInMb?: pulumi.Input; /** * A description of the input source and the way the transform job consumes it. */ transformInput: pulumi.Input; /** * Identifies the Amazon S3 location where you want Amazon SageMaker to save the results from the transform job. */ transformOutput: pulumi.Input; /** * Identifies the ML compute instances for the transform job. */ transformResources: pulumi.Input; } /** * Describes the results of a transform job. */ interface ModelPackageTransformOutputArgs { /** * The MIME type used to specify the output data. Amazon SageMaker uses the MIME type with each http call to transfer data from the transform job. */ accept?: pulumi.Input; /** * Defines how to assemble the results of the transform job as a single S3 object. */ assembleWith?: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * The Amazon S3 path where you want Amazon SageMaker to store the results of the transform job. */ s3OutputPath: pulumi.Input; } /** * Describes the resources, including ML instance types and ML instance count, to use for transform job. */ interface ModelPackageTransformResourcesArgs { /** * The number of ML compute instances to use in the transform job. For distributed transform jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the transform job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt model data on the storage volume attached to the ML compute instance(s) that run the batch transform job. */ volumeKmsKeyId?: pulumi.Input; } /** * Contains data, such as the inputs and targeted instance types that are used in the process of validating the model package. */ interface ModelPackageValidationProfileArgs { /** * The name of the profile for the model package. */ profileName: pulumi.Input; /** * The `TransformJobDefinition` object that describes the transform job used for the validation of the model package. */ transformJobDefinition: pulumi.Input; } /** * Specifies configurations for one or more transform jobs that Amazon SageMaker runs to test the model package. */ interface ModelPackageValidationSpecificationArgs { /** * An array of `ModelPackageValidationProfile` objects, each of which specifies a batch transform job that SageMaker runs to validate your model package. */ validationProfiles: pulumi.Input[]>; /** * The IAM roles to be used for the validation of the model package. */ validationRole: pulumi.Input; } /** * The batch transform input for a monitoring job. */ interface ModelQualityJobDefinitionBatchTransformInputArgs { /** * A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. */ dataCapturedDestinationS3Uri: pulumi.Input; /** * The dataset format for your batch transform job. */ datasetFormat: pulumi.Input; /** * Monitoring end time offset, e.g. PT0H */ endTimeOffset?: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * The threshold for the class probability to be evaluated as a positive result. */ probabilityThresholdAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; /** * Monitoring start time offset, e.g. -PT1H */ startTimeOffset?: pulumi.Input; } /** * Configuration for the cluster used to run model monitoring jobs. */ interface ModelQualityJobDefinitionClusterConfigArgs { /** * The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * The baseline constraints resource for a monitoring job. */ interface ModelQualityJobDefinitionConstraintsResourceArgs { /** * The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. */ s3Uri?: pulumi.Input; } /** * The CSV format */ interface ModelQualityJobDefinitionCsvArgs { /** * A boolean flag indicating if given CSV has header */ header?: pulumi.Input; } /** * The dataset format of the data to monitor */ interface ModelQualityJobDefinitionDatasetFormatArgs { csv?: pulumi.Input; json?: pulumi.Input; parquet?: pulumi.Input; } /** * The endpoint for a monitoring job. */ interface ModelQualityJobDefinitionEndpointInputArgs { /** * Monitoring end time offset, e.g. PT0H */ endTimeOffset?: pulumi.Input; /** * An endpoint in customer's account which has enabled `DataCaptureConfig` enabled. */ endpointName: pulumi.Input; /** * Index or JSONpath to locate predicted label(s) */ inferenceAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Index or JSONpath to locate probabilities */ probabilityAttribute?: pulumi.Input; /** * The threshold for the class probability to be evaluated as a positive result. */ probabilityThresholdAttribute?: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; /** * Monitoring start time offset, e.g. -PT1H */ startTimeOffset?: pulumi.Input; } /** * The Json format */ interface ModelQualityJobDefinitionJsonArgs { /** * A boolean flag indicating if it is JSON line format */ line?: pulumi.Input; } /** * Container image configuration object for the monitoring job. */ interface ModelQualityJobDefinitionModelQualityAppSpecificationArgs { /** * An array of arguments for the container used to run the monitoring job. */ containerArguments?: pulumi.Input[]>; /** * Specifies the entrypoint for a container used to run the monitoring job. */ containerEntrypoint?: pulumi.Input[]>; /** * Sets the environment variables in the Docker container */ environment?: any; /** * The container image to be run by the monitoring job. */ imageUri: pulumi.Input; /** * An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers. */ postAnalyticsProcessorSourceUri?: pulumi.Input; /** * The machine learning problem type of the model that the monitoring job monitors. */ problemType: pulumi.Input; /** * An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers */ recordPreprocessorSourceUri?: pulumi.Input; } /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics. */ interface ModelQualityJobDefinitionModelQualityBaselineConfigArgs { /** * The name of the job that performs baselining for the monitoring job. */ baseliningJobName?: pulumi.Input; /** * The constraints resource for a monitoring job. */ constraintsResource?: pulumi.Input; } /** * The inputs for a monitoring job. */ interface ModelQualityJobDefinitionModelQualityJobInputArgs { /** * Input object for the batch transform job. */ batchTransformInput?: pulumi.Input; /** * Input object for the endpoint */ endpointInput?: pulumi.Input; /** * The ground truth label provided for the model. */ groundTruthS3Input: pulumi.Input; } /** * Ground truth input provided in S3 */ interface ModelQualityJobDefinitionMonitoringGroundTruthS3InputArgs { /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * The output object for a monitoring job. */ interface ModelQualityJobDefinitionMonitoringOutputArgs { /** * The Amazon S3 storage location where the results of a monitoring job are saved. */ s3Output: pulumi.Input; } /** * The output configuration for monitoring jobs. */ interface ModelQualityJobDefinitionMonitoringOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. */ monitoringOutputs: pulumi.Input[]>; } /** * Identifies the resources to deploy for a monitoring job. */ interface ModelQualityJobDefinitionMonitoringResourcesArgs { /** * The configuration for the cluster resources used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface ModelQualityJobDefinitionNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ vpcConfig?: pulumi.Input; } /** * Information about where and how to store the results of a monitoring job. */ interface ModelQualityJobDefinitionS3OutputArgs { /** * The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. */ localPath: pulumi.Input; /** * Whether to upload the results of the monitoring job continuously or after the job completes. */ s3UploadMode?: pulumi.Input; /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * Specifies a time limit for how long the monitoring job is allowed to run. */ interface ModelQualityJobDefinitionStoppingConditionArgs { /** * The maximum runtime allowed in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ interface ModelQualityJobDefinitionVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. */ subnets: pulumi.Input[]>; } /** * Specifies an authentication configuration for the private docker registry where your model image is hosted. Specify a value for this property only if you specified `Vpc` as the value for the `RepositoryAccessMode` field of the `ImageConfig` object that you passed to a call to `CreateModel` and the private Docker registry where the model image is hosted requires authentication. */ interface ModelRepositoryAuthConfigArgs { /** * The Amazon Resource Name (ARN) of an AWS Lambda function that provides credentials to authenticate to the private Docker registry where your model image is hosted. For information about how to create an AWS Lambda function, see [Create a Lambda function with the console](https://docs.aws.amazon.com/lambda/latest/dg/getting-started-create-function.html) in the AWS Lambda Developer Guide */ repositoryCredentialsProviderArn: pulumi.Input; } /** * Specifies the S3 location of ML model data to deploy. */ interface ModelS3DataSourceArgs { /** * Specifies how the ML model data is prepared. */ compressionType: pulumi.Input; /** * The configuration for a private hub model reference that points to a SageMaker JumpStart public hub model. */ hubAccessConfig?: pulumi.Input; modelAccessConfig?: pulumi.Input; /** * Specifies the type of ML model data to deploy. */ s3DataType: pulumi.Input; /** * Specifies the S3 path of ML model data to deploy. */ s3Uri: pulumi.Input; } /** * Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html). */ interface ModelVpcConfigArgs { /** * The VPC security group IDs, in the form `sg-xxxxxxxx`. Specify the security groups for the VPC that is specified in the `Subnets` field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see [Supported Instance Types and Availability Zones](https://docs.aws.amazon.com/sagemaker/latest/dg/instance-types-az.html). */ subnets: pulumi.Input[]>; } /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics. */ interface MonitoringScheduleBaselineConfigArgs { /** * The Amazon S3 URI for the constraints resource. */ constraintsResource?: pulumi.Input; /** * The baseline statistics file in Amazon S3 that the current monitoring job should be validated against. */ statisticsResource?: pulumi.Input; } /** * The batch transform input for a monitoring job. */ interface MonitoringScheduleBatchTransformInputArgs { /** * A URI that identifies the Amazon S3 storage location where Batch Transform Job captures data. */ dataCapturedDestinationS3Uri: pulumi.Input; datasetFormat: pulumi.Input; /** * Indexes or names of the features to be excluded from analysis */ excludeFeaturesAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * Configuration for the cluster used to run model monitoring jobs. */ interface MonitoringScheduleClusterConfigArgs { /** * The number of ML compute instances to use in the model monitoring job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the model monitoring job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume, in gigabytes, that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * The configuration object that specifies the monitoring schedule and defines the monitoring job. */ interface MonitoringScheduleConfigArgs { /** * Defines the monitoring job. */ monitoringJobDefinition?: pulumi.Input; /** * Name of the job definition */ monitoringJobDefinitionName?: pulumi.Input; /** * The type of the monitoring job definition to schedule. */ monitoringType?: pulumi.Input; /** * Configures the monitoring schedule. */ scheduleConfig?: pulumi.Input; } /** * The baseline constraints resource for a monitoring job. */ interface MonitoringScheduleConstraintsResourceArgs { /** * The Amazon S3 URI for baseline constraint file in Amazon S3 that the current monitoring job should validated against. */ s3Uri?: pulumi.Input; } /** * The CSV format */ interface MonitoringScheduleCsvArgs { /** * A boolean flag indicating if given CSV has header */ header?: pulumi.Input; } /** * The dataset format of the data to monitor */ interface MonitoringScheduleDatasetFormatArgs { csv?: pulumi.Input; json?: pulumi.Input; parquet?: pulumi.Input; } /** * The endpoint for a monitoring job. */ interface MonitoringScheduleEndpointInputArgs { endpointName: pulumi.Input; /** * Indexes or names of the features to be excluded from analysis */ excludeFeaturesAttribute?: pulumi.Input; /** * Path to the filesystem where the endpoint data is available to the container. */ localPath: pulumi.Input; /** * Whether input data distributed in Amazon S3 is fully replicated or sharded by an S3 key. Defauts to FullyReplicated */ s3DataDistributionType?: pulumi.Input; /** * Whether the Pipe or File is used as the input mode for transfering data for the monitoring job. Pipe mode is recommended for large datasets. File mode is useful for small files that fit in memory. Defaults to File. */ s3InputMode?: pulumi.Input; } /** * The Json format */ interface MonitoringScheduleJsonArgs { /** * A boolean flag indicating if it is JSON line format */ line?: pulumi.Input; } /** * Container image configuration object for the monitoring job. */ interface MonitoringScheduleMonitoringAppSpecificationArgs { /** * An array of arguments for the container used to run the monitoring job. */ containerArguments?: pulumi.Input[]>; /** * Specifies the entrypoint for a container used to run the monitoring job. */ containerEntrypoint?: pulumi.Input[]>; /** * The container image to be run by the monitoring job. */ imageUri: pulumi.Input; /** * An Amazon S3 URI to a script that is called after analysis has been performed. Applicable only for the built-in (first party) containers. */ postAnalyticsProcessorSourceUri?: pulumi.Input; /** * An Amazon S3 URI to a script that is called per row prior to running analysis. It can base64 decode the payload and convert it into a flatted json so that the built-in container can use the converted data. Applicable only for the built-in (first party) containers */ recordPreprocessorSourceUri?: pulumi.Input; } /** * Summary of information about monitoring job */ interface MonitoringScheduleMonitoringExecutionSummaryArgs { /** * The time at which the monitoring job was created. */ creationTime: pulumi.Input; /** * The name of the endpoint used to run the monitoring job. */ endpointName?: pulumi.Input; /** * Contains the reason a monitoring job failed, if it failed. */ failureReason?: pulumi.Input; /** * A timestamp that indicates the last time the monitoring job was modified. */ lastModifiedTime: pulumi.Input; /** * The status of the monitoring job. */ monitoringExecutionStatus: pulumi.Input; /** * The name of the monitoring schedule. */ monitoringScheduleName: pulumi.Input; /** * The Amazon Resource Name (ARN) of the monitoring job. */ processingJobArn?: pulumi.Input; /** * The time the monitoring job was scheduled. */ scheduledTime: pulumi.Input; } /** * The inputs for a monitoring job. */ interface MonitoringScheduleMonitoringInputArgs { batchTransformInput?: pulumi.Input; endpointInput?: pulumi.Input; } /** * Defines the monitoring job. */ interface MonitoringScheduleMonitoringJobDefinitionArgs { /** * Baseline configuration used to validate that the data conforms to the specified constraints and statistics */ baselineConfig?: pulumi.Input; /** * Sets the environment variables in the Docker container */ environment?: any; /** * Configures the monitoring job to run a specified Docker container image. */ monitoringAppSpecification: pulumi.Input; /** * The array of inputs for the monitoring job. Currently we support monitoring an Amazon SageMaker AI Endpoint. */ monitoringInputs: pulumi.Input[]>; /** * The array of outputs from the monitoring job to be uploaded to Amazon S3. */ monitoringOutputConfig: pulumi.Input; /** * Identifies the resources, ML compute instances, and ML storage volumes to deploy for a monitoring job. In distributed processing, you specify more than one instance. */ monitoringResources: pulumi.Input; /** * Specifies networking options for an monitoring job. */ networkConfig?: pulumi.Input; /** * The Amazon Resource Name (ARN) of an IAM role that Amazon SageMaker can assume to perform tasks on your behalf. */ roleArn: pulumi.Input; /** * Specifies a time limit for how long the monitoring job is allowed to run. */ stoppingCondition?: pulumi.Input; } /** * The output object for a monitoring job. */ interface MonitoringScheduleMonitoringOutputArgs { /** * The Amazon S3 storage location where the results of a monitoring job are saved. */ s3Output: pulumi.Input; } /** * The output configuration for monitoring jobs. */ interface MonitoringScheduleMonitoringOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the model artifacts at rest using Amazon S3 server-side encryption. */ kmsKeyId?: pulumi.Input; /** * Monitoring outputs for monitoring jobs. This is where the output of the periodic monitoring jobs is uploaded. */ monitoringOutputs: pulumi.Input[]>; } /** * Identifies the resources to deploy for a monitoring job. */ interface MonitoringScheduleMonitoringResourcesArgs { /** * The configuration for the cluster resources used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface MonitoringScheduleNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. For more information, see [Protect Endpoints by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/host-vpc.html) and [Protect Training Jobs by Using an Amazon Virtual Private Cloud](https://docs.aws.amazon.com/sagemaker/latest/dg/train-vpc.html) . */ vpcConfig?: pulumi.Input; } /** * Information about where and how to store the results of a monitoring job. */ interface MonitoringScheduleS3OutputArgs { /** * The local path to the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. LocalPath is an absolute path for the output data. */ localPath: pulumi.Input; /** * Whether to upload the results of the monitoring job continuously or after the job completes. */ s3UploadMode?: pulumi.Input; /** * A URI that identifies the Amazon S3 storage location where Amazon SageMaker saves the results of a monitoring job. */ s3Uri: pulumi.Input; } /** * Configuration details about the monitoring schedule. */ interface MonitoringScheduleScheduleConfigArgs { /** * Data Analysis end time, e.g. PT0H */ dataAnalysisEndTime?: pulumi.Input; /** * Data Analysis start time, e.g. -PT1H */ dataAnalysisStartTime?: pulumi.Input; /** * A cron expression or 'NOW' that describes details about the monitoring schedule. */ scheduleExpression: pulumi.Input; } /** * The baseline statistics resource for a monitoring job. */ interface MonitoringScheduleStatisticsResourceArgs { /** * The Amazon S3 URI for the baseline statistics file in Amazon S3 that the current monitoring job should be validated against. */ s3Uri?: pulumi.Input; } /** * Specifies a time limit for how long the monitoring job is allowed to run. */ interface MonitoringScheduleStoppingConditionArgs { /** * The maximum runtime allowed in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies a VPC that your training jobs and hosted models have access to. Control access to and from your training and model containers by configuring the VPC. */ interface MonitoringScheduleVpcConfigArgs { /** * The VPC security group IDs, in the form sg-xxxxxxxx. Specify the security groups for the VPC that is specified in the Subnets field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect to your monitoring jobs. */ subnets: pulumi.Input[]>; } /** * The configuration of an `OfflineStore` . */ interface OfflineStoreConfigPropertiesArgs { /** * The meta data of the Glue table that is autogenerated when an `OfflineStore` is created. */ dataCatalogConfig?: pulumi.Input; /** * Set to `True` to disable the automatic creation of an AWS Glue table when configuring an `OfflineStore` . If set to `False` , Feature Store will name the `OfflineStore` Glue table following [Athena's naming recommendations](https://docs.aws.amazon.com/athena/latest/ug/tables-databases-columns-names.html) . * * The default value is `False` . */ disableGlueTableCreation?: pulumi.Input; /** * The Amazon Simple Storage (Amazon S3) location of `OfflineStore` . */ s3StorageConfig: pulumi.Input; /** * Format for the offline store table. Supported formats are Glue (Default) and [Apache Iceberg](https://docs.aws.amazon.com/https://iceberg.apache.org/) . */ tableFormat?: pulumi.Input; } /** * The configuration of an `OnlineStore` . */ interface OnlineStoreConfigPropertiesArgs { /** * Turn `OnlineStore` off by specifying `False` for the `EnableOnlineStore` flag. Turn `OnlineStore` on by specifying `True` for the `EnableOnlineStore` flag. * * The default value is `False` . */ enableOnlineStore?: pulumi.Input; /** * Use to specify KMS Key ID ( `KMSKeyId` ) for at-rest encryption of your `OnlineStore` . */ securityConfig?: pulumi.Input; /** * Option for different tiers of low latency storage for real-time data retrieval. * * - `Standard` : A managed low latency data store for feature groups. * - `InMemory` : A managed data store for feature groups that supports very low latency retrieval. */ storageType?: pulumi.Input; /** * Time to live duration, where the record is hard deleted after the expiration time is reached; `ExpiresAt` = `EventTime` + `TtlDuration` . For information on HardDelete, see the [DeleteRecord](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_feature_store_DeleteRecord.html) API in the Amazon SageMaker API Reference guide. */ ttlDuration?: pulumi.Input; } /** * The parallelism configuration applied to the pipeline. */ interface ParallelismConfigurationPropertiesArgs { /** * Maximum parallel execution steps */ maxParallelExecutionSteps: pulumi.Input; } /** * A collection of configuration settings for the PartnerApp. */ interface PartnerAppConfigArgs { /** * A list of users with administrator privileges for the PartnerApp. */ adminUsers?: pulumi.Input[]>; /** * A list of arguments to pass to the PartnerApp. */ arguments?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * A collection of settings that specify the maintenance schedule for the PartnerApp. */ interface PartnerAppMaintenanceConfigArgs { /** * The maintenance window start day and time for the PartnerApp. */ maintenanceWindowStart: pulumi.Input; } /** * The definition of the pipeline. This can be either a JSON string or an Amazon S3 location. */ interface PipelineDefinition0PropertiesArgs { /** * A specification that defines the pipeline in JSON format. */ pipelineDefinitionBody: pulumi.Input; } /** * The definition of the pipeline. This can be either a JSON string or an Amazon S3 location. */ interface PipelineDefinition1PropertiesArgs { pipelineDefinitionS3Location: pulumi.Input; } interface PipelineS3LocationArgs { /** * The name of the S3 bucket where the PipelineDefinition file is stored. */ bucket: pulumi.Input; /** * The Amazon S3 ETag (a file checksum) of the PipelineDefinition file. If you don't specify a value, SageMaker skips ETag validation of your PipelineDefinition file. */ eTag?: pulumi.Input; /** * The file name of the PipelineDefinition file (Amazon S3 object name). */ key: pulumi.Input; /** * For versioning-enabled buckets, a specific version of the PipelineDefinition file. */ version?: pulumi.Input; } /** * Configures the processing job to run a specified Docker container image. */ interface ProcessingJobAppSpecificationArgs { /** * The arguments for a container used to run a processing job. */ containerArguments?: pulumi.Input[]>; /** * The entrypoint for a container used to run a processing job. */ containerEntrypoint?: pulumi.Input[]>; /** * The container image to be run by the processing job. */ imageUri: pulumi.Input; } /** * Configuration for Athena Dataset Definition input. */ interface ProcessingJobAthenaDatasetDefinitionArgs { /** * The name of the data catalog used in Athena query execution. */ catalog: pulumi.Input; /** * The name of the database used in the Athena query execution. */ database: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data generated from an Athena query execution. */ kmsKeyId?: pulumi.Input; /** * The compression used for Athena query results. */ outputCompression?: pulumi.Input; /** * The data storage format for Athena query results. */ outputFormat: pulumi.Input; /** * The location in Amazon S3 where Athena query results are stored. */ outputS3Uri: pulumi.Input; /** * The SQL query statements, to be executed. */ queryString: pulumi.Input; /** * The name of the workgroup in which the Athena query is being started. */ workGroup?: pulumi.Input; } /** * Configuration for the cluster used to run a processing job. */ interface ProcessingJobClusterConfigArgs { /** * The number of ML compute instances to use in the processing job. For distributed processing jobs, specify a value greater than 1. The default value is 1. */ instanceCount: pulumi.Input; /** * The ML compute instance type for the processing job. */ instanceType: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data on the storage volume attached to the ML compute instance(s) that run the processing job. */ volumeKmsKeyId?: pulumi.Input; /** * The size of the ML storage volume in gigabytes that you want to provision. You must specify sufficient ML storage for your scenario. */ volumeSizeInGb: pulumi.Input; } /** * Configuration for Dataset Definition inputs. The Dataset Definition input must specify exactly one of either `AthenaDatasetDefinition` or `RedshiftDatasetDefinition` types. */ interface ProcessingJobDatasetDefinitionArgs { /** * Configuration for Athena Dataset Definition input. */ athenaDatasetDefinition?: pulumi.Input; /** * Whether the generated dataset is FullyReplicated or ShardedByS3Key (default). */ dataDistributionType?: pulumi.Input; /** * Whether to use File or Pipe input mode. In File (default) mode, Amazon SageMaker copies the data from the input source onto the local Amazon Elastic Block Store (Amazon EBS) volumes before starting your training algorithm. This is the most commonly used input mode. In Pipe mode, Amazon SageMaker streams input data from the source directly to your algorithm without using the EBS volume. */ inputMode?: pulumi.Input; /** * The local path where you want Amazon SageMaker to download the Dataset Definition inputs to run a processing job. LocalPath is an absolute path to the input data. This is a required parameter when AppManaged is False (default). */ localPath?: pulumi.Input; /** * Configuration for Redshift Dataset Definition input. */ redshiftDatasetDefinition?: pulumi.Input; } /** * Sets the environment variables in the Docker container */ interface ProcessingJobEnvironmentArgs { } /** * Associates a SageMaker job as a trial component with an experiment and trial. */ interface ProcessingJobExperimentConfigArgs { /** * The name of an existing experiment to associate with the trial component. */ experimentName?: pulumi.Input; /** * The name of the experiment run to associate with the trial component. */ runName?: pulumi.Input; /** * The display name for the trial component. If this key isn't specified, the display name is the trial component name. */ trialComponentDisplayName?: pulumi.Input; /** * The name of an existing trial to associate the trial component with. If not specified, a new trial is created. */ trialName?: pulumi.Input; } /** * Configuration for processing job outputs in Amazon SageMaker Feature Store. */ interface ProcessingJobFeatureStoreOutputArgs { /** * The name of the Amazon SageMaker FeatureGroup to use as the destination for processing job output. Note that your processing script is responsible for putting records into your Feature Store. */ featureGroupName: pulumi.Input; } /** * Networking options for a job, such as network traffic encryption between containers, whether to allow inbound and outbound network calls to and from containers, and the VPC subnets and security groups to use for VPC-enabled jobs. */ interface ProcessingJobNetworkConfigArgs { /** * Whether to encrypt all communications between distributed processing jobs. Choose True to encrypt communications. Encryption provides greater security for distributed processing jobs, but the processing might take longer. */ enableInterContainerTrafficEncryption?: pulumi.Input; /** * Whether to allow inbound and outbound network calls to and from the containers used for the processing job. */ enableNetworkIsolation?: pulumi.Input; /** * Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see [Give SageMaker Access to Resources in your Amazon VPC](https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html) . */ vpcConfig?: pulumi.Input; } /** * The inputs for a processing job. The processing input must specify exactly one of either S3Input or DatasetDefinition types. */ interface ProcessingJobProcessingInputsObjectArgs { /** * When True, input operations such as data download are managed natively by the processing job application. When False (default), input operations are managed by Amazon SageMaker. */ appManaged?: pulumi.Input; /** * Configuration for Dataset Definition inputs. The Dataset Definition input must specify exactly one of either `AthenaDatasetDefinition` or `RedshiftDatasetDefinition` types. */ datasetDefinition?: pulumi.Input; /** * The name for the processing job input. */ inputName: pulumi.Input; /** * Configuration for downloading input data from Amazon S3 into the processing container. */ s3Input?: pulumi.Input; } /** * Configuration for uploading output from the processing container. */ interface ProcessingJobProcessingOutputConfigArgs { /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt the processing job output. KmsKeyId can be an ID of a KMS key, ARN of a KMS key, or alias of a KMS key. The KmsKeyId is applied to all outputs. */ kmsKeyId?: pulumi.Input; /** * An array of outputs configuring the data to upload from the processing container. */ outputs: pulumi.Input[]>; } /** * Describes the results of a processing job. The processing output must specify exactly one of either S3Output or FeatureStoreOutput types. */ interface ProcessingJobProcessingOutputsObjectArgs { /** * When True, output operations such as data upload are managed natively by the processing job application. When False (default), output operations are managed by Amazon SageMaker. */ appManaged?: pulumi.Input; /** * Configuration for processing job outputs in Amazon SageMaker Feature Store. */ featureStoreOutput?: pulumi.Input; /** * The name for the processing job output. */ outputName: pulumi.Input; /** * Configuration for uploading output data to Amazon S3 from the processing container. */ s3Output?: pulumi.Input; } /** * Identifies the resources, ML compute instances, and ML storage volumes to deploy for a processing job. In distributed training, you specify more than one instance. */ interface ProcessingJobProcessingResourcesArgs { /** * The configuration for the resources in a cluster used to run the processing job. */ clusterConfig: pulumi.Input; } /** * Configuration for Redshift Dataset Definition input. */ interface ProcessingJobRedshiftDatasetDefinitionArgs { /** * The Redshift cluster Identifier. */ clusterId: pulumi.Input; /** * The IAM role attached to your Redshift cluster that Amazon SageMaker uses to generate datasets. */ clusterRoleArn: pulumi.Input; /** * The name of the Redshift database used in Redshift query execution. */ database: pulumi.Input; /** * The database user name used in Redshift query execution. */ dbUser: pulumi.Input; /** * The AWS Key Management Service (AWS KMS) key that Amazon SageMaker uses to encrypt data from a Redshift execution. */ kmsKeyId?: pulumi.Input; /** * The compression used for Redshift query results. */ outputCompression?: pulumi.Input; /** * The data storage format for Redshift query results. */ outputFormat: pulumi.Input; /** * The location in Amazon S3 where the Redshift query results are stored. */ outputS3Uri: pulumi.Input; /** * The SQL query statements to be executed. */ queryString: pulumi.Input; } /** * Configuration for downloading input data from Amazon S3 into the processing container. */ interface ProcessingJobS3InputArgs { /** * The local path in your container where you want Amazon SageMaker to write input data to. `LocalPath` is an absolute path to the input data and must begin with `/opt/ml/processing/`. LocalPath is a required parameter when `AppManaged` is `False` (default). */ localPath?: pulumi.Input; /** * Whether to GZIP-decompress the data in Amazon S3 as it is streamed into the processing container. `Gzip` can only be used when `Pipe` mode is specified as the `S3InputMode`. In `Pipe` mode, Amazon SageMaker streams input data from the source directly to your container without using the EBS volume. */ s3CompressionType?: pulumi.Input; /** * Whether to distribute the data from Amazon S3 to all processing instances with `FullyReplicated`, or whether the data from Amazon S3 is shared by Amazon S3 key, downloading one shard of data to each processing instance. */ s3DataDistributionType?: pulumi.Input; /** * Whether you use an S3Prefix or a ManifestFile for the data type. If you choose S3Prefix, S3Uri identifies a key name prefix. Amazon SageMaker uses all objects with the specified key name prefix for the processing job. If you choose ManifestFile, S3Uri identifies an object that is a manifest file containing a list of object keys that you want Amazon SageMaker to use for the processing job. */ s3DataType: pulumi.Input; /** * Whether to use File or Pipe input mode. In File mode, Amazon SageMaker copies the data from the input source onto the local ML storage volume before starting your processing container. This is the most commonly used input mode. In Pipe mode, Amazon SageMaker streams input data from the source directly to your processing container into named pipes without using the ML storage volume. */ s3InputMode?: pulumi.Input; /** * The URI of the Amazon S3 prefix Amazon SageMaker downloads data required to run a processing job. */ s3Uri: pulumi.Input; } /** * Configuration for uploading output data to Amazon S3 from the processing container. */ interface ProcessingJobS3OutputArgs { /** * The local path of a directory where you want Amazon SageMaker to upload its contents to Amazon S3. LocalPath is an absolute path to a directory containing output files. This directory will be created by the platform and exist when your container's entrypoint is invoked. */ localPath?: pulumi.Input; /** * Whether to upload the results of the processing job continuously or after the job completes. */ s3UploadMode: pulumi.Input; /** * A URI that identifies the Amazon S3 bucket where you want Amazon SageMaker to save the results of a processing job. */ s3Uri: pulumi.Input; } /** * Configures conditions under which the processing job should be stopped, such as how long the processing job has been running. After the condition is met, the processing job is stopped. */ interface ProcessingJobStoppingConditionArgs { /** * Specifies the maximum runtime in seconds. */ maxRuntimeInSeconds: pulumi.Input; } /** * Specifies an Amazon Virtual Private Cloud (VPC) that your SageMaker jobs, hosted models, and compute resources have access to. You can control access to and from your resources by configuring a VPC. For more information, see https://docs.aws.amazon.com/sagemaker/latest/dg/infrastructure-give-access.html */ interface ProcessingJobVpcConfigArgs { /** * The VPC security group IDs, in the form 'sg-xxxxxxxx'. Specify the security groups for the VPC that is specified in the 'Subnets' field. */ securityGroupIds: pulumi.Input[]>; /** * The ID of the subnets in the VPC to which you want to connect your training job or model. For information about the availability of specific instance types, see https://docs.aws.amazon.com/sagemaker/latest/dg/regions-quotas.html */ subnets: pulumi.Input[]>; } interface ProjectCfnStackParameterArgs { /** * The key of the parameter. */ key: pulumi.Input; /** * The value of the parameter. */ value: pulumi.Input; } /** * CloudFormation template provider details for a SageMaker project. */ interface ProjectCfnTemplateProviderDetailArgs { /** * An array of CloudFormation stack parameters. */ parameters?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) of the IAM role used by the template provider. */ roleArn?: pulumi.Input; /** * The name of the template used for the project. */ templateName: pulumi.Input; /** * The URL of the CloudFormation template. */ templateUrl: pulumi.Input; } /** * Information about a parameter used to provision a product. */ interface ProjectProvisioningParameterArgs { /** * The parameter key. */ key: pulumi.Input; /** * The parameter value. */ value: pulumi.Input; } /** * Details about the template provider for the SageMaker project. */ interface ProjectTemplateProviderDetailArgs { /** * Details about a CloudFormation template provider configuration and associated provisioning information. */ cfnTemplateProviderDetail?: pulumi.Input; } /** * Provisioned ServiceCatalog Details */ interface ServiceCatalogProvisionedProductDetailsPropertiesArgs { /** * The ID of the provisioned product. */ provisionedProductId?: pulumi.Input; /** * The current status of the product. * * - `AVAILABLE` - Stable state, ready to perform any operation. The most recent operation succeeded and completed. * - `UNDER_CHANGE` - Transitive state. Operations performed might not have valid results. Wait for an AVAILABLE status before performing operations. * - `TAINTED` - Stable state, ready to perform any operation. The stack has completed the requested operation but is not exactly what was requested. For example, a request to update to a new version failed and the stack rolled back to the current version. * - `ERROR` - An unexpected error occurred. The provisioned product exists but the stack is not running. For example, CloudFormation received a parameter value that was not valid and could not launch the stack. * - `PLAN_IN_PROGRESS` - Transitive state. The plan operations were performed to provision a new product, but resources have not yet been created. After reviewing the list of resources to be created, execute the plan. Wait for an AVAILABLE status before performing operations. */ provisionedProductStatusMessage?: pulumi.Input; } /** * Input ServiceCatalog Provisioning Details */ interface ServiceCatalogProvisioningDetailsPropertiesArgs { /** * The path identifier of the product. This value is optional if the product has a default path, and required if the product has more than one path. */ pathId?: pulumi.Input; /** * The ID of the product to provision. */ productId: pulumi.Input; /** * The ID of the provisioning artifact. */ provisioningArtifactId?: pulumi.Input; /** * Parameters specified by the administrator that are required for provisioning the product. */ provisioningParameters?: pulumi.Input[]>; } interface SpaceAppLifecycleManagementArgs { /** * Settings related to idle shutdown of Studio applications. */ idleSettings?: pulumi.Input; } /** * The CodeEditor app settings. */ interface SpaceCodeEditorAppSettingsArgs { /** * Settings that are used to configure and manage the lifecycle of CodeEditor applications in a space. */ appLifecycleManagement?: pulumi.Input; /** * Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on. */ defaultResourceSpec?: pulumi.Input; } interface SpaceCodeRepositoryArgs { /** * A CodeRepository (valid URL) to be used within Jupyter's Git extension. */ repositoryUrl: pulumi.Input; } interface SpaceCustomFileSystemArgs { efsFileSystem?: pulumi.Input; fSxLustreFileSystem?: pulumi.Input; s3FileSystem?: pulumi.Input; } /** * A custom SageMaker image. */ interface SpaceCustomImageArgs { /** * The Name of the AppImageConfig. */ appImageConfigName: pulumi.Input; /** * The name of the CustomImage. Must be unique to your account. */ imageName: pulumi.Input; /** * The version number of the CustomImage. */ imageVersionNumber?: pulumi.Input; } /** * Properties related to the space's Amazon Elastic Block Store volume. */ interface SpaceEbsStorageSettingsArgs { /** * Size of the Amazon EBS volume in Gb */ ebsVolumeSizeInGb: pulumi.Input; } interface SpaceEfsFileSystemArgs { fileSystemId: pulumi.Input; } interface SpaceFSxLustreFileSystemArgs { fileSystemId: pulumi.Input; } interface SpaceIdleSettingsArgs { /** * The space idle timeout value set in minutes */ idleTimeoutInMinutes?: pulumi.Input; } /** * The JupyterServer app settings. */ interface SpaceJupyterLabAppSettingsArgs { /** * Settings that are used to configure and manage the lifecycle of JupyterLab applications in a space. */ appLifecycleManagement?: pulumi.Input; /** * A list of CodeRepositories available for use with JupyterLab apps. */ codeRepositories?: pulumi.Input[]>; /** * Specifies the ARNs of a SageMaker image and SageMaker image version, and the instance type that the version runs on. */ defaultResourceSpec?: pulumi.Input; } /** * The JupyterServer app settings. */ interface SpaceJupyterServerAppSettingsArgs { /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker AI image used by the JupyterServer app. If you use the `LifecycleConfigArns` parameter, then this parameter is also required. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with JupyterServer apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * The kernel gateway app settings. */ interface SpaceKernelGatewayAppSettingsArgs { /** * A list of custom SageMaker images that are configured to run as a KernelGateway app. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with KernelGateway apps. */ lifecycleConfigArns?: pulumi.Input[]>; } interface SpaceOwnershipSettingsArgs { /** * The user profile who is the owner of the space. */ ownerUserProfileName: pulumi.Input; } interface SpaceResourceSpecArgs { /** * The instance type that the image version runs on. */ instanceType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource. */ lifecycleConfigArn?: pulumi.Input; /** * The ARN of the SageMaker image that the image version belongs to. */ sageMakerImageArn?: pulumi.Input; /** * The ARN of the image version created on the instance. */ sageMakerImageVersionArn?: pulumi.Input; } interface SpaceS3FileSystemArgs { s3Uri?: pulumi.Input; } /** * A collection of settings that apply to spaces of Amazon SageMaker Studio. These settings are specified when the CreateSpace API is called. */ interface SpaceSettingsArgs { /** * The type of app created within the space. * * If using the [UpdateSpace](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_UpdateSpace.html) API, you can't change the app type of your space by specifying a different value for this field. */ appType?: pulumi.Input; /** * The CodeEditor app settings. */ codeEditorAppSettings?: pulumi.Input; /** * A file system, created by you, that you assign to a space for an Amazon SageMaker AI Domain. Permitted users can access this file system in Amazon SageMaker AI Studio. */ customFileSystems?: pulumi.Input[]>; /** * The JupyterLab app settings. */ jupyterLabAppSettings?: pulumi.Input; /** * The Jupyter server's app settings. */ jupyterServerAppSettings?: pulumi.Input; /** * The kernel gateway app settings. */ kernelGatewayAppSettings?: pulumi.Input; /** * This is a flag used to indicate if remote access is enabled. */ remoteAccess?: pulumi.Input; /** * This is a flag used to indicate if space managed resources needs to be created. */ spaceManagedResources?: pulumi.Input; /** * Default storage settings for a space. */ spaceStorageSettings?: pulumi.Input; } interface SpaceSharingSettingsArgs { /** * Specifies the sharing type of the space. */ sharingType: pulumi.Input; } interface SpaceStorageSettingsArgs { /** * A collection of EBS storage settings for a space. */ ebsStorageSettings?: pulumi.Input; } interface UserProfileAppLifecycleManagementArgs { /** * Settings related to idle shutdown of Studio applications. */ idleSettings?: pulumi.Input; } /** * The CodeEditor app settings. */ interface UserProfileCodeEditorAppSettingsArgs { /** * Settings that are used to configure and manage the lifecycle of CodeEditor applications. */ appLifecycleManagement?: pulumi.Input; /** * The lifecycle configuration that runs before the default lifecycle configuration. */ builtInLifecycleConfigArn?: pulumi.Input; /** * A list of custom images for use for CodeEditor apps. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the CodeEditor app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with CodeEditor apps. */ lifecycleConfigArns?: pulumi.Input[]>; } interface UserProfileCodeRepositoryArgs { /** * A CodeRepository (valid URL) to be used within Jupyter's Git extension. */ repositoryUrl: pulumi.Input; } interface UserProfileCustomFileSystemConfigArgs { /** * The settings for a custom Amazon EFS file system. */ efsFileSystemConfig?: pulumi.Input; /** * The settings for a custom Amazon FSx for Lustre file system. */ fSxLustreFileSystemConfig?: pulumi.Input; /** * Configuration settings for a custom Amazon S3 file system. */ s3FileSystemConfig?: pulumi.Input; } /** * A custom SageMaker image. */ interface UserProfileCustomImageArgs { /** * The Name of the AppImageConfig. */ appImageConfigName: pulumi.Input; /** * The name of the CustomImage. Must be unique to your account. */ imageName: pulumi.Input; /** * The version number of the CustomImage. */ imageVersionNumber?: pulumi.Input; } interface UserProfileCustomPosixUserConfigArgs { /** * The POSIX group ID. */ gid: pulumi.Input; /** * The POSIX user ID. */ uid: pulumi.Input; } /** * Properties related to the Amazon Elastic Block Store volume. */ interface UserProfileDefaultEbsStorageSettingsArgs { /** * Default size of the Amazon EBS volume in Gb */ defaultEbsVolumeSizeInGb: pulumi.Input; /** * Maximum size of the Amazon EBS volume in Gb. Must be greater than or equal to the DefaultEbsVolumeSizeInGb. */ maximumEbsVolumeSizeInGb: pulumi.Input; } /** * Default storage settings for a space. */ interface UserProfileDefaultSpaceStorageSettingsArgs { /** * The default EBS storage settings for a space. */ defaultEbsStorageSettings?: pulumi.Input; } interface UserProfileEfsFileSystemConfigArgs { /** * The ID of your Amazon EFS file system. */ fileSystemId: pulumi.Input; /** * The path to the file system directory that is accessible in Amazon SageMaker AI Studio. Permitted users can access only this directory and below. */ fileSystemPath?: pulumi.Input; } interface UserProfileFSxLustreFileSystemConfigArgs { /** * The globally unique, 17-digit, ID of the file system, assigned by Amazon FSx for Lustre. */ fileSystemId: pulumi.Input; /** * The path to the file system directory that is accessible in Amazon SageMaker Studio. Permitted users can access only this directory and below. */ fileSystemPath?: pulumi.Input; } interface UserProfileHiddenSageMakerImageArgs { /** * The SageMaker image name that you are hiding from the Studio user interface. */ sageMakerImageName?: pulumi.Input; /** * The version aliases you are hiding from the Studio user interface. */ versionAliases?: pulumi.Input[]>; } interface UserProfileIdleSettingsArgs { /** * The time that SageMaker waits after the application becomes idle before shutting it down. */ idleTimeoutInMinutes?: pulumi.Input; /** * Indicates whether idle shutdown is activated for the application type. */ lifecycleManagement?: pulumi.Input; /** * The maximum value in minutes that custom idle shutdown can be set to by the user. */ maxIdleTimeoutInMinutes?: pulumi.Input; /** * The minimum value in minutes that custom idle shutdown can be set to by the user. */ minIdleTimeoutInMinutes?: pulumi.Input; } /** * The JupyterLab app settings. */ interface UserProfileJupyterLabAppSettingsArgs { /** * Indicates whether idle shutdown is activated for JupyterLab applications. */ appLifecycleManagement?: pulumi.Input; /** * The lifecycle configuration that runs before the default lifecycle configuration. */ builtInLifecycleConfigArn?: pulumi.Input; /** * A list of CodeRepositories available for use with JupyterLab apps. */ codeRepositories?: pulumi.Input[]>; /** * A list of custom images available for use for JupyterLab apps */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterLab app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with JupyterLab apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * The JupyterServer app settings. */ interface UserProfileJupyterServerAppSettingsArgs { /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the JupyterServer app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with JupyterServer apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * The kernel gateway app settings. */ interface UserProfileKernelGatewayAppSettingsArgs { /** * A list of custom SageMaker images that are configured to run as a KernelGateway app. */ customImages?: pulumi.Input[]>; /** * The default instance type and the Amazon Resource Name (ARN) of the default SageMaker image used by the KernelGateway app. */ defaultResourceSpec?: pulumi.Input; /** * A list of LifecycleConfigArns available for use with KernelGateway apps. */ lifecycleConfigArns?: pulumi.Input[]>; } /** * A collection of settings that configure user interaction with the RStudioServerPro app. */ interface UserProfileRStudioServerProAppSettingsArgs { /** * Indicates whether the current user has access to the RStudioServerPro app. */ accessStatus?: pulumi.Input; /** * The level of permissions that the user has within the RStudioServerPro app. This value defaults to User. The Admin value allows the user access to the RStudio Administrative Dashboard. */ userGroup?: pulumi.Input; } interface UserProfileResourceSpecArgs { /** * The instance type that the image version runs on. * * > *JupyterServer apps* only support the `system` value. * > * > For *KernelGateway apps* , the `system` value is translated to `ml.t3.medium` . KernelGateway apps also support all other values for available instance types. */ instanceType?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the Lifecycle Configuration to attach to the Resource. */ lifecycleConfigArn?: pulumi.Input; /** * The ARN of the SageMaker image that the image version belongs to. */ sageMakerImageArn?: pulumi.Input; /** * The ARN of the image version created on the instance. */ sageMakerImageVersionArn?: pulumi.Input; } interface UserProfileS3FileSystemConfigArgs { /** * The file system path where the Amazon S3 storage location will be mounted within the Amazon SageMaker Studio environment. */ mountPath?: pulumi.Input; /** * The Amazon S3 URI of the S3 file system configuration. */ s3Uri?: pulumi.Input; } /** * Specifies options when sharing an Amazon SageMaker Studio notebook. These settings are specified as part of DefaultUserSettings when the CreateDomain API is called, and as part of UserSettings when the CreateUserProfile API is called. */ interface UserProfileSharingSettingsArgs { /** * Whether to include the notebook cell output when sharing the notebook. The default is Disabled. */ notebookOutputOption?: pulumi.Input; /** * When NotebookOutputOption is Allowed, the AWS Key Management Service (KMS) encryption key ID used to encrypt the notebook cell output in the Amazon S3 bucket. */ s3KmsKeyId?: pulumi.Input; /** * When NotebookOutputOption is Allowed, the Amazon S3 bucket used to store the shared notebook snapshots. */ s3OutputPath?: pulumi.Input; } /** * Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level. */ interface UserProfileStudioWebPortalSettingsArgs { /** * Applications supported in Studio that are hidden from the Studio left navigation pane. */ hiddenAppTypes?: pulumi.Input[]>; /** * The instance types you are hiding from the Studio user interface. */ hiddenInstanceTypes?: pulumi.Input[]>; /** * The machine learning tools that are hidden from the Studio left navigation pane. */ hiddenMlTools?: pulumi.Input[]>; /** * The version aliases you are hiding from the Studio user interface. */ hiddenSageMakerImageVersionAliases?: pulumi.Input[]>; } /** * A collection of settings that apply to users of Amazon SageMaker Studio. These settings are specified when the CreateUserProfile API is called, and as DefaultUserSettings when the CreateDomain API is called. */ interface UserProfileUserSettingsArgs { /** * Indicates whether auto-mounting of an EFS volume is supported for the user profile. */ autoMountHomeEfs?: pulumi.Input; /** * The Code Editor application settings. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ codeEditorAppSettings?: pulumi.Input; /** * The settings for assigning a custom file system to a user profile. Permitted users can access this file system in Amazon SageMaker AI Studio. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ customFileSystemConfigs?: pulumi.Input[]>; /** * Details about the POSIX identity that is used for file system operations. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ customPosixUserConfig?: pulumi.Input; /** * Defines which Amazon SageMaker application users are directed to by default. */ defaultLandingUri?: pulumi.Input; /** * The user profile Amazon Resource Name (ARN). */ executionRole?: pulumi.Input; /** * The settings for the JupyterLab application. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ jupyterLabAppSettings?: pulumi.Input; /** * The Jupyter server's app settings. */ jupyterServerAppSettings?: pulumi.Input; /** * The kernel gateway app settings. */ kernelGatewayAppSettings?: pulumi.Input; /** * A collection of settings that configure user interaction with the `RStudioServerPro` app. */ rStudioServerProAppSettings?: pulumi.Input; /** * The security groups for the Amazon Virtual Private Cloud (VPC) that Studio uses for communication. */ securityGroups?: pulumi.Input[]>; /** * The sharing settings. */ sharingSettings?: pulumi.Input; /** * The storage settings for a space. * * SageMaker applies these settings only to private spaces that the user creates in the domain. SageMaker doesn't apply these settings to shared spaces. */ spaceStorageSettings?: pulumi.Input; /** * Indicates whether the Studio experience is available to users. If not, users cannot access Studio. */ studioWebPortal?: pulumi.Input; /** * Studio settings. If these settings are applied on a user level, they take priority over the settings applied on a domain level. */ studioWebPortalSettings?: pulumi.Input; } } export declare namespace scheduler { /** * This structure specifies the VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode. */ interface ScheduleAwsVpcConfigurationArgs { /** * Specifies whether the task's elastic network interface receives a public IP address. You can specify `ENABLED` only when `LaunchType` in `EcsParameters` is set to `FARGATE` . */ assignPublicIp?: pulumi.Input; /** * Specifies the security groups associated with the task. These security groups must all be in the same VPC. You can specify as many as five security groups. If you do not specify a security group, the default security group for the VPC is used. */ securityGroups?: pulumi.Input[]>; /** * Specifies the subnets associated with the task. These subnets must all be in the same VPC. You can specify as many as 16 subnets. */ subnets: pulumi.Input[]>; } /** * The details of a capacity provider strategy. */ interface ScheduleCapacityProviderStrategyItemArgs { /** * The base value designates how many tasks, at a minimum, to run on the specified capacity provider. Only one capacity provider in a capacity provider strategy can have a base defined. If no value is specified, the default value of 0 is used. */ base?: pulumi.Input; /** * The short name of the capacity provider. */ capacityProvider: pulumi.Input; /** * The weight value designates the relative percentage of the total number of tasks launched that should use the specified capacity provider. The weight value is taken into consideration after the base value, if defined, is satisfied. */ weight?: pulumi.Input; } /** * A DeadLetterConfig object that contains information about a dead-letter queue configuration. */ interface ScheduleDeadLetterConfigArgs { /** * The ARN of the SQS queue specified as the target for the dead-letter queue. */ arn?: pulumi.Input; } /** * The custom parameters to be used when the target is an Amazon ECS task. */ interface ScheduleEcsParametersArgs { /** * The capacity provider strategy to use for the task. */ capacityProviderStrategy?: pulumi.Input[]>; /** * Specifies whether to enable Amazon ECS managed tags for the task. For more information, see Tagging Your Amazon ECS Resources in the Amazon Elastic Container Service Developer Guide. */ enableEcsManagedTags?: pulumi.Input; /** * Whether or not to enable the execute command functionality for the containers in this task. If true, this enables execute command functionality on all containers in the task. */ enableExecuteCommand?: pulumi.Input; /** * Specifies an ECS task group for the task. The maximum length is 255 characters. */ group?: pulumi.Input; /** * Specifies the launch type on which your task is running. The launch type that you specify here must match one of the launch type (compatibilities) of the target task. The `FARGATE` value is supported only in the Regions where Fargate with Amazon ECS is supported. For more information, see [AWS Fargate on Amazon ECS](https://docs.aws.amazon.com/AmazonECS/latest/developerguide/AWS_Fargate.html) in the *Amazon ECS Developer Guide* . */ launchType?: pulumi.Input; /** * This structure specifies the network configuration for an ECS task. */ networkConfiguration?: pulumi.Input; /** * An array of placement constraint objects to use for the task. You can specify up to 10 constraints per task (including constraints in the task definition and those specified at runtime). */ placementConstraints?: pulumi.Input[]>; /** * The placement strategy objects to use for the task. You can specify a maximum of five strategy rules per task. */ placementStrategy?: pulumi.Input[]>; /** * Specifies the platform version for the task. Specify only the numeric portion of the platform version, such as 1.1.0. */ platformVersion?: pulumi.Input; /** * Specifies whether to propagate the tags from the task definition to the task. If no value is specified, the tags are not propagated. Tags can only be propagated to the task during task creation. To add tags to a task after task creation, use the Amazon ECS [`TagResource`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_TagResource.html) API action. */ propagateTags?: pulumi.Input; /** * The reference ID to use for the task. */ referenceId?: pulumi.Input; /** * The metadata that you apply to the task to help you categorize and organize them. Each tag consists of a key and an optional value, both of which you define. To learn more, see RunTask in the Amazon ECS API Reference. */ tags?: pulumi.Input; }>[]>; /** * The number of tasks to create based on TaskDefinition. The default is 1. */ taskCount?: pulumi.Input; /** * The ARN of the task definition to use if the event target is an Amazon ECS task. */ taskDefinitionArn: pulumi.Input; } /** * EventBridge PutEvent predefined target type. */ interface ScheduleEventBridgeParametersArgs { /** * Free-form string, with a maximum of 128 characters, used to decide what fields to expect in the event detail. */ detailType: pulumi.Input; /** * The source of the event. */ source: pulumi.Input; } /** * Flexible time window allows configuration of a window within which a schedule can be invoked */ interface ScheduleFlexibleTimeWindowArgs { /** * The maximum time window during which a schedule can be invoked. */ maximumWindowInMinutes?: pulumi.Input; /** * Determines whether the schedule is invoked within a flexible time window. You must use quotation marks when you specify this value in your JSON or YAML template. * * *Allowed Values* : `"OFF"` | `"FLEXIBLE"` */ mode: pulumi.Input; } /** * The custom parameter you can use to control the shard to which EventBridge Scheduler sends the event. */ interface ScheduleKinesisParametersArgs { /** * The custom parameter used as the Kinesis partition key. For more information, see Amazon Kinesis Streams Key Concepts in the Amazon Kinesis Streams Developer Guide. */ partitionKey: pulumi.Input; } /** * This structure specifies the network configuration for an ECS task. */ interface ScheduleNetworkConfigurationArgs { /** * Specifies the Amazon VPC subnets and security groups for the task, and whether a public IP address is to be used. This structure is relevant only for ECS tasks that use the awsvpc network mode. */ awsvpcConfiguration?: pulumi.Input; } /** * An object representing a constraint on task placement. */ interface SchedulePlacementConstraintArgs { /** * A cluster query language expression to apply to the constraint. You cannot specify an expression if the constraint type is distinctInstance. To learn more, see Cluster Query Language in the Amazon Elastic Container Service Developer Guide. */ expression?: pulumi.Input; /** * The type of constraint. Use `distinctInstance` to ensure that each task in a particular group is running on a different container instance. Use `memberOf` to restrict the selection to a group of valid candidates. */ type?: pulumi.Input; } /** * The task placement strategy for a task or service. */ interface SchedulePlacementStrategyArgs { /** * The field to apply the placement strategy against. For the spread placement strategy, valid values are instanceId (or host, which has the same effect), or any platform or custom attribute that is applied to a container instance, such as attribute:ecs.availability-zone. For the binpack placement strategy, valid values are cpu and memory. For the random placement strategy, this field is not used. */ field?: pulumi.Input; /** * The type of placement strategy. The random placement strategy randomly places tasks on available candidates. The spread placement strategy spreads placement across available candidates evenly based on the field parameter. The binpack strategy places tasks on available candidates that have the least available amount of the resource that is specified with the field parameter. For example, if you binpack on memory, a task is placed on the instance with the least amount of remaining memory (but still enough to run the task). */ type?: pulumi.Input; } /** * A RetryPolicy object that includes information about the retry policy settings. */ interface ScheduleRetryPolicyArgs { /** * The maximum amount of time, in seconds, to continue to make retry attempts. */ maximumEventAgeInSeconds?: pulumi.Input; /** * The maximum number of retry attempts to make before the request fails. Retry attempts with exponential backoff continue until either the maximum number of attempts is made or until the duration of the MaximumEventAgeInSeconds is reached. */ maximumRetryAttempts?: pulumi.Input; } /** * Name/Value pair of a parameter to start execution of a SageMaker Model Building Pipeline. */ interface ScheduleSageMakerPipelineParameterArgs { /** * Name of parameter to start execution of a SageMaker Model Building Pipeline. */ name: pulumi.Input; /** * Value of parameter to start execution of a SageMaker Model Building Pipeline. */ value: pulumi.Input; } /** * These are custom parameters to use when the target is a SageMaker Model Building Pipeline that starts based on AWS EventBridge Scheduler schedules. */ interface ScheduleSageMakerPipelineParametersArgs { /** * List of Parameter names and values for SageMaker Model Building Pipeline execution. */ pipelineParameterList?: pulumi.Input[]>; } /** * Contains the message group ID to use when the target is a FIFO queue. If you specify an SQS FIFO queue as a target, the queue must have content-based deduplication enabled. */ interface ScheduleSqsParametersArgs { /** * The FIFO message group ID to use as the target. */ messageGroupId?: pulumi.Input; } /** * The schedule target. */ interface ScheduleTargetArgs { /** * The Amazon Resource Name (ARN) of the target. */ arn: pulumi.Input; /** * An object that contains information about an Amazon SQS queue that EventBridge Scheduler uses as a dead-letter queue for your schedule. If specified, EventBridge Scheduler delivers failed events that could not be successfully delivered to a target to the queue. */ deadLetterConfig?: pulumi.Input; /** * The templated target type for the Amazon ECS [`RunTask`](https://docs.aws.amazon.com/AmazonECS/latest/APIReference/API_RunTask.html) API operation. */ ecsParameters?: pulumi.Input; /** * The templated target type for the EventBridge [`PutEvents`](https://docs.aws.amazon.com/eventbridge/latest/APIReference/API_PutEvents.html) API operation. */ eventBridgeParameters?: pulumi.Input; /** * The text, or well-formed JSON, passed to the target. If you are configuring a templated Lambda, AWS Step Functions, or Amazon EventBridge target, the input must be a well-formed JSON. For all other target types, a JSON is not required. If you do not specify anything for this field, EventBridge Scheduler delivers a default notification to the target. */ input?: pulumi.Input; /** * The templated target type for the Amazon Kinesis [`PutRecord`](https://docs.aws.amazon.com/kinesis/latest/APIReference/API_PutRecord.html) API operation. */ kinesisParameters?: pulumi.Input; /** * A `RetryPolicy` object that includes information about the retry policy settings, including the maximum age of an event, and the maximum number of times EventBridge Scheduler will try to deliver the event to a target. */ retryPolicy?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the IAM role to be used for this target when the schedule is triggered. */ roleArn: pulumi.Input; /** * The templated target type for the Amazon SageMaker [`StartPipelineExecution`](https://docs.aws.amazon.com/sagemaker/latest/APIReference/API_StartPipelineExecution.html) API operation. */ sageMakerPipelineParameters?: pulumi.Input; /** * The templated target type for the Amazon SQS [`SendMessage`](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/APIReference/API_SendMessage.html) API operation. Contains the message group ID to use when the target is a FIFO queue. If you specify an Amazon SQS FIFO queue as a target, the queue must have content-based deduplication enabled. For more information, see [Using the Amazon SQS message deduplication ID](https://docs.aws.amazon.com/AWSSimpleQueueService/latest/SQSDeveloperGuide/using-messagededuplicationid-property.html) in the *Amazon SQS Developer Guide* . */ sqsParameters?: pulumi.Input; } } export declare namespace secretsmanager { /** * The metadata needed to successfully rotate a managed external secret. Each metadata item is a key and value pair of strings in a JSON text string. */ interface RotationScheduleExternalSecretRotationMetadataItemArgs { /** * The key name of the metadata item. You can specify a value that's 1 to 256 characters in length. */ key: pulumi.Input; /** * The value for the metadata item. You can specify a value that's 1 to 2048 characters in length. */ value: pulumi.Input; } interface RotationScheduleHostedRotationLambdaArgs { /** * A string of the characters that you don't want in the password. */ excludeCharacters?: pulumi.Input; /** * The ARN of the KMS key that Secrets Manager uses to encrypt the secret. If you don't specify this value, then Secrets Manager uses the key aws/secretsmanager. If aws/secretsmanager doesn't yet exist, then Secrets Manager creates it for you automatically the first time it encrypts the secret value. */ kmsKeyArn?: pulumi.Input; /** * The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property. */ masterSecretArn?: pulumi.Input; /** * The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property. */ masterSecretKmsKeyArn?: pulumi.Input; /** * The name of the Lambda rotation function. */ rotationLambdaName?: pulumi.Input; /** * The type of rotation template to use */ rotationType: pulumi.Input; /** * The python runtime associated with the Lambda function */ runtime?: pulumi.Input; /** * The ARN of the secret that contains superuser credentials, if you use the alternating users rotation strategy. CloudFormation grants the execution role for the Lambda rotation function GetSecretValue permission to the secret in this property. */ superuserSecretArn?: pulumi.Input; /** * The ARN of the KMS key that Secrets Manager used to encrypt the superuser secret, if you use the alternating users strategy and the superuser secret is encrypted with a customer managed key. You don't need to specify this property if the superuser secret is encrypted using the key aws/secretsmanager. CloudFormation grants the execution role for the Lambda rotation function Decrypt, DescribeKey, and GenerateDataKey permission to the key in this property. */ superuserSecretKmsKeyArn?: pulumi.Input; /** * A comma-separated list of security group IDs applied to the target database. */ vpcSecurityGroupIds?: pulumi.Input; /** * A comma separated list of VPC subnet IDs of the target database network. The Lambda rotation function is in the same subnet group. */ vpcSubnetIds?: pulumi.Input; } interface RotationScheduleRotationRulesArgs { /** * The number of days between automatic scheduled rotations of the secret. You can use this value to check that your secret meets your compliance guidelines for how often secrets must be rotated. */ automaticallyAfterDays?: pulumi.Input; /** * The length of the rotation window in hours, for example 3h for a three hour window. Secrets Manager rotates your secret at any time during this window. The window must not extend into the next rotation window or the next UTC day. The window starts according to the ScheduleExpression. If you don't specify a Duration, for a ScheduleExpression in hours, the window automatically closes after one hour. For a ScheduleExpression in days, the window automatically closes at the end of the UTC day. */ duration?: pulumi.Input; /** * A cron() or rate() expression that defines the schedule for rotating your secret. Secrets Manager rotation schedules use UTC time zone. */ scheduleExpression?: pulumi.Input; } /** * Generates a random password. We recommend that you specify the maximum length and include every character type that the system you are generating a password for can support. * *Required permissions:*``secretsmanager:GetRandomPassword``. For more information, see [IAM policy actions for Secrets Manager](https://docs.aws.amazon.com/service-authorization/latest/reference/list_awssecretsmanager.html#awssecretsmanager-actions-as-permissions) and [Authentication and access control in Secrets Manager](https://docs.aws.amazon.com/secretsmanager/latest/userguide/auth-and-access.html). */ interface SecretGenerateSecretStringArgs { /** * A string of the characters that you don't want in the password. */ excludeCharacters?: pulumi.Input; /** * Specifies whether to exclude lowercase letters from the password. If you don't include this switch, the password can contain lowercase letters. */ excludeLowercase?: pulumi.Input; /** * Specifies whether to exclude numbers from the password. If you don't include this switch, the password can contain numbers. */ excludeNumbers?: pulumi.Input; /** * Specifies whether to exclude the following punctuation characters from the password: ``! " # $ % & ' ( ) * + , - . / : ; < = > ? @ [ \ ] ^ _ ` { | } ~``. If you don't include this switch, the password can contain punctuation. */ excludePunctuation?: pulumi.Input; /** * Specifies whether to exclude uppercase letters from the password. If you don't include this switch, the password can contain uppercase letters. */ excludeUppercase?: pulumi.Input; /** * The JSON key name for the key/value pair, where the value is the generated password. This pair is added to the JSON structure specified by the ``SecretStringTemplate`` parameter. If you specify this parameter, then you must also specify ``SecretStringTemplate``. */ generateStringKey?: pulumi.Input; /** * Specifies whether to include the space character. If you include this switch, the password can contain space characters. */ includeSpace?: pulumi.Input; /** * The length of the password. If you don't include this parameter, the default length is 32 characters. */ passwordLength?: pulumi.Input; /** * Specifies whether to include at least one upper and lowercase letter, one number, and one punctuation. If you don't include this switch, the password contains at least one of every character type. */ requireEachIncludedType?: pulumi.Input; /** * A template that the generated string must match. When you make a change to this property, a new secret version is created. */ secretStringTemplate?: pulumi.Input; } /** * Specifies a ``Region`` and the ``KmsKeyId`` for a replica secret. */ interface SecretReplicaRegionArgs { /** * The ARN, key ID, or alias of the KMS key to encrypt the secret. If you don't include this field, Secrets Manager uses ``aws/secretsmanager``. */ kmsKeyId?: pulumi.Input; /** * A string that represents a ``Region``, for example "us-east-1". */ region: pulumi.Input; } } export declare namespace securityagent { /** * AWS resource configuration */ interface AgentSpaceAwsResourcesArgs { /** * IAM role ARNs */ iamRoles?: pulumi.Input[]>; /** * Lambda function ARNs used to retrieve tester credentials for pentests */ lambdaFunctionArns?: pulumi.Input[]>; /** * CloudWatch log group ARNs */ logGroups?: pulumi.Input[]>; /** * S3 bucket ARNs */ s3Buckets?: pulumi.Input[]>; /** * SecretsManager secret ARNs used to store tester credentials for pentests */ secretArns?: pulumi.Input[]>; /** * VPC configurations */ vpcs?: pulumi.Input[]>; } /** * Details of code review settings */ interface AgentSpaceCodeReviewSettingsArgs { /** * Whether Controls are utilized for code review analysis */ controlsScanning: pulumi.Input; /** * Whether general purpose analysis is performed for code review */ generalPurposeScanning: pulumi.Input; } /** * GitHub repository capabilities */ interface AgentSpaceGitHubCapabilitiesResourceArgs { /** * Enables Code Review in the repository */ leaveComments: pulumi.Input; /** * Enables creation of pull requests with automated fixes */ remediateCode: pulumi.Input; } /** * GitHub repository details */ interface AgentSpaceGitHubRepositoryResourceArgs { /** * GitHub repository name */ name: pulumi.Input; /** * GitHub repository owner (user or organization) */ owner: pulumi.Input; } /** * Integrated Resource details */ interface AgentSpaceIntegratedResourceArgs { /** * Unique identifier of the Provider Integration */ integration: pulumi.Input; /** * List of selected Resources from the Integration */ providerResources: pulumi.Input[]>; } /** * Selected Resource (eg: Code Repository) from an Integration */ interface AgentSpaceProviderResourceArgs { gitHubCapabilities?: pulumi.Input; gitHubRepository?: pulumi.Input; } /** * Customer VPC configuration that the security testing environment accesses */ interface AgentSpaceVpcConfigArgs { /** * List of security group ARNs in the customer VPC */ securityGroupArns?: pulumi.Input[]>; /** * List of subnet ARNs in the customer VPC */ subnetArns?: pulumi.Input[]>; /** * ARN of the customer VPC */ vpcArn?: pulumi.Input; } interface ApplicationIdCConfigurationArgs { idCApplicationArn?: pulumi.Input; idCInstanceArn?: pulumi.Input; } /** * An authenticated actor to be used during pentest execution */ interface PentestActorArgs { /** * Authentication credentials for this actor */ authentication?: pulumi.Input; /** * Description of the actor */ description?: pulumi.Input; /** * Identifier for the actor */ identifier?: pulumi.Input; /** * List of URIs this actor is authorized to access */ uris?: pulumi.Input[]>; } /** * Collection of assets to be tested during the pentest */ interface PentestAssetsArgs { /** * List of actors used during testing */ actors?: pulumi.Input[]>; /** * List of documents providing additional context for the pentest */ documents?: pulumi.Input[]>; /** * List of endpoints to test */ endpoints?: pulumi.Input[]>; /** * List of repositories connected via provider integrations */ integratedRepositories?: pulumi.Input[]>; /** * List of source code repositories to analyze */ sourceCode?: pulumi.Input[]>; } /** * Authentication configuration for a pentest actor */ interface PentestAuthenticationArgs { /** * Type of authentication provider */ providerType?: pulumi.Input; /** * Reference value for the authentication provider, such as a secret ARN or Lambda ARN */ value?: pulumi.Input; } /** * CloudWatch Logs configuration for pentest output */ interface PentestCloudWatchLogArgs { /** * CloudWatch log group */ logGroup?: pulumi.Input; /** * CloudWatch log stream */ logStream?: pulumi.Input; } /** * A custom header to include in outbound requests */ interface PentestCustomHeaderArgs { /** * Name of the header */ name?: pulumi.Input; /** * Value of the header */ value?: pulumi.Input; } /** * A document stored in S3 that provides context for the pentest */ interface PentestDocumentInfoArgs { /** * Artifact identifier */ artifactId?: pulumi.Input; /** * S3 document location */ s3Location?: pulumi.Input; } /** * An endpoint to be tested during the pentest */ interface PentestEndpointArgs { /** * URI of the endpoint to test */ uri?: pulumi.Input; } /** * A repository connected via a provider integration */ interface PentestIntegratedRepositoryArgs { /** * Unique identifier of the provider integration */ integrationId: pulumi.Input; /** * Identifier of the resource within the provider integration */ providerResourceId: pulumi.Input; } /** * Network traffic configuration for the pentest */ interface PentestNetworkTrafficConfigArgs { /** * Custom headers to include in outbound requests */ customHeaders?: pulumi.Input[]>; /** * Ordered list of network traffic rules */ rules?: pulumi.Input[]>; } /** * Network traffic rule */ interface PentestNetworkTrafficRuleArgs { /** * Whether to allow or deny traffic matching this rule */ effect?: pulumi.Input; /** * Type of pattern matching for this rule */ networkTrafficRuleType?: pulumi.Input; /** * URL pattern this rule applies to */ pattern?: pulumi.Input; } /** * A source code archive stored in S3 for analysis during the pentest */ interface PentestSourceCodeRepositoryArgs { /** * S3 source code location */ s3Location?: pulumi.Input; } /** * VPC configuration that the pentest agent accesses */ interface PentestVpcConfigArgs { /** * List of security groups in the VPC */ securityGroupArns?: pulumi.Input[]>; /** * List of subnets in the VPC */ subnetArns?: pulumi.Input[]>; vpcArn?: pulumi.Input; } } export declare namespace securityhub { /** * A date filter for querying findings. */ interface AutomationRuleDateFilterArgs { /** * A date range for the date filter. */ dateRange?: pulumi.Input; /** * A timestamp that provides the end date for the date filter. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). */ end?: pulumi.Input; /** * A timestamp that provides the start date for the date filter. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). */ start?: pulumi.Input; } /** * A date range for the date filter. */ interface AutomationRuleDateRangeArgs { /** * A date range unit for the date filter. */ unit: pulumi.Input; /** * A date range value for the date filter. */ value: pulumi.Input; } /** * A map filter for filtering ASHlong findings. Each map filter provides the field to check for, the value to check for, and the comparison operator. */ interface AutomationRuleMapFilterArgs { /** * The condition to apply to the key value when filtering Security Hub CSPM findings with a map filter. * To search for values that have the filter value, use one of the following comparison operators: * + To search for values that include the filter value, use ``CONTAINS``. For example, for the ``ResourceTags`` field, the filter ``Department CONTAINS Security`` matches findings that include the value ``Security`` for the ``Department`` tag. In the same example, a finding with a value of ``Security team`` for the ``Department`` tag is a match. * + To search for values that exactly match the filter value, use ``EQUALS``. For example, for the ``ResourceTags`` field, the filter ``Department EQUALS Security`` matches findings that have the value ``Security`` for the ``Department`` tag. * * ``CONTAINS`` and ``EQUALS`` filters on the same field are joined by ``OR``. A finding matches if it matches any one of those filters. For example, the filters ``Department CONTAINS Security OR Department CONTAINS Finance`` match a finding that includes either ``Security``, ``Finance``, or both values. * To search for values that don't have the filter value, use one of the following comparison operators: * + To search for values that exclude the filter value, use ``NOT_CONTAINS``. For example, for the ``ResourceTags`` field, the filter ``Department NOT_CONTAINS Finance`` matches findings that exclude the value ``Finance`` for the ``Department`` tag. * + To search for values other than the filter value, use ``NOT_EQUALS``. For example, for the ``ResourceTags`` field, the filter ``Department NOT_EQUALS Finance`` matches findings that don’t have the value ``Finance`` for the ``Department`` tag. * * ``NOT_CONTAINS`` and ``NOT_EQUALS`` filters on the same field are joined by ``AND``. A finding matches only if it matches all of those filters. For example, the filters ``Department NOT_CONTAINS Security AND Department NOT_CONTAINS Finance`` match a finding that excludes both the ``Security`` and ``Finance`` values. * ``CONTAINS`` filters can only be used with other ``CONTAINS`` filters. ``NOT_CONTAINS`` filters can only be used with other ``NOT_CONTAINS`` filters. * You can’t have both a ``CONTAINS`` filter and a ``NOT_CONTAINS`` filter on the same field. Similarly, you can’t have both an ``EQUALS`` filter and a ``NOT_EQUALS`` filter on the same field. Combining filters in this way returns an error. * ``CONTAINS`` and ``NOT_CONTAINS`` operators can be used only with automation rules. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*. */ comparison: pulumi.Input; /** * The key of the map filter. For example, for ``ResourceTags``, ``Key`` identifies the name of the tag. For ``UserDefinedFields``, ``Key`` is the name of the field. */ key: pulumi.Input; /** * The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called ``Department`` might be ``Security``. If you provide ``security`` as the filter value, then there's no match. */ value: pulumi.Input; } /** * The updated note. */ interface AutomationRuleNoteUpdateArgs { /** * The updated note text. */ text: pulumi.Input; /** * The principal that updated the note. */ updatedBy: pulumi.Input; } /** * A number filter for querying findings. */ interface AutomationRuleNumberFilterArgs { /** * The equal-to condition to be applied to a single field when querying for findings. */ eq?: pulumi.Input; /** * The greater-than-equal condition to be applied to a single field when querying for findings. */ gte?: pulumi.Input; /** * The less-than-equal condition to be applied to a single field when querying for findings. */ lte?: pulumi.Input; } /** * Provides details about a list of findings that the current finding relates to. */ interface AutomationRuleRelatedFindingArgs { /** * The product-generated identifier for a related finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ id: pulumi.Input; /** * The Amazon Resource Name (ARN) for the product that generated a related finding. */ productArn: pulumi.Input; } /** * Updates to the severity information for a finding. */ interface AutomationRuleSeverityUpdateArgs { /** * The severity value of the finding. The allowed values are the following. * + ``INFORMATIONAL`` - No issue was found. * + ``LOW`` - The issue does not require action on its own. * + ``MEDIUM`` - The issue must be addressed but not urgently. * + ``HIGH`` - The issue must be addressed as a priority. * + ``CRITICAL`` - The issue must be remediated immediately to avoid it escalating. */ label?: pulumi.Input; /** * The normalized severity for the finding. This attribute is to be deprecated in favor of ``Label``. * If you provide ``Normalized`` and don't provide ``Label``, ``Label`` is set automatically as follows. * + 0 - ``INFORMATIONAL`` * + 1–39 - ``LOW`` * + 40–69 - ``MEDIUM`` * + 70–89 - ``HIGH`` * + 90–100 - ``CRITICAL`` */ normalized?: pulumi.Input; /** * The native severity as defined by the AWS service or integrated partner product that generated the finding. */ product?: pulumi.Input; } /** * A string filter for filtering ASHlong findings. */ interface AutomationRuleStringFilterArgs { /** * The condition to apply to a string value when filtering Security Hub CSPM findings. * To search for values that have the filter value, use one of the following comparison operators: * + To search for values that include the filter value, use ``CONTAINS``. For example, the filter ``Title CONTAINS CloudFront`` matches findings that have a ``Title`` that includes the string CloudFront. * + To search for values that exactly match the filter value, use ``EQUALS``. For example, the filter ``AwsAccountId EQUALS 123456789012`` only matches findings that have an account ID of ``123456789012``. * + To search for values that start with the filter value, use ``PREFIX``. For example, the filter ``ResourceRegion PREFIX us`` matches findings that have a ``ResourceRegion`` that starts with ``us``. A ``ResourceRegion`` that starts with a different value, such as ``af``, ``ap``, or ``ca``, doesn't match. * * ``CONTAINS``, ``EQUALS``, and ``PREFIX`` filters on the same field are joined by ``OR``. A finding matches if it matches any one of those filters. For example, the filters ``Title CONTAINS CloudFront OR Title CONTAINS CloudWatch`` match a finding that includes either ``CloudFront``, ``CloudWatch``, or both strings in the title. * To search for values that don’t have the filter value, use one of the following comparison operators: * + To search for values that exclude the filter value, use ``NOT_CONTAINS``. For example, the filter ``Title NOT_CONTAINS CloudFront`` matches findings that have a ``Title`` that excludes the string CloudFront. * + To search for values other than the filter value, use ``NOT_EQUALS``. For example, the filter ``AwsAccountId NOT_EQUALS 123456789012`` only matches findings that have an account ID other than ``123456789012``. * + To search for values that don't start with the filter value, use ``PREFIX_NOT_EQUALS``. For example, the filter ``ResourceRegion PREFIX_NOT_EQUALS us`` matches findings with a ``ResourceRegion`` that starts with a value other than ``us``. * * ``NOT_CONTAINS``, ``NOT_EQUALS``, and ``PREFIX_NOT_EQUALS`` filters on the same field are joined by ``AND``. A finding matches only if it matches all of those filters. For example, the filters ``Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch`` match a finding that excludes both ``CloudFront`` and ``CloudWatch`` in the title. * You can’t have both a ``CONTAINS`` filter and a ``NOT_CONTAINS`` filter on the same field. Similarly, you can't provide both an ``EQUALS`` filter and a ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filter on the same field. Combining filters in this way returns an error. ``CONTAINS`` filters can only be used with other ``CONTAINS`` filters. ``NOT_CONTAINS`` filters can only be used with other ``NOT_CONTAINS`` filters. * You can combine ``PREFIX`` filters with ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filters for the same field. Security Hub CSPM first processes the ``PREFIX`` filters, and then the ``NOT_EQUALS`` or ``PREFIX_NOT_EQUALS`` filters. * For example, for the following filters, Security Hub CSPM first identifies findings that have resource types that start with either ``AwsIam`` or ``AwsEc2``. It then excludes findings that have a resource type of ``AwsIamPolicy`` and findings that have a resource type of ``AwsEc2NetworkInterface``. * + ``ResourceType PREFIX AwsIam`` * + ``ResourceType PREFIX AwsEc2`` * + ``ResourceType NOT_EQUALS AwsIamPolicy`` * + ``ResourceType NOT_EQUALS AwsEc2NetworkInterface`` * * ``CONTAINS`` and ``NOT_CONTAINS`` operators can be used only with automation rules V1. ``CONTAINS_WORD`` operator is only supported in ``GetFindingsV2``, ``GetFindingStatisticsV2``, ``GetResourcesV2``, and ``GetResourceStatisticsV2`` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *User Guide*. */ comparison: pulumi.Input; /** * The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is ``Security Hub CSPM``. If you provide ``security hub`` as the filter value, there's no match. */ value: pulumi.Input; } /** * Allows you to configure automated responses */ interface AutomationRuleV2AutomationRulesActionV2Args { /** * The settings for integrating automation rule actions with external systems or service. */ externalIntegrationConfiguration?: pulumi.Input; /** * Specifies that the automation rule action is an update to a finding field. */ findingFieldsUpdate?: pulumi.Input; /** * The category of action to be executed by the automation rule */ type: pulumi.Input; } /** * The changes to be applied to fields in a security finding when an automation rule is triggered */ interface AutomationRuleV2AutomationRulesFindingFieldsUpdateV2Args { /** * Notes or contextual information for findings that are modified by the automation rule */ comment?: pulumi.Input; /** * The severity level to be assigned to findings that match the automation rule criteria */ severityId?: pulumi.Input; /** * The status to be applied to findings that match automation rule criteria */ statusId?: pulumi.Input; } /** * Boolean filter for querying findings */ interface AutomationRuleV2BooleanFilterArgs { /** * The value of the boolean */ value: pulumi.Input; } /** * Enables the creation of filtering criteria for security findings */ interface AutomationRuleV2CompositeFilterArgs { /** * Enables filtering based on boolean field values */ booleanFilters?: pulumi.Input[]>; /** * Enables filtering based on date and timestamp fields */ dateFilters?: pulumi.Input[]>; /** * Enables filtering based on map field value */ mapFilters?: pulumi.Input[]>; /** * Enables filtering based on numerical field values */ numberFilters?: pulumi.Input[]>; /** * The logical operator used to combine multiple filter conditions. */ operator?: pulumi.Input; /** * Enables filtering based on string field values */ stringFilters?: pulumi.Input[]>; } /** * Defines the parameters and conditions used to evaluate and filter security findings */ interface AutomationRuleV2CriteriaArgs { /** * The filtering conditions that align with OCSF standards. */ ocsfFindingCriteria?: pulumi.Input; } /** * A date filter for querying findings */ interface AutomationRuleV2DateFilterArgs { /** * A date range for the date filter. */ dateRange?: pulumi.Input; /** * A timestamp that provides the end date for the date filter. * * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) . */ end?: pulumi.Input; /** * A timestamp that provides the start date for the date filter. * * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) . */ start?: pulumi.Input; } /** * A date range for the date filter */ interface AutomationRuleV2DateRangeArgs { /** * A date range unit for the date filter */ unit: pulumi.Input; /** * A date range value for the date filter */ value: pulumi.Input; } /** * The settings for integrating automation rule actions with external systems or service */ interface AutomationRuleV2ExternalIntegrationConfigurationArgs { /** * The ARN of the connector that establishes the integration */ connectorArn?: pulumi.Input; } /** * A map filter for filtering findings */ interface AutomationRuleV2MapFilterArgs { /** * The condition to apply to the key value when filtering findings with a map filter */ comparison: pulumi.Input; /** * The key of the map filter */ key: pulumi.Input; /** * The value for the key in the map filter */ value: pulumi.Input; } /** * A number filter for querying findings */ interface AutomationRuleV2NumberFilterArgs { /** * The equal-to condition to be applied to a single field when querying for findings */ eq?: pulumi.Input; /** * The greater-than-equal condition to be applied to a single field when querying for findings */ gte?: pulumi.Input; /** * The less-than-equal condition to be applied to a single field when querying for findings */ lte?: pulumi.Input; } /** * Enables filtering of security findings based on boolean field values in OCSF */ interface AutomationRuleV2OcsfBooleanFilterArgs { /** * The name of the field */ fieldName: pulumi.Input; /** * Enables filtering of security findings based on boolean field values in OCSF. */ filter: pulumi.Input; } /** * Enables filtering of security findings based on date and timestamp fields in OCSF */ interface AutomationRuleV2OcsfDateFilterArgs { /** * The name of the field */ fieldName: pulumi.Input; /** * Enables filtering of security findings based on date and timestamp fields in OCSF. */ filter: pulumi.Input; } /** * The filtering conditions that align with OCSF standards */ interface AutomationRuleV2OcsfFindingFiltersArgs { /** * Enables the creation of complex filtering conditions by combining filter */ compositeFilters?: pulumi.Input[]>; /** * The logical operators used to combine the filtering on multiple `CompositeFilters` . */ compositeOperator?: pulumi.Input; } /** * Enables filtering of security findings based on map field values in OCSF */ interface AutomationRuleV2OcsfMapFilterArgs { /** * The name of the field */ fieldName: pulumi.Input; /** * Enables filtering of security findings based on map field values in OCSF. */ filter: pulumi.Input; } /** * Enables filtering of security findings based on numerical field values in OCSF */ interface AutomationRuleV2OcsfNumberFilterArgs { /** * The name of the field */ fieldName: pulumi.Input; /** * Enables filtering of security findings based on numerical field values in OCSF. */ filter: pulumi.Input; } /** * Enables filtering of security findings based on string field values in OCSF */ interface AutomationRuleV2OcsfStringFilterArgs { /** * The name of the field. */ fieldName: pulumi.Input; /** * Enables filtering of security findings based on string field values in OCSF. */ filter: pulumi.Input; } /** * A string filter for filtering findings */ interface AutomationRuleV2StringFilterArgs { /** * The condition to apply to a string value when filtering findings */ comparison: pulumi.Input; /** * The string filter value */ value: pulumi.Input; } /** * Used to update information about the investigation into the finding. */ interface AutomationRuleWorkflowUpdateArgs { /** * The status of the investigation into the finding. The workflow status is specific to an individual finding. It does not affect the generation of new findings. For example, setting the workflow status to ``SUPPRESSED`` or ``RESOLVED`` does not prevent a new finding for the same issue. * The allowed values are the following. * + ``NEW`` - The initial state of a finding, before it is reviewed. * Security Hub CSPM also resets ``WorkFlowStatus`` from ``NOTIFIED`` or ``RESOLVED`` to ``NEW`` in the following cases: * + The record state changes from ``ARCHIVED`` to ``ACTIVE``. * + The compliance status changes from ``PASSED`` to either ``WARNING``, ``FAILED``, or ``NOT_AVAILABLE``. * * + ``NOTIFIED`` - Indicates that you notified the resource owner about the security issue. Used when the initial reviewer is not the resource owner, and needs intervention from the resource owner. * + ``RESOLVED`` - The finding was reviewed and remediated and is now considered resolved. * + ``SUPPRESSED`` - Indicates that you reviewed the finding and don't believe that any action is needed. The finding is no longer updated. */ status: pulumi.Input; } /** * One or more actions that ASHlong takes when a finding matches the defined criteria of a rule. */ interface AutomationRulesActionArgs { /** * Specifies that the automation rule action is an update to a finding field. */ findingFieldsUpdate: pulumi.Input; /** * Specifies the type of action that Security Hub CSPM takes when a finding matches the defined criteria of a rule. */ type: pulumi.Input; } /** * Identifies the finding fields that the automation rule action updates when a finding matches the defined criteria. */ interface AutomationRulesFindingFieldsUpdateArgs { /** * The rule action updates the ``Confidence`` field of a finding. */ confidence?: pulumi.Input; /** * The rule action updates the ``Criticality`` field of a finding. */ criticality?: pulumi.Input; /** * The rule action will update the ``Note`` field of a finding. */ note?: pulumi.Input; /** * The rule action will update the ``RelatedFindings`` field of a finding. */ relatedFindings?: pulumi.Input[]>; /** * The rule action will update the ``Severity`` field of a finding. */ severity?: pulumi.Input; /** * The rule action updates the ``Types`` field of a finding. */ types?: pulumi.Input[]>; /** * The rule action updates the ``UserDefinedFields`` field of a finding. */ userDefinedFields?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The rule action updates the ``VerificationState`` field of a finding. */ verificationState?: pulumi.Input; /** * The rule action will update the ``Workflow`` field of a finding. */ workflow?: pulumi.Input; } /** * The criteria that determine which findings a rule applies to. */ interface AutomationRulesFindingFiltersArgs { /** * The AWS-account ID in which a finding was generated. * Array Members: Minimum number of 1 item. Maximum number of 100 items. */ awsAccountId?: pulumi.Input[]>; /** * The name of the company for the product that generated the finding. For control-based findings, the company is AWS. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ companyName?: pulumi.Input[]>; /** * The unique identifier of a standard in which a control is enabled. This field consists of the resource portion of the Amazon Resource Name (ARN) returned for a standard in the [DescribeStandards](https://docs.aws.amazon.com/securityhub/1.0/APIReference/API_DescribeStandards.html) API response. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ complianceAssociatedStandardsId?: pulumi.Input[]>; /** * The security control ID for which a finding was generated. Security control IDs are the same across standards. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ complianceSecurityControlId?: pulumi.Input[]>; /** * The result of a security check. This field is only used for findings generated from controls. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ complianceStatus?: pulumi.Input[]>; /** * The likelihood that a finding accurately identifies the behavior or issue that it was intended to identify. ``Confidence`` is scored on a 0–100 basis using a ratio scale. A value of ``0`` means 0 percent confidence, and a value of ``100`` means 100 percent confidence. For example, a data exfiltration detection based on a statistical deviation of network traffic has low confidence because an actual exfiltration hasn't been verified. For more information, see [Confidence](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-confidence) in the *User Guide*. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ confidence?: pulumi.Input[]>; /** * A timestamp that indicates when this finding record was created. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ createdAt?: pulumi.Input[]>; /** * The level of importance that is assigned to the resources that are associated with a finding. ``Criticality`` is scored on a 0–100 basis, using a ratio scale that supports only full integers. A score of ``0`` means that the underlying resources have no criticality, and a score of ``100`` is reserved for the most critical resources. For more information, see [Criticality](https://docs.aws.amazon.com/securityhub/latest/userguide/asff-top-level-attributes.html#asff-criticality) in the *User Guide*. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ criticality?: pulumi.Input[]>; /** * A finding's description. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ description?: pulumi.Input[]>; /** * A timestamp that indicates when the potential security issue captured by a finding was first observed by the security findings product. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ firstObservedAt?: pulumi.Input[]>; /** * The identifier for the solution-specific component that generated a finding. * Array Members: Minimum number of 1 item. Maximum number of 100 items. */ generatorId?: pulumi.Input[]>; /** * The product-specific identifier for a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ id?: pulumi.Input[]>; /** * A timestamp that indicates when the security findings provider most recently observed a change in the resource that is involved in the finding. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ lastObservedAt?: pulumi.Input[]>; /** * The text of a user-defined note that's added to a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ noteText?: pulumi.Input[]>; /** * The timestamp of when the note was updated. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ noteUpdatedAt?: pulumi.Input[]>; /** * The principal that created a note. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ noteUpdatedBy?: pulumi.Input[]>; /** * The Amazon Resource Name (ARN) for a third-party product that generated a finding in Security Hub CSPM. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ productArn?: pulumi.Input[]>; /** * Provides the name of the product that generated the finding. For control-based findings, the product name is Security Hub CSPM. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ productName?: pulumi.Input[]>; /** * Provides the current state of a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ recordState?: pulumi.Input[]>; /** * The product-generated identifier for a related finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ relatedFindingsId?: pulumi.Input[]>; /** * The ARN for the product that generated a related finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ relatedFindingsProductArn?: pulumi.Input[]>; /** * Custom fields and values about the resource that a finding pertains to. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ resourceDetailsOther?: pulumi.Input[]>; /** * The identifier for the given resource type. For AWS resources that are identified by Amazon Resource Names (ARNs), this is the ARN. For AWS resources that lack ARNs, this is the identifier as defined by the AWS-service that created the resource. For non-AWS resources, this is a unique identifier that is associated with the resource. * Array Members: Minimum number of 1 item. Maximum number of 100 items. */ resourceId?: pulumi.Input[]>; /** * The partition in which the resource that the finding pertains to is located. A partition is a group of AWS-Regions. Each AWS-account is scoped to one partition. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ resourcePartition?: pulumi.Input[]>; /** * The AWS-Region where the resource that a finding pertains to is located. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ resourceRegion?: pulumi.Input[]>; /** * A list of AWS tags associated with a resource at the time the finding was processed. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ resourceTags?: pulumi.Input[]>; /** * A finding's title. * Array Members: Minimum number of 1 item. Maximum number of 100 items. */ resourceType?: pulumi.Input[]>; /** * The severity value of the finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ severityLabel?: pulumi.Input[]>; /** * Provides a URL that links to a page about the current finding in the finding product. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ sourceUrl?: pulumi.Input[]>; /** * A finding's title. * Array Members: Minimum number of 1 item. Maximum number of 100 items. */ title?: pulumi.Input[]>; /** * One or more finding types in the format of namespace/category/classifier that classify a finding. For a list of namespaces, classifiers, and categories, see [Types taxonomy for ASFF](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-findings-format-type-taxonomy.html) in the *User Guide*. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ type?: pulumi.Input[]>; /** * A timestamp that indicates when the finding record was most recently updated. * For more information about the validation and formatting of timestamp fields in ASHlong, see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps). * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ updatedAt?: pulumi.Input[]>; /** * A list of user-defined name and value string pairs added to a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ userDefinedFields?: pulumi.Input[]>; /** * Provides the veracity of a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ verificationState?: pulumi.Input[]>; /** * Provides information about the status of the investigation into a finding. * Array Members: Minimum number of 1 item. Maximum number of 20 items. */ workflowStatus?: pulumi.Input[]>; } /** * An object that provides the current value of a security control parameter and identifies whether it has been customized. */ interface ConfigurationPolicyParameterConfigurationArgs { value?: pulumi.Input; /** * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub behavior. */ valueType: pulumi.Input; } /** * An object that includes the data type of a security control parameter and its current value. */ interface ConfigurationPolicyParameterValueArgs { /** * A control parameter that is a boolean. */ boolean?: pulumi.Input; /** * A control parameter that is a double. */ double?: pulumi.Input; /** * A control parameter that is an enum. */ enum?: pulumi.Input; /** * A control parameter that is a list of enums. */ enumList?: pulumi.Input[]>; /** * A control parameter that is an integer. */ integer?: pulumi.Input; /** * A control parameter that is a list of integers. */ integerList?: pulumi.Input[]>; /** * A control parameter that is a string. */ string?: pulumi.Input; /** * A control parameter that is a list of strings. */ stringList?: pulumi.Input[]>; } /** * An object that defines how Security Hub is configured. */ interface ConfigurationPolicyPolicyArgs { /** * The AWS service that the configuration policy applies to. */ securityHub?: pulumi.Input; } /** * An object of security control and control parameter value that are included in a configuration policy. */ interface ConfigurationPolicySecurityControlCustomParameterArgs { /** * An object that specifies parameter values for a control in a configuration policy. */ parameters?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The ID of the security control. */ securityControlId?: pulumi.Input; } /** * An object that defines which security controls are enabled in an AWS Security Hub configuration policy. */ interface ConfigurationPolicySecurityControlsConfigurationArgs { /** * A list of security controls that are disabled in the configuration policy */ disabledSecurityControlIdentifiers?: pulumi.Input[]>; /** * A list of security controls that are enabled in the configuration policy. */ enabledSecurityControlIdentifiers?: pulumi.Input[]>; /** * A list of security controls and control parameter values that are included in a configuration policy. */ securityControlCustomParameters?: pulumi.Input[]>; } /** * An object that defines how AWS Security Hub is configured. */ interface ConfigurationPolicySecurityHubPolicyArgs { /** * A list that defines which security standards are enabled in the configuration policy. */ enabledStandardIdentifiers?: pulumi.Input[]>; /** * An object that defines which security controls are enabled in the configuration policy. The enablement status of a control is aligned across all of the enabled standards in an account. * * This property is required only if `ServiceEnabled` is set to true in your configuration policy. */ securityControlsConfiguration?: pulumi.Input; /** * Indicates whether Security Hub is enabled in the policy. */ serviceEnabled?: pulumi.Input; } /** * The third-party provider configuration for the connector */ interface ConnectorV2ProviderArgs { } /** * A collection of filters that are applied to all active findings aggregated by AWS Security Hub. */ interface InsightAwsSecurityFindingFiltersArgs { /** * The AWS account ID in which a finding is generated. */ awsAccountId?: pulumi.Input[]>; /** * The name of the AWS account in which a finding is generated. */ awsAccountName?: pulumi.Input[]>; /** * The name of the findings provider (company) that owns the solution (product) that generates findings. */ companyName?: pulumi.Input[]>; /** * The unique identifier of a standard in which a control is enabled. */ complianceAssociatedStandardsId?: pulumi.Input[]>; /** * The unique identifier of a control across standards. */ complianceSecurityControlId?: pulumi.Input[]>; /** * The name of a security control parameter. */ complianceSecurityControlParametersName?: pulumi.Input[]>; /** * The current value of a security control parameter. */ complianceSecurityControlParametersValue?: pulumi.Input[]>; /** * Exclusive to findings that are generated as the result of a check run against a specific rule in a supported standard. */ complianceStatus?: pulumi.Input[]>; /** * A finding's confidence. */ confidence?: pulumi.Input[]>; /** * An ISO8601-formatted timestamp that indicates when the security findings provider captured the potential security issue that a finding captured. */ createdAt?: pulumi.Input[]>; /** * The level of importance assigned to the resources associated with the finding. */ criticality?: pulumi.Input[]>; /** * A finding's description. */ description?: pulumi.Input[]>; /** * The finding provider value for the finding confidence. */ findingProviderFieldsConfidence?: pulumi.Input[]>; /** * The finding provider value for the level of importance assigned to the resources associated with the findings. */ findingProviderFieldsCriticality?: pulumi.Input[]>; /** * The finding identifier of a related finding that is identified by the finding provider. */ findingProviderFieldsRelatedFindingsId?: pulumi.Input[]>; /** * The ARN of the solution that generated a related finding that is identified by the finding provider. */ findingProviderFieldsRelatedFindingsProductArn?: pulumi.Input[]>; /** * The finding provider value for the severity label. */ findingProviderFieldsSeverityLabel?: pulumi.Input[]>; /** * The finding provider's original value for the severity. */ findingProviderFieldsSeverityOriginal?: pulumi.Input[]>; /** * One or more finding types that the finding provider assigned to the finding. */ findingProviderFieldsTypes?: pulumi.Input[]>; /** * An ISO8601-formatted timestamp that indicates when the security findings provider first observed the potential security issue that a finding captured. */ firstObservedAt?: pulumi.Input[]>; /** * The identifier for the solution-specific component (a discrete unit of logic) that generated a finding. */ generatorId?: pulumi.Input[]>; /** * The security findings provider-specific identifier for a finding. */ id?: pulumi.Input[]>; /** * A keyword for a finding. */ keyword?: pulumi.Input[]>; /** * An ISO8601-formatted timestamp that indicates when the security findings provider most recently observed the potential security issue that a finding captured. */ lastObservedAt?: pulumi.Input[]>; /** * The name of the malware that was observed. */ malwareName?: pulumi.Input[]>; /** * The filesystem path of the malware that was observed. */ malwarePath?: pulumi.Input[]>; /** * The state of the malware that was observed. */ malwareState?: pulumi.Input[]>; /** * The type of the malware that was observed. */ malwareType?: pulumi.Input[]>; /** * The destination domain of network-related information about a finding. */ networkDestinationDomain?: pulumi.Input[]>; /** * The destination IPv4 address of network-related information about a finding. */ networkDestinationIpV4?: pulumi.Input[]>; /** * The destination IPv6 address of network-related information about a finding. */ networkDestinationIpV6?: pulumi.Input[]>; /** * The destination port of network-related information about a finding. */ networkDestinationPort?: pulumi.Input[]>; /** * Indicates the direction of network traffic associated with a finding. */ networkDirection?: pulumi.Input[]>; /** * The protocol of network-related information about a finding. */ networkProtocol?: pulumi.Input[]>; /** * The source domain of network-related information about a finding. */ networkSourceDomain?: pulumi.Input[]>; /** * The source IPv4 address of network-related information about a finding. */ networkSourceIpV4?: pulumi.Input[]>; /** * The source IPv6 address of network-related information about a finding. */ networkSourceIpV6?: pulumi.Input[]>; /** * The source media access control (MAC) address of network-related information about a finding. */ networkSourceMac?: pulumi.Input[]>; /** * The source port of network-related information about a finding. */ networkSourcePort?: pulumi.Input[]>; /** * The text of a note. */ noteText?: pulumi.Input[]>; /** * The timestamp of when the note was updated. */ noteUpdatedAt?: pulumi.Input[]>; /** * The principal that created a note. */ noteUpdatedBy?: pulumi.Input[]>; /** * A timestamp that identifies when the process was launched. */ processLaunchedAt?: pulumi.Input[]>; /** * The name of the process. */ processName?: pulumi.Input[]>; /** * The parent process ID. */ processParentPid?: pulumi.Input[]>; /** * The path to the process executable. */ processPath?: pulumi.Input[]>; /** * The process ID. */ processPid?: pulumi.Input[]>; /** * A timestamp that identifies when the process was terminated. */ processTerminatedAt?: pulumi.Input[]>; /** * The ARN generated by Security Hub that uniquely identifies a third-party company (security findings provider) after this provider's product (solution that generates findings) is registered with Security Hub. */ productArn?: pulumi.Input[]>; /** * A data type where security findings providers can include additional solution-specific details that aren't part of the defined AwsSecurityFinding format. */ productFields?: pulumi.Input[]>; /** * The name of the solution (product) that generates findings. */ productName?: pulumi.Input[]>; /** * The recommendation of what to do about the issue described in a finding. */ recommendationText?: pulumi.Input[]>; /** * The updated record state for the finding. */ recordState?: pulumi.Input[]>; /** * The Region from which the finding was generated. */ region?: pulumi.Input[]>; /** * The solution-generated identifier for a related finding. */ relatedFindingsId?: pulumi.Input[]>; /** * The ARN of the solution that generated a related finding. */ relatedFindingsProductArn?: pulumi.Input[]>; /** * The ARN of the application that is related to a finding. */ resourceApplicationArn?: pulumi.Input[]>; /** * The name of the application that is related to a finding. */ resourceApplicationName?: pulumi.Input[]>; /** * The IAM profile ARN of the instance. */ resourceAwsEc2InstanceIamInstanceProfileArn?: pulumi.Input[]>; /** * The Amazon Machine Image (AMI) ID of the instance. */ resourceAwsEc2InstanceImageId?: pulumi.Input[]>; /** * The IPv4 addresses associated with the instance. */ resourceAwsEc2InstanceIpV4Addresses?: pulumi.Input[]>; /** * The IPv6 addresses associated with the instance. */ resourceAwsEc2InstanceIpV6Addresses?: pulumi.Input[]>; /** * The key name associated with the instance. */ resourceAwsEc2InstanceKeyName?: pulumi.Input[]>; /** * The date and time the instance was launched. */ resourceAwsEc2InstanceLaunchedAt?: pulumi.Input[]>; /** * The identifier of the subnet that the instance was launched in. */ resourceAwsEc2InstanceSubnetId?: pulumi.Input[]>; /** * The instance type of the instance. */ resourceAwsEc2InstanceType?: pulumi.Input[]>; /** * The identifier of the VPC that the instance was launched in. */ resourceAwsEc2InstanceVpcId?: pulumi.Input[]>; /** * The creation date/time of the IAM access key related to a finding. */ resourceAwsIamAccessKeyCreatedAt?: pulumi.Input[]>; /** * The name of the principal that is associated with an IAM access key. */ resourceAwsIamAccessKeyPrincipalName?: pulumi.Input[]>; /** * The status of the IAM access key related to a finding. */ resourceAwsIamAccessKeyStatus?: pulumi.Input[]>; /** * The user associated with the IAM access key related to a finding. */ resourceAwsIamAccessKeyUserName?: pulumi.Input[]>; /** * The name of an IAM user. */ resourceAwsIamUserUserName?: pulumi.Input[]>; /** * The canonical user ID of the owner of the S3 bucket. */ resourceAwsS3BucketOwnerId?: pulumi.Input[]>; /** * The display name of the owner of the S3 bucket. */ resourceAwsS3BucketOwnerName?: pulumi.Input[]>; /** * The identifier of the image related to a finding. */ resourceContainerImageId?: pulumi.Input[]>; /** * The name of the image related to a finding. */ resourceContainerImageName?: pulumi.Input[]>; /** * A timestamp that identifies when the container was started. */ resourceContainerLaunchedAt?: pulumi.Input[]>; /** * The name of the container related to a finding. */ resourceContainerName?: pulumi.Input[]>; /** * The details of a resource that doesn't have a specific subfield for the resource type defined. */ resourceDetailsOther?: pulumi.Input[]>; /** * The canonical identifier for the given resource type. */ resourceId?: pulumi.Input[]>; /** * The canonical AWS partition name that the Region is assigned to. */ resourcePartition?: pulumi.Input[]>; /** * The canonical AWS external Region name where this resource is located. */ resourceRegion?: pulumi.Input[]>; /** * A list of AWS tags associated with a resource at the time the finding was processed. */ resourceTags?: pulumi.Input[]>; /** * Specifies the type of the resource that details are provided for. */ resourceType?: pulumi.Input[]>; /** * Indicates whether or not sample findings are included in the filter results. */ sample?: pulumi.Input[]>; /** * The label of a finding's severity. */ severityLabel?: pulumi.Input[]>; /** * The normalized severity of a finding. */ severityNormalized?: pulumi.Input[]>; /** * The native severity as defined by the security findings provider's solution that generated the finding. */ severityProduct?: pulumi.Input[]>; /** * A URL that links to a page about the current finding in the security findings provider's solution. */ sourceUrl?: pulumi.Input[]>; /** * The category of a threat intelligence indicator. */ threatIntelIndicatorCategory?: pulumi.Input[]>; /** * A timestamp that identifies the last observation of a threat intelligence indicator. */ threatIntelIndicatorLastObservedAt?: pulumi.Input[]>; /** * The source of the threat intelligence. */ threatIntelIndicatorSource?: pulumi.Input[]>; /** * The URL for more details from the source of the threat intelligence. */ threatIntelIndicatorSourceUrl?: pulumi.Input[]>; /** * The type of a threat intelligence indicator. */ threatIntelIndicatorType?: pulumi.Input[]>; /** * The value of a threat intelligence indicator. */ threatIntelIndicatorValue?: pulumi.Input[]>; /** * A finding's title. */ title?: pulumi.Input[]>; /** * A finding type in the format of namespace/category/classifier that classifies a finding. */ type?: pulumi.Input[]>; /** * An ISO8601-formatted timestamp that indicates when the security findings provider last updated the finding record. */ updatedAt?: pulumi.Input[]>; /** * A list of name/value string pairs associated with the finding. */ userDefinedFields?: pulumi.Input[]>; /** * The veracity of a finding. */ verificationState?: pulumi.Input[]>; /** * Indicates whether a software vulnerability in your environment has a known exploit. */ vulnerabilitiesExploitAvailable?: pulumi.Input[]>; /** * Indicates whether a vulnerability is fixed in a newer version of the affected software packages. */ vulnerabilitiesFixAvailable?: pulumi.Input[]>; /** * The workflow state of a finding. */ workflowState?: pulumi.Input[]>; /** * The status of the investigation into a finding. */ workflowStatus?: pulumi.Input[]>; } /** * Boolean filter for querying findings. */ interface InsightBooleanFilterArgs { /** * The value of the boolean. */ value: pulumi.Input; } /** * A date filter for querying findings. */ interface InsightDateFilterArgs { /** * A date range for the date filter. */ dateRange?: pulumi.Input; /** * A timestamp that provides the end date for the date filter. * * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) . */ end?: pulumi.Input; /** * A timestamp that provides the start date for the date filter. * * For more information about the validation and formatting of timestamp fields in AWS Security Hub CSPM , see [Timestamps](https://docs.aws.amazon.com/securityhub/1.0/APIReference/Welcome.html#timestamps) . */ start?: pulumi.Input; } /** * A date range for the date filter. */ interface InsightDateRangeArgs { /** * A date range unit for the date filter. */ unit: pulumi.Input; /** * A date range value for the date filter. */ value: pulumi.Input; } /** * The IP filter for querying findings. */ interface InsightIpFilterArgs { /** * A finding's CIDR value. */ cidr: pulumi.Input; } /** * A keyword filter for querying findings. */ interface InsightKeywordFilterArgs { /** * A value for the keyword. */ value: pulumi.Input; } /** * A map filter for filtering AWS Security Hub findings. */ interface InsightMapFilterArgs { /** * The condition to apply to the key value when filtering Security Hub findings with a map filter. */ comparison: pulumi.Input; /** * The key of the map filter. For example, for `ResourceTags` , `Key` identifies the name of the tag. For `UserDefinedFields` , `Key` is the name of the field. */ key: pulumi.Input; /** * The value for the key in the map filter. Filter values are case sensitive. For example, one of the values for a tag called `Department` might be `Security` . If you provide `security` as the filter value, then there's no match. */ value: pulumi.Input; } /** * A number filter for querying findings. */ interface InsightNumberFilterArgs { /** * The equal-to condition to be applied to a single field when querying for findings. */ eq?: pulumi.Input; /** * The greater-than-equal condition to be applied to a single field when querying for findings. */ gte?: pulumi.Input; /** * The less-than-equal condition to be applied to a single field when querying for findings. */ lte?: pulumi.Input; } /** * A string filter for filtering AWS Security Hub findings. */ interface InsightStringFilterArgs { /** * The condition to apply to a string value when filtering Security Hub CSPM findings. * * To search for values that have the filter value, use one of the following comparison operators: * * - To search for values that include the filter value, use `CONTAINS` . For example, the filter `Title CONTAINS CloudFront` matches findings that have a `Title` that includes the string CloudFront. * - To search for values that exactly match the filter value, use `EQUALS` . For example, the filter `AwsAccountId EQUALS 123456789012` only matches findings that have an account ID of `123456789012` . * - To search for values that start with the filter value, use `PREFIX` . For example, the filter `ResourceRegion PREFIX us` matches findings that have a `ResourceRegion` that starts with `us` . A `ResourceRegion` that starts with a different value, such as `af` , `ap` , or `ca` , doesn't match. * * `CONTAINS` , `EQUALS` , and `PREFIX` filters on the same field are joined by `OR` . A finding matches if it matches any one of those filters. For example, the filters `Title CONTAINS CloudFront OR Title CONTAINS CloudWatch` match a finding that includes either `CloudFront` , `CloudWatch` , or both strings in the title. * * To search for values that don’t have the filter value, use one of the following comparison operators: * * - To search for values that exclude the filter value, use `NOT_CONTAINS` . For example, the filter `Title NOT_CONTAINS CloudFront` matches findings that have a `Title` that excludes the string CloudFront. * - To search for values other than the filter value, use `NOT_EQUALS` . For example, the filter `AwsAccountId NOT_EQUALS 123456789012` only matches findings that have an account ID other than `123456789012` . * - To search for values that don't start with the filter value, use `PREFIX_NOT_EQUALS` . For example, the filter `ResourceRegion PREFIX_NOT_EQUALS us` matches findings with a `ResourceRegion` that starts with a value other than `us` . * * `NOT_CONTAINS` , `NOT_EQUALS` , and `PREFIX_NOT_EQUALS` filters on the same field are joined by `AND` . A finding matches only if it matches all of those filters. For example, the filters `Title NOT_CONTAINS CloudFront AND Title NOT_CONTAINS CloudWatch` match a finding that excludes both `CloudFront` and `CloudWatch` in the title. * * You can’t have both a `CONTAINS` filter and a `NOT_CONTAINS` filter on the same field. Similarly, you can't provide both an `EQUALS` filter and a `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filter on the same field. Combining filters in this way returns an error. `CONTAINS` filters can only be used with other `CONTAINS` filters. `NOT_CONTAINS` filters can only be used with other `NOT_CONTAINS` filters. * * You can combine `PREFIX` filters with `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters for the same field. Security Hub CSPM first processes the `PREFIX` filters, and then the `NOT_EQUALS` or `PREFIX_NOT_EQUALS` filters. * * For example, for the following filters, Security Hub CSPM first identifies findings that have resource types that start with either `AwsIam` or `AwsEc2` . It then excludes findings that have a resource type of `AwsIamPolicy` and findings that have a resource type of `AwsEc2NetworkInterface` . * * - `ResourceType PREFIX AwsIam` * - `ResourceType PREFIX AwsEc2` * - `ResourceType NOT_EQUALS AwsIamPolicy` * - `ResourceType NOT_EQUALS AwsEc2NetworkInterface` * * `CONTAINS` and `NOT_CONTAINS` operators can be used only with automation rules V1. `CONTAINS_WORD` operator is only supported in `GetFindingsV2` , `GetFindingStatisticsV2` , `GetResourcesV2` , and `GetResourceStatisticsV2` APIs. For more information, see [Automation rules](https://docs.aws.amazon.com/securityhub/latest/userguide/automation-rules.html) in the *AWS Security Hub CSPM User Guide* . */ comparison: pulumi.Input; /** * The string filter value. Filter values are case sensitive. For example, the product name for control-based findings is `Security Hub CSPM` . If you provide `security hub` as the filter value, there's no match. */ value: pulumi.Input; } interface SecurityControlParameterConfigurationArgs { /** * The current value of a control parameter. */ value?: pulumi.Input; /** * Identifies whether a control parameter uses a custom user-defined value or subscribes to the default AWS Security Hub CSPM behavior. * * When `ValueType` is set equal to `DEFAULT` , the default behavior can be a specific Security Hub CSPM default value, or the default behavior can be to ignore a specific parameter. When `ValueType` is set equal to `DEFAULT` , Security Hub CSPM ignores user-provided input for the `Value` field. * * When `ValueType` is set equal to `CUSTOM` , the `Value` field can't be empty. */ valueType: pulumi.Input; } interface SecurityControlParameterValueArgs { /** * A control parameter that is a boolean. */ boolean?: pulumi.Input; /** * A control parameter that is a double. */ double?: pulumi.Input; /** * A control parameter that is a enum. */ enum?: pulumi.Input; /** * A control parameter that is a list of enums. */ enumList?: pulumi.Input[]>; /** * A control parameter that is a integer. */ integer?: pulumi.Input; /** * A control parameter that is a list of integers. */ integerList?: pulumi.Input[]>; /** * A control parameter that is a string. */ string?: pulumi.Input; /** * A control parameter that is a list of strings. */ stringList?: pulumi.Input[]>; } /** * Provides details about an individual security control. For a list of ASH controls, see [controls reference](https://docs.aws.amazon.com/securityhub/latest/userguide/securityhub-controls-reference.html) in the *User Guide*. */ interface StandardsControlArgs { /** * A user-defined reason for changing a control's enablement status in a specified standard. If you are disabling a control, then this property is required. */ reason?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the control. */ standardsControlArn: pulumi.Input; } } export declare namespace securitylake { /** * Provides encryption details of Amazon Security Lake object. */ interface DataLakeEncryptionConfigurationArgs { /** * The id of KMS encryption key used by Amazon Security Lake to encrypt the Security Lake object. */ kmsKeyId?: pulumi.Input; } /** * Provides data expiration details of Amazon Security Lake object. */ interface DataLakeExpirationArgs { /** * The number of days before data expires in the Amazon Security Lake object. */ days?: pulumi.Input; } /** * Provides lifecycle details of Amazon Security Lake object. */ interface DataLakeLifecycleConfigurationArgs { /** * Provides data expiration details of the Amazon Security Lake object. */ expiration?: pulumi.Input; /** * Provides data storage transition details of Amazon Security Lake object. */ transitions?: pulumi.Input[]>; } /** * Provides replication details of Amazon Security Lake object. */ interface DataLakeReplicationConfigurationArgs { /** * Specifies one or more centralized rollup Regions. The AWS Region specified in the region parameter of the `CreateDataLake` or `UpdateDataLake` operations contributes data to the rollup Region or Regions specified in this parameter. * * Replication enables automatic, asynchronous copying of objects across Amazon S3 buckets. S3 buckets that are configured for object replication can be owned by the same AWS account or by different accounts. You can replicate objects to a single destination bucket or to multiple destination buckets. The destination buckets can be in different Regions or within the same Region as the source bucket. */ regions?: pulumi.Input[]>; /** * Replication settings for the Amazon S3 buckets. This parameter uses the AWS Identity and Access Management (IAM) role you created that is managed by Security Lake, to ensure the replication setting is correct. */ roleArn?: pulumi.Input; } interface DataLakeTransitionsArgs { /** * Number of days before data transitions to a different S3 Storage Class in the Amazon Security Lake object. */ days?: pulumi.Input; /** * The range of storage classes that you can choose from based on the data access, resiliency, and cost requirements of your workloads. */ storageClass?: pulumi.Input; } /** * Amazon Security Lake supports log and event collection for natively supported AWS services. */ interface SubscriberAwsLogSourceArgs { /** * The name for a AWS source. This must be a Regionally unique value. */ sourceName?: pulumi.Input; /** * The version for a AWS source. This must be a Regionally unique value. */ sourceVersion?: pulumi.Input; } interface SubscriberCustomLogSourceArgs { /** * The name for a third-party custom source. This must be a Regionally unique value. */ sourceName?: pulumi.Input; /** * The version for a third-party custom source. This must be a Regionally unique value. */ sourceVersion?: pulumi.Input; } /** * The AWS identity used to access your data. */ interface SubscriberIdentityPropertiesArgs { /** * The external ID used to establish trust relationship with the AWS identity. */ externalId: pulumi.Input; /** * The AWS identity principal. */ principal: pulumi.Input; } /** * The configuration for HTTPS subscriber notification. */ interface SubscriberNotificationHttpsNotificationConfigurationArgs { /** * The key name for the notification subscription. */ authorizationApiKeyName?: pulumi.Input; /** * The key value for the notification subscription. */ authorizationApiKeyValue?: pulumi.Input; /** * The subscription endpoint in Security Lake. */ endpoint: pulumi.Input; /** * The HTTPS method used for the notification subscription. */ httpMethod?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. */ targetRoleArn: pulumi.Input; } interface SubscriberNotificationNotificationConfigurationArgs { /** * The configurations used for HTTPS subscriber notification. */ httpsNotificationConfiguration?: pulumi.Input; /** * The configurations for SQS subscriber notification. The members of this structure are context-dependent. */ sqsNotificationConfiguration?: pulumi.Input; } /** * The configurations for SQS subscriber notification. The members of this structure are context-dependent. */ interface SubscriberNotificationSqsNotificationConfigurationArgs { } interface SubscriberSourceArgs { awsLogSource?: pulumi.Input; customLogSource?: pulumi.Input; } } export declare namespace servicecatalog { interface CloudFormationProductCodeStarParametersArgs { /** * The absolute path wehre the artifact resides within the repo and branch, formatted as "folder/file.json." */ artifactPath: pulumi.Input; /** * The specific branch where the artifact resides. */ branch: pulumi.Input; /** * The CodeStar ARN, which is the connection between AWS Service Catalog and the external repository. */ connectionArn: pulumi.Input; /** * The specific repository where the product’s artifact-to-be-synced resides, formatted as "Account/Repo." */ repository: pulumi.Input; } interface CloudFormationProductConnectionParametersArgs { /** * Provides `ConnectionType` details. */ codeStar?: pulumi.Input; } interface CloudFormationProductProvisioningArtifactPropertiesArgs { /** * The description of the provisioning artifact, including how it differs from the previous provisioning artifact. */ description?: pulumi.Input; /** * If set to true, AWS Service Catalog stops validating the specified provisioning artifact even if it is invalid. */ disableTemplateValidation?: pulumi.Input; /** * Specify the template source with one of the following options, but not both. Keys accepted: [ `LoadTemplateFromURL` , `ImportFromPhysicalId` ] * * The URL of the AWS CloudFormation template in Amazon S3 in JSON format. Specify the URL in JSON format as follows: * * `"LoadTemplateFromURL": "https://s3.amazonaws.com/cf-templates-ozkq9d3hgiq2-us-east-1/..."` * * `ImportFromPhysicalId` : The physical id of the resource that contains the template. Currently only supports AWS CloudFormation stack arn. Specify the physical id in JSON format as follows: `ImportFromPhysicalId: "arn:aws:cloudformation:[us-east-1]:[accountId]:stack/[StackName]/[resourceId]` */ info: any; /** * The name of the provisioning artifact (for example, v1 v2beta). No spaces are allowed. */ name?: pulumi.Input; /** * The type of provisioning artifact. * * - `CLOUD_FORMATION_TEMPLATE` - AWS CloudFormation template * - `TERRAFORM_OPEN_SOURCE` - Terraform Open Source configuration file * - `TERRAFORM_CLOUD` - Terraform Cloud configuration file * - `EXTERNAL` - External configuration file */ type?: pulumi.Input; } interface CloudFormationProductSourceConnectionArgs { /** * The connection details based on the connection `Type` . */ connectionParameters: pulumi.Input; /** * The only supported `SourceConnection` type is Codestar. */ type: pulumi.Input; } interface CloudFormationProvisionedProductProvisioningParameterArgs { /** * The parameter key. */ key: pulumi.Input; /** * The parameter value. */ value: pulumi.Input; } interface CloudFormationProvisionedProductProvisioningPreferencesArgs { /** * One or more AWS accounts where the provisioned product will be available. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * The specified accounts should be within the list of accounts from the `STACKSET` constraint. To get the list of accounts in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation. * * If no values are specified, the default value is all acounts from the `STACKSET` constraint. */ stackSetAccounts?: pulumi.Input[]>; /** * The number of accounts, per Region, for which this operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * Conditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both. * * The default value is `0` if no value is specified. */ stackSetFailureToleranceCount?: pulumi.Input; /** * The percentage of accounts, per Region, for which this stack operation can fail before AWS Service Catalog stops the operation in that Region. If the operation is stopped in a Region, AWS Service Catalog doesn't attempt the operation in any subsequent Regions. * * When calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * Conditional: You must specify either `StackSetFailureToleranceCount` or `StackSetFailureTolerancePercentage` , but not both. */ stackSetFailureTolerancePercentage?: pulumi.Input; /** * The maximum number of accounts in which to perform this operation at one time. This is dependent on the value of `StackSetFailureToleranceCount` . `StackSetMaxConcurrentCount` is at most one more than the `StackSetFailureToleranceCount` . * * Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * Conditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both. */ stackSetMaxConcurrencyCount?: pulumi.Input; /** * The maximum percentage of accounts in which to perform this operation at one time. * * When calculating the number of accounts based on the specified percentage, AWS Service Catalog rounds down to the next whole number. This is true except in cases where rounding down would result is zero. In this case, AWS Service Catalog sets the number as `1` instead. * * Note that this setting lets you specify the maximum for operations. For large deployments, under certain circumstances the actual number of accounts acted upon concurrently may be lower due to service throttling. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * Conditional: You must specify either `StackSetMaxConcurrentCount` or `StackSetMaxConcurrentPercentage` , but not both. */ stackSetMaxConcurrencyPercentage?: pulumi.Input; /** * Determines what action AWS Service Catalog performs to a stack set or a stack instance represented by the provisioned product. The default value is `UPDATE` if nothing is specified. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * - **CREATE** - Creates a new stack instance in the stack set represented by the provisioned product. In this case, only new stack instances are created based on accounts and Regions; if new ProductId or ProvisioningArtifactID are passed, they will be ignored. * - **UPDATE** - Updates the stack set represented by the provisioned product and also its stack instances. * - **DELETE** - Deletes a stack instance in the stack set represented by the provisioned product. */ stackSetOperationType?: pulumi.Input; /** * One or more AWS Regions where the provisioned product will be available. * * Applicable only to a `CFN_STACKSET` provisioned product type. * * The specified Regions should be within the list of Regions from the `STACKSET` constraint. To get the list of Regions in the `STACKSET` constraint, use the `DescribeProvisioningParameters` operation. * * If no values are specified, the default value is all Regions from the `STACKSET` constraint. */ stackSetRegions?: pulumi.Input[]>; } interface ServiceActionDefinitionParameterArgs { /** * The parameter key. */ key: pulumi.Input; /** * The value of the parameter. */ value: pulumi.Input; } } export declare namespace servicediscovery { interface ServiceDnsConfigArgs { /** * An array that contains one `DnsRecord` object for each Route 53 DNS record that you want AWS Cloud Map to create when you register an instance. * * > The record type of a service can't be updated directly and can only be changed by deleting the service and recreating it with a new `DnsConfig` . */ dnsRecords: pulumi.Input[]>; /** * *Use NamespaceId in [Service](https://docs.aws.amazon.com/cloud-map/latest/api/API_Service.html) instead.* * * The ID of the namespace to use for DNS configuration. */ namespaceId?: pulumi.Input; /** * The routing policy that you want to apply to all Route 53 DNS records that AWS Cloud Map creates when you register an instance and specify this service. * * > If you want to use this service to register instances that create alias records, specify `WEIGHTED` for the routing policy. * * You can specify the following values: * * - **MULTIVALUE** - If you define a health check for the service and the health check is healthy, Route 53 returns the applicable value for up to eight instances. * * For example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route 53 responds to DNS queries with IP addresses for up to eight healthy instances. If fewer than eight instances are healthy, Route 53 responds to every DNS query with the IP addresses for all of the healthy instances. * * If you don't define a health check for the service, Route 53 assumes that all instances are healthy and returns the values for up to eight instances. * * For more information about the multivalue routing policy, see [Multivalue Answer Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-multivalue) in the *Route 53 Developer Guide* . * - **WEIGHTED** - Route 53 returns the applicable value from one randomly selected instance from among the instances that you registered using the same service. Currently, all records have the same weight, so you can't route more or less traffic to any instances. * * For example, suppose that the service includes configurations for one `A` record and a health check. You use the service to register 10 instances. Route 53 responds to DNS queries with the IP address for one randomly selected instance from among the healthy instances. If no instances are healthy, Route 53 responds to DNS queries as if all of the instances were healthy. * * If you don't define a health check for the service, Route 53 assumes that all instances are healthy and returns the applicable value for one randomly selected instance. * * For more information about the weighted routing policy, see [Weighted Routing](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-policy.html#routing-policy-weighted) in the *Route 53 Developer Guide* . */ routingPolicy?: pulumi.Input; } interface ServiceDnsRecordArgs { /** * The amount of time, in seconds, that you want DNS resolvers to cache the settings for this record. * * > Alias records don't include a TTL because Route 53 uses the TTL for the AWS resource that an alias record routes traffic to. If you include the `AWS_ALIAS_DNS_NAME` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request, the `TTL` value is ignored. Always specify a TTL for the service; you can use a service to register instances that create either alias or non-alias records. */ ttl: pulumi.Input; /** * The type of the resource, which indicates the type of value that Route 53 returns in response to DNS queries. You can specify values for `Type` in the following combinations: * * - `A` * - `AAAA` * - `A` and `AAAA` * - `SRV` * - `CNAME` * * If you want AWS Cloud Map to create a Route 53 alias record when you register an instance, specify `A` or `AAAA` for `Type` . * * You specify other settings, such as the IP address for `A` and `AAAA` records, when you register an instance. For more information, see [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) . * * The following values are supported: * * - **A** - Route 53 returns the IP address of the resource in IPv4 format, such as 192.0.2.44. * - **AAAA** - Route 53 returns the IP address of the resource in IPv6 format, such as 2001:0db8:85a3:0000:0000:abcd:0001:2345. * - **CNAME** - Route 53 returns the domain name of the resource, such as www.example.com. Note the following: * * - You specify the domain name that you want to route traffic to when you register an instance. For more information, see [Attributes](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html#cloudmap-RegisterInstance-request-Attributes) in the topic [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) . * - You must specify `WEIGHTED` for the value of `RoutingPolicy` . * - You can't specify both `CNAME` for `Type` and settings for `HealthCheckConfig` . If you do, the request will fail with an `InvalidInput` error. * - **SRV** - Route 53 returns the value for an `SRV` record. The value for an `SRV` record uses the following values: * * `priority weight port service-hostname` * * Note the following about the values: * * - The values of `priority` and `weight` are both set to `1` and can't be changed. * - The value of `port` comes from the value that you specify for the `AWS_INSTANCE_PORT` attribute when you submit a [RegisterInstance](https://docs.aws.amazon.com/cloud-map/latest/api/API_RegisterInstance.html) request. * - The value of `service-hostname` is a concatenation of the following values: * * - The value that you specify for `InstanceId` when you register an instance. * - The name of the service. * - The name of the namespace. * * For example, if the value of `InstanceId` is `test` , the name of the service is `backend` , and the name of the namespace is `example.com` , the value of `service-hostname` is: * * `test.backend.example.com` * * If you specify settings for an `SRV` record and if you specify values for `AWS_INSTANCE_IPV4` , `AWS_INSTANCE_IPV6` , or both in the `RegisterInstance` request, AWS Cloud Map automatically creates `A` and/or `AAAA` records that have the same name as the value of `service-hostname` in the `SRV` record. You can ignore these records. */ type: pulumi.Input; } interface ServiceHealthCheckConfigArgs { /** * The number of consecutive health checks that an endpoint must pass or fail for Route 53 to change the current status of the endpoint from unhealthy to healthy or the other way around. For more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route 53 Developer Guide* . */ failureThreshold?: pulumi.Input; /** * The path that you want Route 53 to request when performing health checks. The path can be any value that your endpoint returns an HTTP status code of a 2xx or 3xx format for when the endpoint is healthy. An example file is `/docs/route53-health-check.html` . Route 53 automatically adds the DNS name for the service. If you don't specify a value for `ResourcePath` , the default value is `/` . * * If you specify `TCP` for `Type` , you must *not* specify a value for `ResourcePath` . */ resourcePath?: pulumi.Input; /** * The type of health check that you want to create, which indicates how Route 53 determines whether an endpoint is healthy. * * > You can't change the value of `Type` after you create a health check. * * You can create the following types of health checks: * * - *HTTP* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTP request and waits for an HTTP status code of 200 or greater and less than 400. * - *HTTPS* : Route 53 tries to establish a TCP connection. If successful, Route 53 submits an HTTPS request and waits for an HTTP status code of 200 or greater and less than 400. * * > If you specify HTTPS for the value of `Type` , the endpoint must support TLS v1.0 or later. * - *TCP* : Route 53 tries to establish a TCP connection. * * If you specify `TCP` for `Type` , don't specify a value for `ResourcePath` . * * For more information, see [How Route 53 Determines Whether an Endpoint Is Healthy](https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/dns-failover-determining-health-of-endpoints.html) in the *Route 53 Developer Guide* . */ type: pulumi.Input; } interface ServiceHealthCheckCustomConfigArgs { /** * > This parameter is no longer supported and is always set to 1. AWS Cloud Map waits for approximately 30 seconds after receiving an `UpdateInstanceCustomHealthStatus` request before changing the status of the service instance. * * The number of 30-second intervals that you want AWS Cloud Map to wait after receiving an `UpdateInstanceCustomHealthStatus` request before it changes the health status of a service instance. * * Sending a second or subsequent `UpdateInstanceCustomHealthStatus` request with the same value before 30 seconds has passed doesn't accelerate the change. AWS Cloud Map still waits `30` seconds after the first request to make the change. */ failureThreshold?: pulumi.Input; } } export declare namespace ses { /** * An object that defines a MailManager archive that is used to preserve emails that you send using the configuration set. */ interface ConfigurationSetArchivingOptionsArgs { /** * The ARN of the MailManager archive to associate with the configuration set. */ archiveArn?: pulumi.Input; } /** * Preferences regarding the Dashboard feature. */ interface ConfigurationSetDashboardOptionsArgs { /** * Whether emails sent with this configuration set have engagement tracking enabled. */ engagementMetrics: pulumi.Input; } /** * An object that defines the dedicated IP pool that is used to send emails that you send using the configuration set. */ interface ConfigurationSetDeliveryOptionsArgs { /** * Specifies the maximum time until which SES will retry sending emails */ maxDeliverySeconds?: pulumi.Input; /** * The name of the dedicated IP pool to associate with the configuration set. */ sendingPoolName?: pulumi.Input; /** * Specifies whether messages that use the configuration set are required to use Transport Layer Security (TLS). If the value is Require , messages are only delivered if a TLS connection can be established. If the value is Optional , messages can be delivered in plain text if a TLS connection can't be established. */ tlsPolicy?: pulumi.Input; } /** * An object that contains the names, default values, and sources of the dimensions associated with an Amazon CloudWatch event destination. */ interface ConfigurationSetEventDestinationCloudWatchDestinationArgs { /** * A list of dimensions upon which to categorize your emails when you publish email sending events to Amazon CloudWatch. */ dimensionConfigurations?: pulumi.Input[]>; } /** * A list of dimensions upon which to categorize your emails when you publish email sending events to Amazon CloudWatch. */ interface ConfigurationSetEventDestinationDimensionConfigurationArgs { /** * The default value of the dimension that is published to Amazon CloudWatch if you do not provide the value of the dimension when you send an email. */ defaultDimensionValue: pulumi.Input; /** * The name of an Amazon CloudWatch dimension associated with an email sending metric. */ dimensionName: pulumi.Input; /** * The place where Amazon SES finds the value of a dimension to publish to Amazon CloudWatch. To use the message tags that you specify using an X-SES-MESSAGE-TAGS header or a parameter to the SendEmail/SendRawEmail API, specify messageTag. To use your own email headers, specify emailHeader. To put a custom tag on any link included in your email, specify linkTag. */ dimensionValueSource: pulumi.Input; } /** * An object that contains Event bus ARN associated with the event bridge destination. */ interface ConfigurationSetEventDestinationEventBridgeDestinationArgs { /** * The Amazon Resource Name (ARN) of the Amazon EventBridge bus to publish email events to. Only the default bus is supported. */ eventBusArn: pulumi.Input; } interface ConfigurationSetEventDestinationEventDestinationArgs { /** * An object that contains the names, default values, and sources of the dimensions associated with an Amazon CloudWatch event destination. */ cloudWatchDestination?: pulumi.Input; /** * Sets whether Amazon SES publishes events to this destination when you send an email with the associated configuration set. Set to true to enable publishing to this destination; set to false to prevent publishing to this destination. The default value is false. */ enabled?: pulumi.Input; /** * An object that contains Event bus ARN associated with the event bridge destination. */ eventBridgeDestination?: pulumi.Input; /** * An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination. */ kinesisFirehoseDestination?: pulumi.Input; /** * The type of email sending events, send, reject, bounce, complaint, delivery, open, click, renderingFailure, deliveryDelay, and subscription. */ matchingEventTypes: pulumi.Input[]>; /** * The name of the event destination set. */ name?: pulumi.Input; /** * An object that contains SNS topic ARN associated event destination. */ snsDestination?: pulumi.Input; } /** * An object that contains the delivery stream ARN and the IAM role ARN associated with an Amazon Kinesis Firehose event destination. */ interface ConfigurationSetEventDestinationKinesisFirehoseDestinationArgs { /** * The ARN of the Amazon Kinesis Firehose stream that email sending events should be published to. */ deliveryStreamArn: pulumi.Input; /** * The ARN of the IAM role under which Amazon SES publishes email sending events to the Amazon Kinesis Firehose stream. */ iamRoleArn: pulumi.Input; } /** * An object that contains SNS topic ARN associated event destination. */ interface ConfigurationSetEventDestinationSnsDestinationArgs { /** * The ARN of the Amazon SNS topic for email sending events. You can find the ARN of a topic by using the [ListTopics](https://docs.aws.amazon.com/sns/latest/api/API_ListTopics.html) Amazon SNS operation. * * For more information about Amazon SNS topics, see the [Amazon SNS Developer Guide](https://docs.aws.amazon.com/sns/latest/dg/CreateTopic.html) . */ topicArn: pulumi.Input; } /** * Preferences regarding the Guardian feature. */ interface ConfigurationSetGuardianOptionsArgs { /** * Whether emails sent with this configuration set have optimized delivery algorithm enabled. */ optimizedSharedDelivery: pulumi.Input; } /** * An object that defines whether or not Amazon SES collects reputation metrics for the emails that you send that use the configuration set. */ interface ConfigurationSetReputationOptionsArgs { /** * If true , tracking of reputation metrics is enabled for the configuration set. If false , tracking of reputation metrics is disabled for the configuration set. */ reputationMetricsEnabled?: pulumi.Input; } /** * An object that defines whether or not Amazon SES can send email that you send using the configuration set. */ interface ConfigurationSetSendingOptionsArgs { /** * If `true` , email sending is enabled for the configuration set. If `false` , email sending is disabled for the configuration set. */ sendingEnabled?: pulumi.Input; } /** * An object that contains information about the suppression list preferences for your account. */ interface ConfigurationSetSuppressionOptionsArgs { /** * A list that contains the reasons that email addresses are automatically added to the suppression list for your account. */ suppressedReasons?: pulumi.Input[]>; /** * An object that contains information about the validation options for your account. */ validationOptions?: pulumi.Input; } /** * An object that contains information about the validation options for your account. */ interface ConfigurationSetSuppressionOptionsValidationOptionsPropertiesArgs { /** * The condition threshold settings for suppression validation. */ conditionThreshold: pulumi.Input; } /** * The condition threshold settings for suppression validation. */ interface ConfigurationSetSuppressionOptionsValidationOptionsPropertiesConditionThresholdPropertiesArgs { /** * Whether the condition threshold is enabled or disabled. */ conditionThresholdEnabled: pulumi.Input; /** * The overall confidence threshold settings. */ overallConfidenceThreshold?: pulumi.Input; } /** * The overall confidence threshold settings. */ interface ConfigurationSetSuppressionOptionsValidationOptionsPropertiesConditionThresholdPropertiesOverallConfidenceThresholdPropertiesArgs { /** * The confidence verdict threshold level. */ confidenceVerdictThreshold: pulumi.Input; } /** * An object that defines the open and click tracking options for emails that you send using the configuration set. */ interface ConfigurationSetTrackingOptionsArgs { /** * The domain to use for tracking open and click events. */ customRedirectDomain?: pulumi.Input; /** * The https policy to use for tracking open and click events. */ httpsPolicy?: pulumi.Input; } /** * An object that contains Virtual Deliverability Manager (VDM) settings for this configuration set. */ interface ConfigurationSetVdmOptionsArgs { /** * Specifies additional settings for your VDM configuration as applicable to the Dashboard. */ dashboardOptions?: pulumi.Input; /** * Specifies additional settings for your VDM configuration as applicable to the Guardian. */ guardianOptions?: pulumi.Input; } interface ContactListTopicArgs { /** * The default subscription status to be applied to a contact if the contact has not noted their preference for subscribing to a topic. */ defaultSubscriptionStatus: pulumi.Input; /** * The description of the topic. */ description?: pulumi.Input; /** * The display name of the topic. */ displayName: pulumi.Input; /** * The name of the topic. */ topicName: pulumi.Input; } /** * Used to associate a configuration set with an email identity. */ interface EmailIdentityConfigurationSetAttributesArgs { /** * The configuration set to use by default when sending from this identity. Note that any configuration set defined in the email sending request takes precedence. */ configurationSetName?: pulumi.Input; } /** * Used to enable or disable DKIM authentication for an email identity. */ interface EmailIdentityDkimAttributesArgs { /** * Sets the DKIM signing configuration for the identity. When you set this value true, then the messages that are sent from the identity are signed using DKIM. If you set this value to false, your messages are sent without DKIM signing. */ signingEnabled?: pulumi.Input; } /** * If your request includes this object, Amazon SES configures the identity to use Bring Your Own DKIM (BYODKIM) for DKIM authentication purposes, or, configures the key length to be used for Easy DKIM. */ interface EmailIdentityDkimSigningAttributesArgs { /** * [Bring Your Own DKIM] A private key that's used to generate a DKIM signature. The private key must use 1024 or 2048-bit RSA encryption, and must be encoded using base64 encoding. */ domainSigningPrivateKey?: pulumi.Input; /** * [Bring Your Own DKIM] A string that's used to identify a public key in the DNS configuration for a domain. */ domainSigningSelector?: pulumi.Input; /** * [Easy DKIM] The key length of the future DKIM key pair to be generated. This can be changed at most once per day. */ nextSigningKeyLength?: pulumi.Input; } /** * Used to enable or disable feedback forwarding for an identity. */ interface EmailIdentityFeedbackAttributesArgs { /** * If the value is true, you receive email notifications when bounce or complaint events occur */ emailForwardingEnabled?: pulumi.Input; } /** * Used to enable or disable the custom Mail-From domain configuration for an email identity. */ interface EmailIdentityMailFromAttributesArgs { /** * The action to take if the required MX record isn't found when you send an email. When you set this value to UseDefaultValue , the mail is sent using amazonses.com as the MAIL FROM domain. When you set this value to RejectMessage , the Amazon SES API v2 returns a MailFromDomainNotVerified error, and doesn't attempt to deliver the email. */ behaviorOnMxFailure?: pulumi.Input; /** * The custom MAIL FROM domain that you want the verified identity to use */ mailFromDomain?: pulumi.Input; } interface MailManagerArchiveArchiveRetentionPropertiesArgs { retentionPeriod: pulumi.Input; } interface MailManagerIngressPointIngressPointConfiguration0PropertiesArgs { smtpPassword: pulumi.Input; } interface MailManagerIngressPointIngressPointConfiguration1PropertiesArgs { secretArn: pulumi.Input; } interface MailManagerIngressPointIngressPointConfiguration2PropertiesArgs { tlsAuthConfiguration: pulumi.Input; } interface MailManagerIngressPointNetworkConfiguration0PropertiesArgs { publicNetworkConfiguration: pulumi.Input; } interface MailManagerIngressPointNetworkConfiguration1PropertiesArgs { privateNetworkConfiguration: pulumi.Input; } interface MailManagerIngressPointPrivateNetworkConfigurationArgs { vpcEndpointId: pulumi.Input; } interface MailManagerIngressPointPublicNetworkConfigurationArgs { ipType: any; } interface MailManagerIngressPointTlsAuthConfigurationArgs { trustStore: pulumi.Input; } interface MailManagerIngressPointTrustStoreArgs { caContent: pulumi.Input; crlContent?: pulumi.Input; kmsKeyArn?: pulumi.Input; } interface MailManagerRelayNoAuthenticationArgs { } interface MailManagerRelayRelayAuthentication0PropertiesArgs { secretArn: pulumi.Input; } interface MailManagerRelayRelayAuthentication1PropertiesArgs { noAuthentication: pulumi.Input; } interface MailManagerRuleSetAddHeaderActionArgs { headerName: pulumi.Input; headerValue: pulumi.Input; } interface MailManagerRuleSetAnalysisArgs { analyzer: pulumi.Input; resultField: pulumi.Input; } interface MailManagerRuleSetArchiveActionArgs { actionFailurePolicy?: pulumi.Input; targetArchive: pulumi.Input; } interface MailManagerRuleSetBounceActionArgs { actionFailurePolicy?: pulumi.Input; diagnosticMessage: pulumi.Input; message?: pulumi.Input; roleArn: pulumi.Input; sender: pulumi.Input; smtpReplyCode: pulumi.Input; statusCode: pulumi.Input; } interface MailManagerRuleSetDeliverToMailboxActionArgs { actionFailurePolicy?: pulumi.Input; mailboxArn: pulumi.Input; roleArn: pulumi.Input; } interface MailManagerRuleSetDeliverToQBusinessActionArgs { actionFailurePolicy?: pulumi.Input; applicationId: pulumi.Input; indexId: pulumi.Input; roleArn: pulumi.Input; } interface MailManagerRuleSetDropActionArgs { } interface MailManagerRuleSetInvokeLambdaActionArgs { actionFailurePolicy?: pulumi.Input; functionArn: pulumi.Input; invocationType: pulumi.Input; retryTimeMinutes?: pulumi.Input; roleArn: pulumi.Input; } interface MailManagerRuleSetRelayActionArgs { actionFailurePolicy?: pulumi.Input; mailFrom?: pulumi.Input; relay: pulumi.Input; } interface MailManagerRuleSetReplaceRecipientActionArgs { replaceWith?: pulumi.Input[]>; } interface MailManagerRuleSetRuleArgs { /** * The list of actions to execute when the conditions match the incoming email, and none of the "unless conditions" match. */ actions: pulumi.Input[]>; /** * The conditions of this rule. All conditions must match the email for the actions to be executed. An empty list of conditions means that all emails match, but are still subject to any "unless conditions" */ conditions?: pulumi.Input[]>; /** * The user-friendly name of the rule. */ name?: pulumi.Input; /** * The "unless conditions" of this rule. None of the conditions can match the email for the actions to be executed. If any of these conditions do match the email, then the actions are not executed. */ unless?: pulumi.Input[]>; } interface MailManagerRuleSetRuleAction0PropertiesArgs { drop: pulumi.Input; } interface MailManagerRuleSetRuleAction10PropertiesArgs { bounce: pulumi.Input; } interface MailManagerRuleSetRuleAction11PropertiesArgs { invokeLambda: pulumi.Input; } interface MailManagerRuleSetRuleAction1PropertiesArgs { relay: pulumi.Input; } interface MailManagerRuleSetRuleAction2PropertiesArgs { archive: pulumi.Input; } interface MailManagerRuleSetRuleAction3PropertiesArgs { writeToS3: pulumi.Input; } interface MailManagerRuleSetRuleAction4PropertiesArgs { send: pulumi.Input; } interface MailManagerRuleSetRuleAction5PropertiesArgs { addHeader: pulumi.Input; } interface MailManagerRuleSetRuleAction6PropertiesArgs { replaceRecipient: pulumi.Input; } interface MailManagerRuleSetRuleAction7PropertiesArgs { deliverToMailbox: pulumi.Input; } interface MailManagerRuleSetRuleAction8PropertiesArgs { deliverToQBusiness: pulumi.Input; } interface MailManagerRuleSetRuleAction9PropertiesArgs { publishToSns: pulumi.Input; } interface MailManagerRuleSetRuleBooleanExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; } interface MailManagerRuleSetRuleBooleanToEvaluate0PropertiesArgs { attribute: pulumi.Input; } interface MailManagerRuleSetRuleBooleanToEvaluate1PropertiesArgs { analysis: pulumi.Input; } interface MailManagerRuleSetRuleBooleanToEvaluate2PropertiesArgs { isInAddressList: pulumi.Input; } interface MailManagerRuleSetRuleCondition0PropertiesArgs { booleanExpression: pulumi.Input; } interface MailManagerRuleSetRuleCondition1PropertiesArgs { stringExpression: pulumi.Input; } interface MailManagerRuleSetRuleCondition2PropertiesArgs { numberExpression: pulumi.Input; } interface MailManagerRuleSetRuleCondition3PropertiesArgs { ipExpression: pulumi.Input; } interface MailManagerRuleSetRuleCondition4PropertiesArgs { verdictExpression: pulumi.Input; } interface MailManagerRuleSetRuleCondition5PropertiesArgs { dmarcExpression: pulumi.Input; } interface MailManagerRuleSetRuleDmarcExpressionArgs { operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerRuleSetRuleIpExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerRuleSetRuleIpToEvaluatePropertiesArgs { attribute: pulumi.Input; } interface MailManagerRuleSetRuleIsInAddressListArgs { addressLists: pulumi.Input[]>; attribute: pulumi.Input; } interface MailManagerRuleSetRuleNumberExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; value: pulumi.Input; } interface MailManagerRuleSetRuleNumberToEvaluatePropertiesArgs { attribute: pulumi.Input; } interface MailManagerRuleSetRuleStringExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerRuleSetRuleStringToEvaluate0PropertiesArgs { attribute: pulumi.Input; } interface MailManagerRuleSetRuleStringToEvaluate1PropertiesArgs { mimeHeaderAttribute: pulumi.Input; } interface MailManagerRuleSetRuleStringToEvaluate2PropertiesArgs { analysis: pulumi.Input; } interface MailManagerRuleSetRuleStringToEvaluate3PropertiesArgs { clientCertificateAttribute: pulumi.Input; } interface MailManagerRuleSetRuleVerdictExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerRuleSetRuleVerdictToEvaluate0PropertiesArgs { attribute: pulumi.Input; } interface MailManagerRuleSetRuleVerdictToEvaluate1PropertiesArgs { analysis: pulumi.Input; } interface MailManagerRuleSetS3ActionArgs { actionFailurePolicy?: pulumi.Input; roleArn: pulumi.Input; s3Bucket: pulumi.Input; s3Prefix?: pulumi.Input; s3SseKmsKeyId?: pulumi.Input; } interface MailManagerRuleSetSendActionArgs { actionFailurePolicy?: pulumi.Input; roleArn: pulumi.Input; } interface MailManagerRuleSetSnsActionArgs { actionFailurePolicy?: pulumi.Input; encoding?: pulumi.Input; payloadType?: pulumi.Input; roleArn: pulumi.Input; topicArn: pulumi.Input; } interface MailManagerTrafficPolicyIngressAnalysisArgs { analyzer: pulumi.Input; resultField: pulumi.Input; } interface MailManagerTrafficPolicyIngressBooleanExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; } interface MailManagerTrafficPolicyIngressBooleanToEvaluate0PropertiesArgs { analysis: pulumi.Input; } interface MailManagerTrafficPolicyIngressBooleanToEvaluate1PropertiesArgs { isInAddressList: pulumi.Input; } interface MailManagerTrafficPolicyIngressIpToEvaluatePropertiesArgs { attribute: pulumi.Input; } interface MailManagerTrafficPolicyIngressIpv4ExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerTrafficPolicyIngressIpv6ExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerTrafficPolicyIngressIpv6ToEvaluatePropertiesArgs { attribute: pulumi.Input; } interface MailManagerTrafficPolicyIngressIsInAddressListArgs { addressLists: pulumi.Input[]>; attribute: pulumi.Input; } interface MailManagerTrafficPolicyIngressStringExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; values: pulumi.Input[]>; } interface MailManagerTrafficPolicyIngressStringToEvaluate0PropertiesArgs { attribute: pulumi.Input; } interface MailManagerTrafficPolicyIngressStringToEvaluate1PropertiesArgs { analysis: pulumi.Input; } interface MailManagerTrafficPolicyIngressTlsProtocolExpressionArgs { evaluate: pulumi.Input; operator: pulumi.Input; value: pulumi.Input; } interface MailManagerTrafficPolicyIngressTlsProtocolToEvaluatePropertiesArgs { attribute: pulumi.Input; } interface MailManagerTrafficPolicyPolicyCondition0PropertiesArgs { stringExpression: pulumi.Input; } interface MailManagerTrafficPolicyPolicyCondition1PropertiesArgs { ipExpression: pulumi.Input; } interface MailManagerTrafficPolicyPolicyCondition2PropertiesArgs { ipv6Expression: pulumi.Input; } interface MailManagerTrafficPolicyPolicyCondition3PropertiesArgs { tlsExpression: pulumi.Input; } interface MailManagerTrafficPolicyPolicyCondition4PropertiesArgs { booleanExpression: pulumi.Input; } interface MailManagerTrafficPolicyPolicyStatementArgs { /** * The action that informs a traffic policy resource to either allow or block the email if it matches a condition in the policy statement. */ action: pulumi.Input; /** * The list of conditions to apply to incoming messages for filtering email traffic. */ conditions: pulumi.Input[]>; } /** * Contains details of a multi-region endpoint (global-endpoint) being created. */ interface MultiRegionEndpointDetailsArgs { /** * A list of route configuration details. Must contain exactly one route configuration. */ routeDetails: pulumi.Input[]>; } interface MultiRegionEndpointRouteDetailsItemPropertiesArgs { region: pulumi.Input; } /** * The content of the email, composed of a subject line, an HTML part, and a text-only part */ interface TemplateArgs { /** * The HTML body of the email. */ htmlPart?: pulumi.Input; /** * The subject line of the email. */ subjectPart: pulumi.Input; /** * The name of the template. */ templateName?: pulumi.Input; /** * The email body that is visible to recipients whose email clients do not display HTML content. */ textPart?: pulumi.Input; } /** * The resource to associate with the tenant */ interface TenantResourceAssociationArgs { /** * The ARN of the resource to associate with the tenant */ resourceArn: pulumi.Input; } /** * Preferences regarding the Dashboard feature. */ interface VdmAttributesDashboardAttributesArgs { /** * Whether emails sent from this account have engagement tracking enabled. */ engagementMetrics?: pulumi.Input; } /** * Preferences regarding the Guardian feature. */ interface VdmAttributesGuardianAttributesArgs { /** * Whether emails sent from this account have optimized delivery algorithm enabled. */ optimizedSharedDelivery?: pulumi.Input; } } export declare namespace shield { /** * An emergency contact is used by Shield Response Team (SRT) to contact you for escalations to the SRT and to initiate proactive customer support. An emergency contact requires an email address. */ interface ProactiveEngagementEmergencyContactArgs { /** * Additional notes regarding the contact. */ contactNotes?: pulumi.Input; /** * The email address for the contact. */ emailAddress: pulumi.Input; /** * The phone number for the contact */ phoneNumber?: pulumi.Input; } /** * The automatic application layer DDoS mitigation settings for a Protection. This configuration determines whether Shield Advanced automatically manages rules in the web ACL in order to respond to application layer events that Shield Advanced determines to be DDoS attacks. */ interface ProtectionApplicationLayerAutomaticResponseConfigurationArgs { /** * Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource. */ action: pulumi.Input; /** * Indicates whether automatic application layer DDoS mitigation is enabled for the protection. */ status: pulumi.Input; } /** * Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource. */ interface ProtectionApplicationLayerAutomaticResponseConfigurationAction0PropertiesArgs { /** * Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Count` action. * You must specify exactly one action, either `Block` or `Count`. */ count?: any; } /** * Specifies the action setting that Shield Advanced should use in the AWS WAF rules that it creates on behalf of the protected resource in response to DDoS attacks. You specify this as part of the configuration for the automatic application layer DDoS mitigation feature, when you enable or update automatic mitigation. Shield Advanced creates the AWS WAF rules in a Shield Advanced-managed rule group, inside the web ACL that you have associated with the resource. */ interface ProtectionApplicationLayerAutomaticResponseConfigurationAction1PropertiesArgs { /** * Specifies that Shield Advanced should configure its AWS WAF rules with the AWS WAF `Block` action. * You must specify exactly one action, either `Block` or `Count`. */ block?: any; } } export declare namespace signer { interface SigningProfileSignatureValidityPeriodArgs { /** * The time unit for signature validity: DAYS | MONTHS | YEARS. */ type?: pulumi.Input; /** * The numerical value of the time unit for signature validity. */ value?: pulumi.Input; } } export declare namespace simspaceweaver { interface SimulationS3LocationArgs { /** * The Schema S3 bucket name. */ bucketName: pulumi.Input; /** * This is the schema S3 object key, which includes the full path of "folders" from the bucket root to the schema. */ objectKey: pulumi.Input; } } export declare namespace smsvoice { interface ConfigurationSetCloudWatchLogsDestinationArgs { /** * The Amazon Resource Name (ARN) of an AWS Identity and Access Management role that is able to write event data to an Amazon CloudWatch destination. */ iamRoleArn: pulumi.Input; /** * The name of the Amazon CloudWatch log group that you want to record events in. */ logGroupArn: pulumi.Input; } /** * An event destination is a location where you send message events. The event options are Amazon CloudWatch, Amazon Data Firehose, or Amazon SNS. For example, when a message is delivered successfully, you can send information about that event to an event destination, or send notifications to endpoints that are subscribed to an Amazon SNS topic. */ interface ConfigurationSetEventDestinationArgs { /** * An object that contains IamRoleArn and LogGroupArn associated with an Amazon CloudWatch event destination. */ cloudWatchLogsDestination?: pulumi.Input; /** * When set to true events will be logged. By default this is set to true */ enabled: pulumi.Input; /** * The name that identifies the event destination. */ eventDestinationName: pulumi.Input; /** * An object that contains IamRoleArn and DeliveryStreamArn associated with an Amazon Kinesis Firehose event destination. */ kinesisFirehoseDestination?: pulumi.Input; /** * An array of event types that determine which events to log. If 'ALL' is used, then AWS End User Messaging SMS and Voice logs every event type. */ matchingEventTypes: pulumi.Input[]>; /** * An object that contains SNS TopicArn event destination. */ snsDestination?: pulumi.Input; } interface ConfigurationSetKinesisFirehoseDestinationArgs { /** * The Amazon Resource Name (ARN) of the delivery stream. */ deliveryStreamArn: pulumi.Input; /** * The Amazon Resource Name (ARN) of an AWS Identity and Access Management role that is able to write event data to an Amazon CloudWatch destination. */ iamRoleArn: pulumi.Input; } interface ConfigurationSetSnsDestinationArgs { /** * The Amazon Resource Name (ARN) of the Amazon SNS topic that you want to publish events to. */ topicArn: pulumi.Input; } /** * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. Keywords "HELP" and "STOP" are mandatory keywords */ interface MandatoryKeywordsPropertiesArgs { /** * Specifies the pool's `HELP` keyword. For more information, see [Opt out list required keywords](https://docs.aws.amazon.com/sms-voice/latest/userguide/opt-out-list-keywords.html) in the End User Messaging User Guide. */ help: pulumi.Input; /** * Specifies the pool's opt-out keyword. For more information, see [Required opt-out keywords](https://docs.aws.amazon.com/sms-voice/latest/userguide/keywords-required.html) in the End User Messaging User Guide. */ stop: pulumi.Input; } /** * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. */ interface PhoneNumberOptionalKeywordArgs { /** * The action to perform when the keyword is used. */ action: pulumi.Input; /** * The new keyword to add. */ keyword: pulumi.Input; /** * The message associated with the keyword. */ message: pulumi.Input; } /** * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. Keywords "HELP" and "STOP" are mandatory keywords */ interface PoolMandatoryKeywordArgs { /** * The message associated with the keyword. */ message: pulumi.Input; } /** * A keyword is a word that you can search for on a particular phone number or pool. It is also a specific word or phrase that an end user can send to your number to elicit a response, such as an informational message or a special offer. When your number receives a message that begins with a keyword, AWS End User Messaging SMS and Voice responds with a customizable message. */ interface PoolOptionalKeywordArgs { /** * The action to perform when the keyword is used. */ action: pulumi.Input; /** * The new keyword to add. */ keyword: pulumi.Input; /** * The message associated with the keyword. */ message: pulumi.Input; } interface ProtectConfigurationCountryRuleArgs { /** * The two-letter ISO country code */ countryCode: pulumi.Input; /** * The types of protection that can be used. */ protectStatus: pulumi.Input; } interface ProtectConfigurationCountryRuleSetArgs { /** * The set of `CountryRule` s to control which destination countries End User Messaging can send your MMS messages to. */ mms?: pulumi.Input[]>; /** * The set of `CountryRule` s to control which destination countries End User Messaging can send your SMS messages to. */ sms?: pulumi.Input[]>; /** * The set of `CountryRule` s to control which destination countries End User Messaging can send your VOICE messages to. */ voice?: pulumi.Input[]>; } /** * When you set up two-way SMS, you can receive incoming messages from your customers. When one of your customers sends a message to your phone number, the message body is sent to an Amazon SNS topic or Amazon Connect for processing. */ interface TwoWayPropertiesArgs { /** * The Amazon Resource Name (ARN) of the two way channel. */ channelArn?: pulumi.Input; /** * An optional IAM Role Arn for a service to assume, to be able to post inbound SMS messages. */ channelRole?: pulumi.Input; /** * By default this is set to false. When set to true you can receive incoming text messages from your end recipients. */ enabled: pulumi.Input; } } export declare namespace sns { /** * The ``LoggingConfig`` property type specifies the ``Delivery`` status logging configuration for an [AWS::SNS::Topic](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-topic.html). */ interface TopicLoggingConfigArgs { /** * The IAM role ARN to be used when logging failed message deliveries in Amazon CloudWatch. */ failureFeedbackRoleArn?: pulumi.Input; /** * Indicates one of the supported protocols for the Amazon SNS topic. * At least one of the other three ``LoggingConfig`` properties is recommend along with ``Protocol``. */ protocol: pulumi.Input; /** * The IAM role ARN to be used when logging successful message deliveries in Amazon CloudWatch. */ successFeedbackRoleArn?: pulumi.Input; /** * The percentage of successful message deliveries to be logged in Amazon CloudWatch. Valid percentage values range from 0 to 100. */ successFeedbackSampleRate?: pulumi.Input; } /** * ``Subscription`` is an embedded property that describes the subscription endpoints of an SNS topic. * For full control over subscription behavior (for example, delivery policy, filtering, raw message delivery, and cross-region subscriptions), use the [AWS::SNS::Subscription](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-sns-subscription.html) resource. */ interface TopicSubscriptionArgs { /** * The endpoint that receives notifications from the SNS topic. The endpoint value depends on the protocol that you specify. For more information, see the ``Endpoint`` parameter of the ``Subscribe`` action in the *API Reference*. */ endpoint: pulumi.Input; /** * The subscription's protocol. For more information, see the ``Protocol`` parameter of the ``Subscribe`` action in the *API Reference*. */ protocol: pulumi.Input; } } export declare namespace sqs { } export declare namespace ssm { interface AssociationInstanceAssociationOutputLocationArgs { /** * `S3OutputLocation` is a property of the [InstanceAssociationOutputLocation](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-ssm-association-instanceassociationoutputlocation.html) property that specifies an Amazon S3 bucket where you want to store the results of this request. */ s3Location?: pulumi.Input; } interface AssociationS3OutputLocationArgs { /** * The name of the S3 bucket. */ outputS3BucketName?: pulumi.Input; /** * The S3 bucket subfolder. */ outputS3KeyPrefix?: pulumi.Input; /** * The AWS Region of the S3 bucket. */ outputS3Region?: pulumi.Input; } interface AssociationTargetArgs { /** * User-defined criteria for sending commands that target managed nodes that meet the criteria. */ key: pulumi.Input; /** * User-defined criteria that maps to `Key` . For example, if you specified `tag:ServerRole` , you could specify `value:WebServer` to run a command on instances that include EC2 tags of `ServerRole,WebServer` . * * Depending on the type of target, the maximum number of values for a key might be lower than the global maximum of 50. */ values: pulumi.Input[]>; } interface DocumentAttachmentsSourceArgs { /** * The key of a key-value pair that identifies the location of an attachment to a document. */ key?: pulumi.Input; /** * The name of the document attachment file. */ name?: pulumi.Input; /** * The value of a key-value pair that identifies the location of an attachment to a document. The format for Value depends on the type of key you specify. */ values?: pulumi.Input[]>; } interface DocumentRequiresArgs { /** * The name of the required SSM document. The name can be an Amazon Resource Name (ARN). */ name?: pulumi.Input; /** * The document version required by the current document. */ version?: pulumi.Input; } interface MaintenanceWindowTargetTargetsArgs { /** * User-defined criteria for sending commands that target managed nodes that meet the criteria. */ key: pulumi.Input; /** * User-defined criteria that maps to Key. */ values: pulumi.Input[]>; } interface MaintenanceWindowTaskCloudWatchOutputConfigArgs { /** * The name of the CloudWatch log group where you want to send command output. */ cloudWatchLogGroupName?: pulumi.Input; /** * Enables Systems Manager to send command output to CloudWatch Logs. */ cloudWatchOutputEnabled?: pulumi.Input; } interface MaintenanceWindowTaskLoggingInfoArgs { /** * The AWS Region where the S3 bucket is located. */ region: pulumi.Input; /** * The name of an S3 bucket where execution logs are stored. */ s3Bucket: pulumi.Input; /** * The Amazon S3 bucket subfolder. */ s3Prefix?: pulumi.Input; } interface MaintenanceWindowTaskMaintenanceWindowAutomationParametersArgs { /** * The version of an Automation runbook to use during task execution. */ documentVersion?: pulumi.Input; /** * The parameters for the `AUTOMATION` type task. */ parameters?: any; } interface MaintenanceWindowTaskMaintenanceWindowLambdaParametersArgs { /** * Client-specific information to pass to the AWS Lambda function that you're invoking. You can then use the `context` variable to process the client information in your AWS Lambda function. */ clientContext?: pulumi.Input; /** * JSON to provide to your AWS Lambda function as input. * * > Although `Type` is listed as "String" for this property, the payload content must be formatted as a Base64-encoded binary data object. * * *Length Constraint:* 4096 */ payload?: pulumi.Input; /** * An AWS Lambda function version or alias name. If you specify a function version, the action uses the qualified function Amazon Resource Name (ARN) to invoke a specific Lambda function. If you specify an alias name, the action uses the alias ARN to invoke the Lambda function version that the alias points to. */ qualifier?: pulumi.Input; } interface MaintenanceWindowTaskMaintenanceWindowRunCommandParametersArgs { /** * Configuration options for sending command output to Amazon CloudWatch Logs. */ cloudWatchOutputConfig?: pulumi.Input; /** * Information about the command or commands to run. */ comment?: pulumi.Input; /** * The SHA-256 or SHA-1 hash created by the system when the document was created. SHA-1 hashes have been deprecated. */ documentHash?: pulumi.Input; /** * The SHA-256 or SHA-1 hash type. SHA-1 hashes are deprecated. */ documentHashType?: pulumi.Input; /** * The AWS Systems Manager document (SSM document) version to use in the request. You can specify `$DEFAULT` , `$LATEST` , or a specific version number. If you run commands by using the AWS CLI, then you must escape the first two options by using a backslash. If you specify a version number, then you don't need to use the backslash. For example: * * `--document-version "\$DEFAULT"` * * `--document-version "\$LATEST"` * * `--document-version "3"` */ documentVersion?: pulumi.Input; /** * Configurations for sending notifications about command status changes on a per-managed node basis. */ notificationConfig?: pulumi.Input; /** * The name of the Amazon Simple Storage Service (Amazon S3) bucket. */ outputS3BucketName?: pulumi.Input; /** * The S3 bucket subfolder. */ outputS3KeyPrefix?: pulumi.Input; /** * The parameters for the `RUN_COMMAND` task execution. * * The supported parameters are the same as those for the `SendCommand` API call. For more information, see [SendCommand](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_SendCommand.html) in the *AWS Systems Manager API Reference* . */ parameters?: any; /** * The Amazon Resource Name (ARN) of the IAM service role for AWS Systems Manager to assume when running a maintenance window task. If you do not specify a service role ARN, Systems Manager uses a service-linked role in your account. If no appropriate service-linked role for Systems Manager exists in your account, it is created when you run `RegisterTaskWithMaintenanceWindow` . * * However, for an improved security posture, we strongly recommend creating a custom policy and custom service role for running your maintenance window tasks. The policy can be crafted to provide only the permissions needed for your particular maintenance window tasks. For more information, see [Setting up Maintenance Windows](https://docs.aws.amazon.com/systems-manager/latest/userguide/sysman-maintenance-permissions.html) in the in the *AWS Systems Manager User Guide* . */ serviceRoleArn?: pulumi.Input; /** * If this time is reached and the command hasn't already started running, it doesn't run. */ timeoutSeconds?: pulumi.Input; } interface MaintenanceWindowTaskMaintenanceWindowStepFunctionsParametersArgs { /** * The inputs for the `STEP_FUNCTIONS` task. */ input?: pulumi.Input; /** * The name of the `STEP_FUNCTIONS` task. */ name?: pulumi.Input; } interface MaintenanceWindowTaskNotificationConfigArgs { /** * An Amazon Resource Name (ARN) for an Amazon Simple Notification Service (Amazon SNS) topic. Run Command pushes notifications about command status changes to this topic. */ notificationArn: pulumi.Input; /** * The different events that you can receive notifications for. These events include the following: `All` (events), `InProgress` , `Success` , `TimedOut` , `Cancelled` , `Failed` . To learn more about these events, see [Configuring Amazon SNS Notifications for AWS Systems Manager](https://docs.aws.amazon.com/systems-manager/latest/userguide/monitoring-sns-notifications.html) in the *AWS Systems Manager User Guide* . */ notificationEvents?: pulumi.Input[]>; /** * The notification type. * * - `Command` : Receive notification when the status of a command changes. * - `Invocation` : For commands sent to multiple instances, receive notification on a per-instance basis when the status of a command changes. */ notificationType?: pulumi.Input; } interface MaintenanceWindowTaskTargetArgs { /** * User-defined criteria for sending commands that target instances that meet the criteria. `Key` can be `InstanceIds` or `WindowTargetIds` . For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* . */ key: pulumi.Input; /** * User-defined criteria that maps to `Key` . For example, if you specify `InstanceIds` , you can specify `i-1234567890abcdef0,i-9876543210abcdef0` to run a command on two EC2 instances. For more information about how to target instances within a maintenance window task, see [About 'register-task-with-maintenance-window' Options and Values](https://docs.aws.amazon.com/systems-manager/latest/userguide/register-tasks-options.html) in the *AWS Systems Manager User Guide* . */ values: pulumi.Input[]>; } interface MaintenanceWindowTaskTaskInvocationParametersArgs { /** * The parameters for an `AUTOMATION` task type. */ maintenanceWindowAutomationParameters?: pulumi.Input; /** * The parameters for a `LAMBDA` task type. */ maintenanceWindowLambdaParameters?: pulumi.Input; /** * The parameters for a `RUN_COMMAND` task type. */ maintenanceWindowRunCommandParameters?: pulumi.Input; /** * The parameters for a `STEP_FUNCTIONS` task type. */ maintenanceWindowStepFunctionsParameters?: pulumi.Input; } /** * Defines which patches should be included in a patch baseline. */ interface PatchBaselinePatchFilterArgs { /** * The key for the filter. * * For information about valid keys, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . */ key?: pulumi.Input; /** * The value for the filter key. * * For information about valid values for each key based on operating system type, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . */ values?: pulumi.Input[]>; } /** * The patch filter group that defines the criteria for the rule. */ interface PatchBaselinePatchFilterGroupArgs { /** * The set of patch filters that make up the group. */ patchFilters?: pulumi.Input[]>; } /** * Information about the patches to use to update the instances, including target operating systems and source repository. Applies to Linux instances only. */ interface PatchBaselinePatchSourceArgs { /** * The value of the repo configuration. * * *Example for yum repositories* * * `[main]` * * `name=MyCustomRepository` * * `baseurl=https://my-custom-repository` * * `enabled=1` * * For information about other options available for your yum repository configuration, see [dnf.conf(5)](https://docs.aws.amazon.com/https://man7.org/linux/man-pages/man5/dnf.conf.5.html) on the *man7.org* website. * * *Examples for Ubuntu Server and Debian Server* * * `deb http://security.ubuntu.com/ubuntu jammy main` * * `deb https://site.example.com/debian distribution component1 component2 component3` * * Repo information for Ubuntu Server repositories must be specifed in a single line. For more examples and information, see [jammy (5) sources.list.5.gz](https://docs.aws.amazon.com/https://manpages.ubuntu.com/manpages/jammy/man5/sources.list.5.html) on the *Ubuntu Server Manuals* website and [sources.list format](https://docs.aws.amazon.com/https://wiki.debian.org/SourcesList#sources.list_format) on the *Debian Wiki* . */ configuration?: pulumi.Input; /** * The name specified to identify the patch source. */ name?: pulumi.Input; /** * The specific operating system versions a patch repository applies to, such as "Ubuntu16.04", "RedhatEnterpriseLinux7.2" or "Suse12.7". For lists of supported product values, see [PatchFilter](https://docs.aws.amazon.com/systems-manager/latest/APIReference/API_PatchFilter.html) in the *AWS Systems Manager API Reference* . */ products?: pulumi.Input[]>; } /** * Defines an approval rule for a patch baseline. */ interface PatchBaselineRuleArgs { /** * The number of days after the release date of each patch matched by the rule that the patch is marked as approved in the patch baseline. For example, a value of `7` means that patches are approved seven days after they are released. * * Patch Manager evaluates patch release dates using Coordinated Universal Time (UTC). If the day represented by `7` is `2025-11-16` , patches released between `2025-11-16T00:00:00Z` and `2025-11-16T23:59:59Z` will be included in the approval. * * This parameter is marked as `Required: No` , but your request must include a value for either `ApproveAfterDays` or `ApproveUntilDate` . * * Not supported for Debian Server or Ubuntu Server. * * > Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* . */ approveAfterDays?: pulumi.Input; /** * The cutoff date for auto approval of released patches. Any patches released on or before this date are installed automatically. * * Enter dates in the format `YYYY-MM-DD` . For example, `2025-11-16` . * * Patch Manager evaluates patch release dates using Coordinated Universal Time (UTC). If you enter the date `2025-11-16` , patches released between `2025-11-16T00:00:00Z` and `2025-11-16T23:59:59Z` will be included in the approval. * * This parameter is marked as `Required: No` , but your request must include a value for either `ApproveUntilDate` or `ApproveAfterDays` . * * Not supported for Debian Server or Ubuntu Server. * * > Use caution when setting this value for Windows Server patch baselines. Because patch updates that are replaced by later updates are removed, setting too broad a value for this parameter can result in crucial patches not being installed. For more information, see the *Windows Server* tab in the topic [How security patches are selected](https://docs.aws.amazon.com/systems-manager/latest/userguide/patch-manager-selecting-patches.html) in the *AWS Systems Manager User Guide* . */ approveUntilDate?: pulumi.Input; /** * A compliance severity level for all approved patches in a patch baseline. Valid compliance severity levels include the following: `UNSPECIFIED` , `CRITICAL` , `HIGH` , `MEDIUM` , `LOW` , and `INFORMATIONAL` . */ complianceLevel?: pulumi.Input; /** * For managed nodes identified by the approval rule filters, enables a patch baseline to apply non-security updates available in the specified repository. The default value is `false` . Applies to Linux managed nodes only. */ enableNonSecurity?: pulumi.Input; /** * The patch filter group that defines the criteria for the rule. */ patchFilterGroup?: pulumi.Input; } /** * A set of rules defining the approval rules for a patch baseline. */ interface PatchBaselineRuleGroupArgs { /** * The rules that make up the rule group. */ patchRules?: pulumi.Input[]>; } interface ResourceDataSyncAwsOrganizationsSourceArgs { /** * If an AWS organization is present, this is either `OrganizationalUnits` or `EntireOrganization` . For `OrganizationalUnits` , the data is aggregated from a set of organization units. For `EntireOrganization` , the data is aggregated from the entire AWS organization. */ organizationSourceType: pulumi.Input; /** * The AWS Organizations organization units included in the sync. */ organizationalUnits?: pulumi.Input[]>; } interface ResourceDataSyncS3DestinationArgs { /** * The name of the S3 bucket where the aggregated data is stored. */ bucketName: pulumi.Input; /** * An Amazon S3 prefix for the bucket. */ bucketPrefix?: pulumi.Input; /** * The AWS Region with the S3 bucket targeted by the resource data sync. */ bucketRegion: pulumi.Input; /** * The ARN of an encryption key for a destination in Amazon S3. Must belong to the same Region as the destination S3 bucket. */ kmsKeyArn?: pulumi.Input; /** * A supported sync format. The following format is currently supported: JsonSerDe */ syncFormat: pulumi.Input; } interface ResourceDataSyncSyncSourceArgs { /** * Information about the AwsOrganizationsSource resource data sync source. A sync source of this type can synchronize data from AWS Organizations . */ awsOrganizationsSource?: pulumi.Input; /** * Whether to automatically synchronize and aggregate data from new AWS Regions when those Regions come online. */ includeFutureRegions?: pulumi.Input; /** * The `SyncSource` AWS Regions included in the resource data sync. */ sourceRegions: pulumi.Input[]>; /** * The type of data source for the resource data sync. `SourceType` is either `AwsOrganizations` (if an organization is present in AWS Organizations ) or `SingleAccountMultiRegions` . */ sourceType: pulumi.Input; } } export declare namespace ssmcontacts { /** * Information about the contact channel that SSM Incident Manager uses to engage the contact. */ interface ContactChannelTargetInfoArgs { /** * The Amazon Resource Name (ARN) of the contact channel. */ channelId: pulumi.Input; /** * The number of minutes to wait to retry sending engagement in the case the engagement initially fails. */ retryIntervalInMinutes: pulumi.Input; } /** * A set amount of time that an escalation plan or engagement plan engages the specified contacts or contact methods. */ interface ContactStageArgs { /** * The time to wait until beginning the next stage. */ durationInMinutes?: pulumi.Input; /** * List of Rotation Ids to associate with Contact */ rotationIds?: pulumi.Input[]>; /** * The contacts or contact methods that the escalation plan or engagement plan is engaging. */ targets?: pulumi.Input[]>; } /** * The contact that SSM Incident Manager is engaging during an incident. */ interface ContactTargetInfoArgs { /** * The Amazon Resource Name (ARN) of the contact. */ contactId: pulumi.Input; /** * A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan. */ isEssential: pulumi.Input; } /** * The contacts or contact methods that the escalation plan or engagement plan is engaging. */ interface ContactTargetsArgs { /** * Information about the contact channel that Incident Manager engages. */ channelTargetInfo?: pulumi.Input; /** * The contact that Incident Manager is engaging during an incident. */ contactTargetInfo?: pulumi.Input; } /** * Information about the contact channel that SSM Incident Manager uses to engage the contact. */ interface PlanChannelTargetInfoArgs { /** * The Amazon Resource Name (ARN) of the contact channel. */ channelId: pulumi.Input; /** * The number of minutes to wait to retry sending engagement in the case the engagement initially fails. */ retryIntervalInMinutes: pulumi.Input; } /** * The contact that SSM Incident Manager is engaging during an incident. */ interface PlanContactTargetInfoArgs { /** * The Amazon Resource Name (ARN) of the contact. */ contactId: pulumi.Input; /** * A Boolean value determining if the contact's acknowledgement stops the progress of stages in the plan. */ isEssential: pulumi.Input; } /** * A set amount of time that an escalation plan or engagement plan engages the specified contacts or contact methods. */ interface PlanStageArgs { /** * The time to wait until beginning the next stage. */ durationInMinutes: pulumi.Input; /** * The contacts or contact methods that the escalation plan or engagement plan is engaging. */ targets?: pulumi.Input[]>; } /** * The contacts or contact methods that the escalation plan or engagement plan is engaging. */ interface PlanTargetsArgs { /** * Information about the contact channel that Incident Manager engages. */ channelTargetInfo?: pulumi.Input; /** * Information about the contact that Incident Manager engages. */ contactTargetInfo?: pulumi.Input; } /** * StartTime and EndTime for the Shift */ interface RotationCoverageTimeArgs { /** * Information about when an on-call rotation shift ends. */ endTime: pulumi.Input; /** * Information about when an on-call rotation shift begins. */ startTime: pulumi.Input; } /** * DayOfWeek for Month and HandOff Time for Monthly Recurring Rotation. */ interface RotationMonthlySettingArgs { /** * The day of the month when monthly recurring on-call rotations begin. */ dayOfMonth: pulumi.Input; /** * The time of day when a monthly recurring on-call shift rotation begins. */ handOffTime: pulumi.Input; } /** * Information about when an on-call rotation is in effect and how long the rotation period lasts. */ interface RotationRecurrenceSettingsArgs { /** * Information about on-call rotations that recur daily. */ dailySettings?: pulumi.Input[]>; /** * Information about on-call rotations that recur monthly. */ monthlySettings?: pulumi.Input[]>; /** * Number of Oncalls per shift. */ numberOfOnCalls?: pulumi.Input; /** * The number of days, weeks, or months a single rotation lasts. */ recurrenceMultiplier?: pulumi.Input; /** * Information about the days of the week included in on-call rotation coverage. */ shiftCoverages?: pulumi.Input[]>; /** * Information about on-call rotations that recur weekly. */ weeklySettings?: pulumi.Input[]>; } /** * Information about the days of the week included in on-call rotation coverage. */ interface RotationShiftCoverageArgs { /** * Information about when an on-call shift begins and ends. */ coverageTimes: pulumi.Input[]>; /** * A list of days on which the schedule is active. */ dayOfWeek: pulumi.Input; } /** * DayOfWeek for Rotation and HandOff Time for Weekly Recurring Rotation. */ interface RotationWeeklySettingArgs { /** * The day of the week when weekly recurring on-call shift rotations begins. */ dayOfWeek: pulumi.Input; /** * The time of day when a weekly recurring on-call shift rotation begins. */ handOffTime: pulumi.Input; } } export declare namespace ssmguiconnect { /** * The set of preferences used for recording RDP connections in the requesting AWS account and AWS Region. This includes details such as which S3 bucket recordings are stored in. */ interface ConnectionRecordingPreferencesPropertiesArgs { /** * The ARN of a AWS key that is used to encrypt data while it is being processed by the service. This key must exist in the same AWS Region as the node you start an RDP connection to. */ kmsKeyArn: pulumi.Input; /** * Determines where recordings of RDP connections are stored. */ recordingDestinations: pulumi.Input; } /** * Determines where recordings of RDP connections are stored. */ interface PreferencesRecordingDestinationsArgs { /** * The S3 bucket where RDP connection recordings are stored. */ s3Buckets: pulumi.Input[]>; } /** * The S3 bucket where RDP connection recordings are stored. */ interface PreferencesS3BucketArgs { bucketName: pulumi.Input; bucketOwner: pulumi.Input; } } export declare namespace ssmincidents { /** * The ReplicationSet regional configuration. */ interface ReplicationSetRegionConfigurationArgs { /** * The AWS Key Management Service key ID or Key Alias to use to encrypt your replication set. */ sseKmsKeyId: pulumi.Input; } /** * The ReplicationSet regional configuration. */ interface ReplicationSetReplicationRegionArgs { regionConfiguration?: pulumi.Input; regionName?: pulumi.Input; } /** * The automation configuration to launch. */ interface ResponsePlanActionArgs { /** * Details about the Systems Manager automation document that will be used as a runbook during an incident. */ ssmAutomation?: pulumi.Input; } /** * The chat channel configuration. */ interface ResponsePlanChatChannelArgs { /** * The Amazon targets that uses to notify the chat channel of updates to an incident. You can also make updates to the incident through the chat channel by using the Amazon topics */ chatbotSns?: pulumi.Input[]>; } /** * A parameter with a dynamic value to set when starting the SSM automation document. */ interface ResponsePlanDynamicSsmParameterArgs { /** * The key parameter to use when running the Systems Manager Automation runbook. */ key: pulumi.Input; /** * The dynamic parameter value. */ value: pulumi.Input; } /** * Value of the dynamic parameter to set when starting the SSM automation document. */ interface ResponsePlanDynamicSsmParameterValueArgs { /** * Variable dynamic parameters. A parameter value is determined when an incident is created. */ variable?: pulumi.Input; } /** * The incident template configuration. */ interface ResponsePlanIncidentTemplateArgs { /** * The deduplication string. */ dedupeString?: pulumi.Input; /** * The impact value. */ impact: pulumi.Input; /** * Tags that get applied to incidents created by the StartIncident API action. */ incidentTags?: pulumi.Input[]>; /** * The list of notification targets. */ notificationTargets?: pulumi.Input[]>; /** * The summary string. */ summary?: pulumi.Input; /** * The title string. */ title: pulumi.Input; } interface ResponsePlanIntegrationArgs { /** * Information about the PagerDuty service where the response plan creates an incident. */ pagerDutyConfiguration?: pulumi.Input; } /** * A notification target. */ interface ResponsePlanNotificationTargetItemArgs { /** * The Amazon Resource Name (ARN) of the Amazon topic. */ snsTopicArn?: pulumi.Input; } /** * The pagerDuty configuration to use when starting the incident. */ interface ResponsePlanPagerDutyConfigurationArgs { /** * The name of the pagerDuty configuration. */ name: pulumi.Input; /** * Details about the PagerDuty service associated with the configuration. */ pagerDutyIncidentConfiguration: pulumi.Input; /** * The AWS secrets manager secretId storing the pagerDuty token. */ secretId: pulumi.Input; } /** * The pagerDuty incident configuration. */ interface ResponsePlanPagerDutyIncidentConfigurationArgs { /** * The pagerDuty serviceId. */ serviceId: pulumi.Input; } /** * The configuration to use when starting the SSM automation document. */ interface ResponsePlanSsmAutomationArgs { /** * The document name to use when starting the SSM automation document. */ documentName: pulumi.Input; /** * The version of the document to use when starting the SSM automation document. */ documentVersion?: pulumi.Input; /** * The parameters with dynamic values to set when starting the SSM automation document. */ dynamicParameters?: pulumi.Input[]>; /** * The parameters to set when starting the SSM automation document. */ parameters?: pulumi.Input[]>; /** * The role ARN to use when starting the SSM automation document. */ roleArn: pulumi.Input; /** * The account type to use when starting the SSM automation document. */ targetAccount?: pulumi.Input; } /** * A parameter to set when starting the SSM automation document. */ interface ResponsePlanSsmParameterArgs { /** * The key parameter to use when running the Automation runbook. */ key: pulumi.Input; /** * The value parameter to use when running the Automation runbook. */ values: pulumi.Input[]>; } /** * A key-value pair to tag a resource. */ interface ResponsePlanTagArgs { /** * The tag key. */ key: pulumi.Input; /** * The tag value. */ value: pulumi.Input; } } export declare namespace ssmquicksetup { interface ConfigurationManagerConfigurationDefinitionArgs { /** * The ID of the configuration definition. */ id?: pulumi.Input; /** * The ARN of the IAM role used to administrate local configuration deployments. * * > Although this element is listed as "Required: No", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account. */ localDeploymentAdministrationRoleArn?: pulumi.Input; /** * The name of the IAM role used to deploy local configurations. * * > Although this element is listed as "Required: No", a value can be omitted only for organizational deployments of types other than `AWSQuickSetupType-PatchPolicy` . A value must be provided when you are running an organizational deployment for a patch policy or running any type of deployment for a single account. */ localDeploymentExecutionRoleName?: pulumi.Input; /** * The parameters for the configuration definition type. Parameters for configuration definitions vary based the configuration type. The following lists outline the parameters for each configuration type. * * - **AWS Config Recording (Type: AWS QuickSetupType-CFGRecording)** - - `RecordAllResources` * * - Description: (Optional) A boolean value that determines whether all supported resources are recorded. The default value is " `true` ". * - `ResourceTypesToRecord` * * - Description: (Optional) A comma separated list of resource types you want to record. * - `RecordGlobalResourceTypes` * * - Description: (Optional) A boolean value that determines whether global resources are recorded with all resource configurations. The default value is " `false` ". * - `GlobalResourceTypesRegion` * * - Description: (Optional) Determines the AWS Region where global resources are recorded. * - `UseCustomBucket` * * - Description: (Optional) A boolean value that determines whether a custom Amazon S3 bucket is used for delivery. The default value is " `false` ". * - `DeliveryBucketName` * * - Description: (Optional) The name of the Amazon S3 bucket you want AWS Config to deliver configuration snapshots and configuration history files to. * - `DeliveryBucketPrefix` * * - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. * - `NotificationOptions` * * - Description: (Optional) Determines the notification configuration for the recorder. The valid values are `NoStreaming` , `UseExistingTopic` , and `CreateTopic` . The default value is `NoStreaming` . * - `CustomDeliveryTopicAccountId` * * - Description: (Optional) The ID of the AWS account where the Amazon SNS topic you want to use for notifications resides. You must specify a value for this parameter if you use the `UseExistingTopic` notification option. * - `CustomDeliveryTopicName` * * - Description: (Optional) The name of the Amazon SNS topic you want to use for notifications. You must specify a value for this parameter if you use the `UseExistingTopic` notification option. * - `RemediationSchedule` * * - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(7 days)` , `rate(1 days)` , and `none` . The default value is " `none` ". * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Change Manager (Type: AWS QuickSetupType-SSMChangeMgr)** - - `DelegatedAccountId` * * - Description: (Required) The ID of the delegated administrator account. * - `JobFunction` * * - Description: (Required) The name for the Change Manager job function. * - `PermissionType` * * - Description: (Optional) Specifies whether you want to use default administrator permissions for the job function role, or provide a custom IAM policy. The valid values are `CustomPermissions` and `AdminPermissions` . The default value for the parameter is `CustomerPermissions` . * - `CustomPermissions` * * - Description: (Optional) A JSON string containing the IAM policy you want your job function to use. You must provide a value for this parameter if you specify `CustomPermissions` for the `PermissionType` parameter. * - `TargetOrganizationalUnits` * * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Conformance Packs (Type: AWS QuickSetupType-CFGCPacks)** - - `DelegatedAccountId` * * - Description: (Optional) The ID of the delegated administrator account. This parameter is required for Organization deployments. * - `RemediationSchedule` * * - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is " `none` ". * - `CPackNames` * * - Description: (Required) A comma separated list of AWS Config conformance packs. * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) The ID of the root of your Organization. This configuration type doesn't currently support choosing specific OUs. The configuration will be deployed to all the OUs in the Organization. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Default Host Management Configuration (Type: AWS QuickSetupType-DHMC)** - - `UpdateSsmAgent` * * - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " `true` ". * - `TargetOrganizationalUnits` * * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **DevOps Guru (Type: AWS QuickSetupType-DevOpsGuru)** - - `AnalyseAllResources` * * - Description: (Optional) A boolean value that determines whether DevOps Guru analyzes all CloudFormation stacks in the account. The default value is " `false` ". * - `EnableSnsNotifications` * * - Description: (Optional) A boolean value that determines whether DevOps Guru sends notifications when an insight is created. The default value is " `true` ". * - `EnableSsmOpsItems` * * - Description: (Optional) A boolean value that determines whether DevOps Guru creates an OpsCenter OpsItem when an insight is created. The default value is " `true` ". * - `EnableDriftRemediation` * * - Description: (Optional) A boolean value that determines whether a drift remediation schedule is used. The default value is " `false` ". * - `RemediationSchedule` * * - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(1 days)` , and `none` . The default value is " `none` ". * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Distributor (Type: AWS QuickSetupType-Distributor)** - - `PackagesToInstall` * * - Description: (Required) A comma separated list of packages you want to install on the target instances. The valid values are `AWSEFSTools` , `AWSCWAgent` , and `AWSEC2LaunchAgent` . * - `RemediationSchedule` * * - Description: (Optional) A rate expression that defines the schedule for drift remediation. The valid values are `rate(30 days)` , `rate(14 days)` , `rate(2 days)` , and `none` . The default value is " `rate(30 days)` ". * - `IsPolicyAttachAllowed` * * - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " `false` ". * - `TargetType` * * - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account. * - `TargetInstances` * * - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter. * - `TargetTagKey` * * - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `TargetTagValue` * * - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `ResourceGroupName` * * - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter. * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Host Management (Type: AWS QuickSetupType-SSMHostMgmt)** - - `UpdateSsmAgent` * * - Description: (Optional) A boolean value that determines whether the SSM Agent is updated on the target instances every 2 weeks. The default value is " `true` ". * - `UpdateEc2LaunchAgent` * * - Description: (Optional) A boolean value that determines whether the EC2 Launch agent is updated on the target instances every month. The default value is " `false` ". * - `CollectInventory` * * - Description: (Optional) A boolean value that determines whether instance metadata is collected on the target instances every 30 minutes. The default value is " `true` ". * - `ScanInstances` * * - Description: (Optional) A boolean value that determines whether the target instances are scanned daily for available patches. The default value is " `true` ". * - `InstallCloudWatchAgent` * * - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is installed on the target instances. The default value is " `false` ". * - `UpdateCloudWatchAgent` * * - Description: (Optional) A boolean value that determines whether the Amazon CloudWatch agent is updated on the target instances every month. The default value is " `false` ". * - `IsPolicyAttachAllowed` * * - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " `false` ". * - `TargetType` * * - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account. * - `TargetInstances` * * - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter. * - `TargetTagKey` * * - Description: (Optional) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `TargetTagValue` * * - Description: (Optional) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `ResourceGroupName` * * - Description: (Optional) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter. * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **OpsCenter (Type: AWS QuickSetupType-SSMOpsCenter)** - - `DelegatedAccountId` * * - Description: (Required) The ID of the delegated administrator account. * - `TargetOrganizationalUnits` * * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Patch Policy (Type: AWS QuickSetupType-PatchPolicy)** - - `PatchPolicyName` * * - Description: (Required) A name for the patch policy. The value you provide is applied to target Amazon EC2 instances as a tag. * - `SelectedPatchBaselines` * * - Description: (Required) An array of JSON objects containing the information for the patch baselines to include in your patch policy. * - `PatchBaselineUseDefault` * * - Description: (Optional) A value that determines whether the selected patch baselines are all AWS provided. Supported values are `default` and `custom` . * - `PatchBaselineRegion` * * - Description: (Required) The AWS Region where the patch baseline exist. * - `ConfigurationOptionsPatchOperation` * * - Description: (Optional) Determines whether target instances scan for available patches, or scan and install available patches. The valid values are `Scan` and `ScanAndInstall` . The default value for the parameter is `Scan` . * - `ConfigurationOptionsScanValue` * * - Description: (Optional) A cron expression that is used as the schedule for when instances scan for available patches. * - `ConfigurationOptionsInstallValue` * * - Description: (Optional) A cron expression that is used as the schedule for when instances install available patches. * - `ConfigurationOptionsScanNextInterval` * * - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " `false` ". * - `ConfigurationOptionsInstallNextInterval` * * - Description: (Optional) A boolean value that determines whether instances should scan for available patches at the next cron interval. The default value is " `false` ". * - `RebootOption` * * - Description: (Optional) Determines whether instances are rebooted after patches are installed. Valid values are `RebootIfNeeded` and `NoReboot` . * - `IsPolicyAttachAllowed` * * - Description: (Optional) A boolean value that determines whether Quick Setup attaches policies to instances profiles already associated with the target instances. The default value is " `false` ". * - `OutputLogEnableS3` * * - Description: (Optional) A boolean value that determines whether command output logs are sent to Amazon S3. * - `OutputS3Location` * * - Description: (Optional) Information about the Amazon S3 bucket where you want to store the output details of the request. * * - `OutputBucketRegion` * * - Description: (Optional) The AWS Region where the Amazon S3 bucket you want to deliver command output to is located. * - `OutputS3BucketName` * * - Description: (Optional) The name of the Amazon S3 bucket you want to deliver command output to. * - `OutputS3KeyPrefix` * * - Description: (Optional) The key prefix you want to use in the custom Amazon S3 bucket. * - `TargetType` * * - Description: (Optional) Determines how instances are targeted for local account deployments. Don't specify a value for this parameter if you're deploying to OUs. The valid values are `*` , `InstanceIds` , `ResourceGroups` , and `Tags` . Use `*` to target all instances in the account. * - `TargetInstances` * * - Description: (Optional) A comma separated list of instance IDs. You must provide a value for this parameter if you specify `InstanceIds` for the `TargetType` parameter. * - `TargetTagKey` * * - Description: (Required) The tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `TargetTagValue` * * - Description: (Required) The value of the tag key assigned to the instances you want to target. You must provide a value for this parameter if you specify `Tags` for the `TargetType` parameter. * - `ResourceGroupName` * * - Description: (Required) The name of the resource group associated with the instances you want to target. You must provide a value for this parameter if you specify `ResourceGroups` for the `TargetType` parameter. * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Resource Explorer (Type: AWS QuickSetupType-ResourceExplorer)** - - `SelectedAggregatorRegion` * * - Description: (Required) The AWS Region where you want to create the aggregator index. * - `ReplaceExistingAggregator` * * - Description: (Required) A boolean value that determines whether to demote an existing aggregator if it is in a Region that differs from the value you specify for the `SelectedAggregatorRegion` . * - `TargetOrganizationalUnits` * * - Description: (Required) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. * - **Resource Scheduler (Type: AWS QuickSetupType-Scheduler)** - - `TargetTagKey` * * - Description: (Required) The tag key assigned to the instances you want to target. * - `TargetTagValue` * * - Description: (Required) The value of the tag key assigned to the instances you want to target. * - `ICalendarString` * * - Description: (Required) An iCalendar formatted string containing the schedule you want Change Manager to use. * - `TargetAccounts` * * - Description: (Optional) The ID of the AWS account initiating the configuration deployment. You only need to provide a value for this parameter if you want to deploy the configuration locally. A value must be provided for either `TargetAccounts` or `TargetOrganizationalUnits` . * - `TargetOrganizationalUnits` * * - Description: (Optional) A comma separated list of organizational units (OUs) you want to deploy the configuration to. * - `TargetRegions` * * - Description: (Required) A comma separated list of AWS Regions you want to deploy the configuration to. */ parameters: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The type of the Quick Setup configuration. */ type: pulumi.Input; /** * The version of the Quick Setup type used. */ typeVersion?: pulumi.Input; } } export declare namespace sso { /** * A structure that describes the options for the access portal associated with an application */ interface ApplicationPortalOptionsConfigurationArgs { /** * A structure that describes the sign-in options for the access portal */ signInOptions?: pulumi.Input; /** * Indicates whether this application is visible in the access portal */ visibility?: pulumi.Input; } /** * A structure that describes the sign-in options for an application portal */ interface ApplicationSignInOptionsArgs { /** * The URL that accepts authentication requests for an application, this is a required parameter if the Origin parameter is APPLICATION */ applicationUrl?: pulumi.Input; /** * This determines how IAM Identity Center navigates the user to the target application */ origin: pulumi.Input; } interface InstanceAccessControlAttributeConfigurationAccessControlAttributeArgs { key: pulumi.Input; value: pulumi.Input; } interface InstanceAccessControlAttributeConfigurationAccessControlAttributeValueArgs { source: pulumi.Input[]>; } /** * The InstanceAccessControlAttributeConfiguration property has been deprecated but is still supported for backwards compatibility purposes. We recomend that you use AccessControlAttributes property instead. */ interface InstanceAccessControlAttributeConfigurationPropertiesArgs { accessControlAttributes: pulumi.Input[]>; } interface PermissionSetCustomerManagedPolicyReferenceArgs { /** * The name of the IAM policy that you have configured in each account where you want to deploy your permission set. */ name: pulumi.Input; /** * The path to the IAM policy that you have configured in each account where you want to deploy your permission set. The default is `/` . For more information, see [Friendly names and paths](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_identifiers.html#identifiers-friendly-names) in the *IAM User Guide* . */ path?: pulumi.Input; } interface PermissionSetPermissionsBoundaryArgs { /** * Specifies the name and path of a customer managed policy. You must have an IAM policy that matches the name and path in each AWS account where you want to deploy your permission set. */ customerManagedPolicyReference?: pulumi.Input; /** * The AWS managed policy ARN that you want to attach to a permission set as a permissions boundary. */ managedPolicyArn?: pulumi.Input; } } export declare namespace stepfunctions { interface ActivityEncryptionConfigurationArgs { /** * Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys. */ kmsDataKeyReusePeriodSeconds?: pulumi.Input; /** * An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS key to encrypt data. To specify a AWS key in a different AWS account, you must use the key ARN or alias ARN. */ kmsKeyId?: pulumi.Input; /** * Encryption option for an activity. */ type: pulumi.Input; } /** * The settings to enable gradual state machine deployments. */ interface StateMachineAliasDeploymentPreferenceArgs { /** * A list of CloudWatch alarm names that will be monitored during the deployment. The deployment will fail and rollback if any alarms go into ALARM state. */ alarms?: pulumi.Input[]>; /** * The time in minutes between each traffic shifting increment. */ interval?: pulumi.Input; /** * The percentage of traffic to shift to the new version in each increment. */ percentage?: pulumi.Input; /** * The Amazon Resource Name (ARN) of the [`AWS::StepFunctions::StateMachineVersion`](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-stepfunctions-statemachineversion.html) resource that will be the final version to which the alias points to when the traffic shifting is complete. * * While performing gradual deployments, you can only provide a single state machine version ARN. To explicitly set version weights in a CloudFormation template, use `RoutingConfiguration` instead. */ stateMachineVersionArn: pulumi.Input; /** * The type of deployment to perform. */ type: pulumi.Input; } interface StateMachineAliasRoutingConfigurationVersionArgs { /** * The Amazon Resource Name (ARN) that identifies one or two state machine versions defined in the routing configuration. */ stateMachineVersionArn: pulumi.Input; /** * The percentage of traffic you want to route to the state machine version. The sum of the weights in the routing configuration must be equal to 100. */ weight: pulumi.Input; } interface StateMachineCloudWatchLogsLogGroupArgs { /** * The ARN of the the CloudWatch log group to which you want your logs emitted to. The ARN must end with `:*` */ logGroupArn?: pulumi.Input; } interface StateMachineDefinitionArgs { } interface StateMachineEncryptionConfigurationArgs { /** * Maximum duration that Step Functions will reuse data keys. When the period expires, Step Functions will call `GenerateDataKey` . Only applies to customer managed keys. */ kmsDataKeyReusePeriodSeconds?: pulumi.Input; /** * An alias, alias ARN, key ID, or key ARN of a symmetric encryption AWS key to encrypt data. To specify a AWS key in a different AWS account, you must use the key ARN or alias ARN. */ kmsKeyId?: pulumi.Input; /** * Encryption option for a state machine. */ type: pulumi.Input; } interface StateMachineLogDestinationArgs { /** * An object describing a CloudWatch log group. For more information, see [AWS::Logs::LogGroup](https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-logs-loggroup.html) in the CloudFormation User Guide. */ cloudWatchLogsLogGroup?: pulumi.Input; } interface StateMachineLoggingConfigurationArgs { /** * An array of objects that describes where your execution history events will be logged. Limited to size 1. Required, if your log level is not set to `OFF` . */ destinations?: pulumi.Input[]>; /** * Determines whether execution data is included in your log. When set to `false` , data is excluded. */ includeExecutionData?: pulumi.Input; /** * Defines which category of execution history events are logged. */ level?: pulumi.Input; } interface StateMachineS3LocationArgs { /** * The name of the S3 bucket where the state machine definition JSON or YAML file is stored. */ bucket: pulumi.Input; /** * The name of the state machine definition file (Amazon S3 object name). */ key: pulumi.Input; /** * For versioning-enabled buckets, a specific version of the state machine definition. */ version?: pulumi.Input; } interface StateMachineTracingConfigurationArgs { /** * When set to `true` , X-Ray tracing is enabled. */ enabled?: pulumi.Input; } } export declare namespace synthetics { interface CanaryArtifactConfigArgs { /** * Encryption configuration for uploading artifacts to S3 */ s3Encryption?: pulumi.Input; } interface CanaryBaseScreenshotArgs { /** * List of coordinates of rectangles to be ignored during visual testing */ ignoreCoordinates?: pulumi.Input[]>; /** * Name of the screenshot to be used as base reference for visual testing */ screenshotName: pulumi.Input; } interface CanaryBrowserConfigArgs { /** * The browser type associated with this browser configuration. */ browserType: pulumi.Input; } interface CanaryCodeArgs { /** * `BlueprintTypes` are a list of templates that enable simplified canary creation. You can create canaries for common monitoring scenarios by providing only a JSON configuration file instead of writing custom scripts. `multi-checks` is the only supported value. * * When you specify `BlueprintTypes` , the `Handler` field cannot be specified since the blueprint provides a pre-defined entry point. */ blueprintTypes?: pulumi.Input[]>; /** * List of Lambda layers to attach to the canary */ dependencies?: pulumi.Input[]>; /** * The entry point to use for the source code when running the canary. For canaries that use the `syn-python-selenium-1.0` runtime or a `syn-nodejs.puppeteer` runtime earlier than `syn-nodejs.puppeteer-3.4` , the handler must be specified as `*fileName* .handler` . For `syn-python-selenium-1.1` , `syn-nodejs.puppeteer-3.4` , and later runtimes, the handler can be specified as `*fileName* . *functionName*` , or you can specify a folder where canary scripts reside as `*folder* / *fileName* . *functionName*` . * * This field is required when you don't specify `BlueprintTypes` and is not allowed when you specify `BlueprintTypes` . */ handler?: pulumi.Input; /** * If your canary script is located in S3, specify the bucket name here. The bucket must already exist. */ s3Bucket?: pulumi.Input; /** * The Amazon S3 key of your script. For more information, see [Working with Amazon S3 Objects](https://docs.aws.amazon.com/AmazonS3/latest/dev/UsingObjects.html) . */ s3Key?: pulumi.Input; /** * The Amazon S3 version ID of your script. */ s3ObjectVersion?: pulumi.Input; /** * If you input your canary script directly into the canary instead of referring to an S3 location, the value of this parameter is the script in plain text. It can be up to 5 MB. */ script?: pulumi.Input; /** * The ARN of the Lambda layer where Synthetics stores the canary script code. */ sourceLocationArn?: pulumi.Input; } interface CanaryDependencyArgs { /** * ARN of the Lambda layer */ reference: pulumi.Input; /** * Type of dependency */ type?: pulumi.Input; } interface CanaryRetryConfigArgs { /** * maximum times the canary will be retried upon the scheduled run failure */ maxRetries: pulumi.Input; } interface CanaryRunConfigArgs { /** * Enable active tracing if set to true */ activeTracing?: pulumi.Input; /** * Environment variable key-value pairs. */ environmentVariables?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * Provide ephemeralStorage available for canary in MB */ ephemeralStorage?: pulumi.Input; /** * Provide maximum memory available for canary in MB */ memoryInMb?: pulumi.Input; /** * Provide maximum canary timeout per run in seconds */ timeoutInSeconds?: pulumi.Input; } interface CanaryS3EncryptionArgs { /** * Encryption mode for encrypting artifacts when uploading to S3. Valid values: SSE_S3 and SSE_KMS. */ encryptionMode?: pulumi.Input; /** * KMS key Arn for encrypting artifacts when uploading to S3. You must specify KMS key Arn for SSE_KMS encryption mode only. */ kmsKeyArn?: pulumi.Input; } interface CanaryScheduleArgs { /** * How long, in seconds, for the canary to continue making regular runs according to the schedule in the `Expression` value. If you specify 0, the canary continues making runs until you stop it. If you omit this field, the default of 0 is used. */ durationInSeconds?: pulumi.Input; /** * A `rate` expression or a `cron` expression that defines how often the canary is to run. * * For a rate expression, The syntax is `rate( *number unit* )` . *unit* can be `minute` , `minutes` , or `hour` . * * For example, `rate(1 minute)` runs the canary once a minute, `rate(10 minutes)` runs it once every 10 minutes, and `rate(1 hour)` runs it once every hour. You can specify a frequency between `rate(1 minute)` and `rate(1 hour)` . * * Specifying `rate(0 minute)` or `rate(0 hour)` is a special value that causes the canary to run only once when it is started. * * Use `cron( *expression* )` to specify a cron expression. You can't schedule a canary to wait for more than a year before running. For information about the syntax for cron expressions, see [Scheduling canary runs using cron](https://docs.aws.amazon.com/AmazonCloudWatch/latest/monitoring/CloudWatch_Synthetics_Canaries_cron.html) . */ expression: pulumi.Input; /** * Provide canary auto retry configuration */ retryConfig?: pulumi.Input; } interface CanaryVisualReferenceArgs { /** * Canary run id to be used as base reference for visual testing */ baseCanaryRunId: pulumi.Input; /** * List of screenshots used as base reference for visual testing */ baseScreenshots?: pulumi.Input[]>; /** * The browser type associated with this visual reference configuration. Valid values are `CHROME` and `FIREFOX` . */ browserType?: pulumi.Input; } interface CanaryVpcConfigArgs { /** * Allow outbound IPv6 traffic on VPC canaries that are connected to dual-stack subnets if set to true */ ipv6AllowedForDualStack?: pulumi.Input; /** * The IDs of the security groups for this canary. */ securityGroupIds: pulumi.Input[]>; /** * The IDs of the subnets where this canary is to run. */ subnetIds: pulumi.Input[]>; /** * The ID of the VPC where this canary is to run. */ vpcId?: pulumi.Input; } } export declare namespace systemsmanagersap { interface ApplicationComponentInfoArgs { /** * This string is the type of the component. * * Accepted value is `WD` . */ componentType?: pulumi.Input; /** * This is the Amazon EC2 instance on which your SAP component is running. * * Accepted values are alphanumeric. */ ec2InstanceId?: pulumi.Input; /** * This string is the SAP System ID of the component. * * Accepted values are alphanumeric. */ sid?: pulumi.Input; } interface ApplicationCredentialArgs { /** * The type of the application credentials. */ credentialType?: pulumi.Input; /** * The name of the SAP HANA database. */ databaseName?: pulumi.Input; /** * The secret ID created in AWS Secrets Manager to store the credentials of the SAP application. */ secretId?: pulumi.Input; } } export declare namespace timestream { /** * Configuration for sending logs to customer account from the InfluxDB instance. */ interface LogDeliveryConfigurationPropertiesArgs { /** * S3 configuration for sending logs to customer account from the InfluxDB instance. */ s3Configuration: pulumi.Input; } /** * S3 configuration for sending logs to customer account from the InfluxDB instance. */ interface LogDeliveryConfigurationPropertiesS3ConfigurationPropertiesArgs { /** * The bucket name for logs to be sent from the InfluxDB instance */ bucketName: pulumi.Input; /** * Specifies whether logging to customer specified bucket is enabled. */ enabled: pulumi.Input; } /** * The properties that determine whether magnetic store writes are enabled. */ interface MagneticStoreWritePropertiesPropertiesArgs { /** * Boolean flag indicating whether magnetic store writes are enabled. */ enableMagneticStoreWrites: pulumi.Input; /** * Location to store information about records that were asynchronously rejected during magnetic store writes. */ magneticStoreRejectedDataLocation?: pulumi.Input; } /** * Location to store information about records that were asynchronously rejected during magnetic store writes. */ interface MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationPropertiesArgs { /** * S3 configuration for location to store rejections from magnetic store writes */ s3Configuration?: pulumi.Input; } /** * S3 configuration for location to store rejections from magnetic store writes */ interface MagneticStoreWritePropertiesPropertiesMagneticStoreRejectedDataLocationPropertiesS3ConfigurationPropertiesArgs { /** * The bucket name used to store the data. */ bucketName: pulumi.Input; /** * Either SSE_KMS or SSE_S3. */ encryptionOption: pulumi.Input; /** * Must be provided if SSE_KMS is specified as the encryption option */ kmsKeyId?: pulumi.Input; /** * String used to prefix all data in the bucket. */ objectKeyPrefix?: pulumi.Input; } /** * The retention duration of the memory store and the magnetic store. */ interface RetentionPropertiesPropertiesArgs { /** * The duration for which data must be stored in the magnetic store. */ magneticStoreRetentionPeriodInDays?: pulumi.Input; /** * The duration for which data must be stored in the memory store. */ memoryStoreRetentionPeriodInHours?: pulumi.Input; } /** * This type is used to map column(s) from the query result to a dimension in the destination table. */ interface ScheduledQueryDimensionMappingArgs { dimensionValueType: pulumi.Input; name: pulumi.Input; } /** * Configuration for error reporting. Error reports will be generated when a problem is encountered when writing the query results. */ interface ScheduledQueryErrorReportConfigurationArgs { /** * The S3 configuration for the error reports. */ s3Configuration: pulumi.Input; } /** * MixedMeasureMappings are mappings that can be used to ingest data into a mixture of narrow and multi measures in the derived table. */ interface ScheduledQueryMixedMeasureMappingArgs { measureName?: pulumi.Input; measureValueType: pulumi.Input; multiMeasureAttributeMappings?: pulumi.Input[]>; sourceColumn?: pulumi.Input; targetMeasureName?: pulumi.Input; } /** * An attribute mapping to be used for mapping query results to ingest data for multi-measure attributes. */ interface ScheduledQueryMultiMeasureAttributeMappingArgs { measureValueType: pulumi.Input; sourceColumn: pulumi.Input; targetMultiMeasureAttributeName?: pulumi.Input; } /** * Only one of MixedMeasureMappings or MultiMeasureMappings is to be provided. MultiMeasureMappings can be used to ingest data as multi measures in the derived table. */ interface ScheduledQueryMultiMeasureMappingsArgs { /** * Required. Attribute mappings to be used for mapping query results to ingest data for multi-measure attributes. */ multiMeasureAttributeMappings: pulumi.Input[]>; /** * The name of the target multi-measure name in the derived table. This input is required when measureNameColumn is not provided. If MeasureNameColumn is provided, then value from that column will be used as multi-measure name. */ targetMultiMeasureName?: pulumi.Input; } /** * Notification configuration for the scheduled query. A notification is sent by Timestream when a query run finishes, when the state is updated or when you delete it. */ interface ScheduledQueryNotificationConfigurationArgs { /** * Details on SNS configuration. */ snsConfiguration: pulumi.Input; } /** * Details on S3 location for error reports that result from running a query. */ interface ScheduledQueryS3ConfigurationArgs { /** * Name of the S3 bucket under which error reports will be created. */ bucketName: pulumi.Input; /** * Encryption at rest options for the error reports. If no encryption option is specified, Timestream will choose SSE_S3 as default. */ encryptionOption?: pulumi.Input; /** * Prefix for the error report key. Timestream by default adds the following prefix to the error report path. */ objectKeyPrefix?: pulumi.Input; } /** * Configuration for when the scheduled query is executed. */ interface ScheduledQueryScheduleConfigurationArgs { /** * An expression that denotes when to trigger the scheduled query run. This can be a cron expression or a rate expression. */ scheduleExpression: pulumi.Input; } /** * SNS configuration for notification upon scheduled query execution. */ interface ScheduledQuerySnsConfigurationArgs { /** * SNS topic ARN that the scheduled query status notifications will be sent to. */ topicArn: pulumi.Input; } /** * Configuration of target store where scheduled query results are written to. */ interface ScheduledQueryTargetConfigurationArgs { /** * Configuration needed to write data into the Timestream database and table. */ timestreamConfiguration: pulumi.Input; } /** * Configuration needed to write data into the Timestream database and table. */ interface ScheduledQueryTimestreamConfigurationArgs { /** * Name of Timestream database to which the query result will be written. */ databaseName: pulumi.Input; /** * This is to allow mapping column(s) from the query result to the dimension in the destination table. */ dimensionMappings: pulumi.Input[]>; /** * Name of the measure column. Also see `MultiMeasureMappings` and `MixedMeasureMappings` for how measure name properties on those relate to `MeasureNameColumn` . */ measureNameColumn?: pulumi.Input; /** * Specifies how to map measures to multi-measure records. */ mixedMeasureMappings?: pulumi.Input[]>; /** * Multi-measure mappings. */ multiMeasureMappings?: pulumi.Input; /** * Name of Timestream table that the query result will be written to. The table should be within the same database that is provided in Timestream configuration. */ tableName: pulumi.Input; /** * Column from query result that should be used as the time column in destination table. Column type for this should be TIMESTAMP. */ timeColumn: pulumi.Input; } /** * A Schema specifies the expected data model of the table. */ interface SchemaPropertiesArgs { /** * A non-empty list of partition keys defining the attributes used to partition the table data. The order of the list determines the partition hierarchy. The name and type of each partition key as well as the partition key order cannot be changed after the table is created. However, the enforcement level of each partition key can be changed. */ compositePartitionKey?: pulumi.Input[]>; } /** * An attribute used in partitioning data in a table. There are two types of partition keys: dimension keys and measure keys. A dimension key partitions data on a dimension name, while a measure key partitions data on the measure name. */ interface TablePartitionKeyArgs { enforcementInRecord?: pulumi.Input; name?: pulumi.Input; type: pulumi.Input; } } export declare namespace transfer { /** * Configuration for an AS2 connector. */ interface As2ConfigPropertiesArgs { /** * Configuration for an AS2 connector with ASYNC MDN Response */ asyncMdnConfig?: pulumi.Input; /** * ARN or name of the secret in AWS Secrets Manager which contains the credentials for Basic authentication. If empty, Basic authentication is disabled for the AS2 connector */ basicAuthSecretId?: pulumi.Input; /** * Compression setting for this AS2 connector configuration. */ compression?: pulumi.Input; /** * Encryption algorithm for this AS2 connector configuration. */ encryptionAlgorithm?: pulumi.Input; /** * A unique identifier for the local profile. */ localProfileId?: pulumi.Input; /** * MDN Response setting for this AS2 connector configuration. */ mdnResponse?: pulumi.Input; /** * MDN Signing algorithm for this AS2 connector configuration. */ mdnSigningAlgorithm?: pulumi.Input; /** * The message subject for this AS2 connector configuration. */ messageSubject?: pulumi.Input; /** * A unique identifier for the partner profile. */ partnerProfileId?: pulumi.Input; /** * Specifies whether to use the AWS S3 object content-type as the content-type for the AS2 message. */ preserveContentType?: pulumi.Input; /** * Signing algorithm for this AS2 connector configuration. */ signingAlgorithm?: pulumi.Input; } interface ConnectorAsyncMdnConfigArgs { serverIds: pulumi.Input[]>; /** * URL of the server to receive the MDN response on */ url: pulumi.Input; } interface ConnectorEgressConfigArgs { /** * VPC_LATTICE configuration for routing connector traffic through customer VPCs. Enables private connectivity to SFTP servers without requiring public internet access or complex network configurations. */ vpcLattice: pulumi.Input; } interface ConnectorVpcLatticeEgressConfigArgs { /** * Port to connect to on the target VPC Lattice resource */ portNumber?: pulumi.Input; /** * ARN of the VPC Lattice resource configuration */ resourceConfigurationArn: pulumi.Input; } /** * Specifies a separate directory for each type of file to store for an AS2 message. */ interface CustomDirectoriesPropertiesArgs { /** * Specifies a location to store the failed files for an AS2 message. */ failedFilesDirectory: pulumi.Input; /** * Specifies a location to store the MDN file for an AS2 message. */ mdnFilesDirectory: pulumi.Input; /** * Specifies a location to store the payload file for an AS2 message. */ payloadFilesDirectory: pulumi.Input; /** * Specifies a location to store the status file for an AS2 message. */ statusFilesDirectory: pulumi.Input; /** * Specifies a location to store the temporary processing file for an AS2 message. */ temporaryFilesDirectory: pulumi.Input; } interface ServerEndpointDetailsArgs { /** * A list of address allocation IDs that are required to attach an Elastic IP address to your server's endpoint. * * An address allocation ID corresponds to the allocation ID of an Elastic IP address. This value can be retrieved from the `allocationId` field from the Amazon EC2 [Address](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_Address.html) data type. One way to retrieve this value is by calling the EC2 [DescribeAddresses](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_DescribeAddresses.html) API. * * This parameter is optional. Set this parameter if you want to make your VPC endpoint public-facing. For details, see [Create an internet-facing endpoint for your server](https://docs.aws.amazon.com/transfer/latest/userguide/create-server-in-vpc.html#create-internet-facing-endpoint) . * * > This property can only be set as follows: * > * > - `EndpointType` must be set to `VPC` * > - The Transfer Family server must be offline. * > - You cannot set this parameter for Transfer Family servers that use the FTP protocol. * > - The server must already have `SubnetIds` populated ( `SubnetIds` and `AddressAllocationIds` cannot be updated simultaneously). * > - `AddressAllocationIds` can't contain duplicates, and must be equal in length to `SubnetIds` . For example, if you have three subnet IDs, you must also specify three address allocation IDs. * > - Call the `UpdateServer` API to set or change this parameter. * > - You can't set address allocation IDs for servers that have an `IpAddressType` set to `DUALSTACK` You can only set this property if `IpAddressType` is set to `IPV4` . */ addressAllocationIds?: pulumi.Input[]>; /** * A list of security groups IDs that are available to attach to your server's endpoint. * * > While `SecurityGroupIds` appears in the response syntax for consistency with `CreateServer` and `UpdateServer` operations, this field is not populated in `DescribeServer` responses. Security groups are managed at the VPC endpoint level and can be modified outside of the Transfer Family service. To retrieve current security group information, use the EC2 `DescribeVpcEndpoints` API with the `VpcEndpointId` returned in the response. * > * > This property can only be set when `EndpointType` is set to `VPC` . * > * > You can edit the `SecurityGroupIds` property in the [UpdateServer](https://docs.aws.amazon.com/transfer/latest/userguide/API_UpdateServer.html) API only if you are changing the `EndpointType` from `PUBLIC` or `VPC_ENDPOINT` to `VPC` . To change security groups associated with your server's VPC endpoint after creation, use the Amazon EC2 [ModifyVpcEndpoint](https://docs.aws.amazon.com/AWSEC2/latest/APIReference/API_ModifyVpcEndpoint.html) API. */ securityGroupIds?: pulumi.Input[]>; /** * A list of subnet IDs that are required to host your server endpoint in your VPC. * * > This property can only be set when `EndpointType` is set to `VPC` . */ subnetIds?: pulumi.Input[]>; /** * The ID of the VPC endpoint. * * > This property can only be set when `EndpointType` is set to `VPC_ENDPOINT` . */ vpcEndpointId?: pulumi.Input; /** * The VPC ID of the virtual private cloud in which the server's endpoint will be hosted. * * > This property can only be set when `EndpointType` is set to `VPC` . */ vpcId?: pulumi.Input; } interface ServerIdentityProviderDetailsArgs { /** * The identifier of the AWS Directory Service directory that you want to use as your identity provider. */ directoryId?: pulumi.Input; /** * The ARN for a Lambda function to use for the Identity provider. */ function?: pulumi.Input; /** * This parameter is only applicable if your `IdentityProviderType` is `API_GATEWAY` . Provides the type of `InvocationRole` used to authenticate the user account. */ invocationRole?: pulumi.Input; /** * For SFTP-enabled servers, and for custom identity providers *only* , you can specify whether to authenticate using a password, SSH key pair, or both. * * - `PASSWORD` - users must provide their password to connect. * - `PUBLIC_KEY` - users must provide their private key to connect. * - `PUBLIC_KEY_OR_PASSWORD` - users can authenticate with either their password or their key. This is the default value. * - `PUBLIC_KEY_AND_PASSWORD` - users must provide both their private key and their password to connect. The server checks the key first, and then if the key is valid, the system prompts for a password. If the private key provided does not match the public key that is stored, authentication fails. */ sftpAuthenticationMethods?: pulumi.Input; /** * Provides the location of the service endpoint used to authenticate users. */ url?: pulumi.Input; } interface ServerProtocolDetailsArgs { /** * List of `As2Transport` objects. */ as2Transports?: pulumi.Input[]>; /** * Indicates passive mode, for FTP and FTPS protocols. Enter a single IPv4 address, such as the public IP address of a firewall, router, or load balancer. For example: * * `aws transfer update-server --protocol-details PassiveIp=0.0.0.0` * * Replace `0.0.0.0` in the example above with the actual IP address you want to use. * * > If you change the `PassiveIp` value, you must stop and then restart your Transfer Family server for the change to take effect. For details on using passive mode (PASV) in a NAT environment, see [Configuring your FTPS server behind a firewall or NAT with AWS Transfer Family](https://docs.aws.amazon.com/storage/configuring-your-ftps-server-behind-a-firewall-or-nat-with-aws-transfer-family/) . * > * > Additionally, avoid placing Network Load Balancers (NLBs) or NAT gateways in front of AWS Transfer Family servers. This configuration increases costs and can cause performance issues. When NLBs or NATs are in the communication path, Transfer Family cannot accurately recognize client IP addresses, which impacts connection sharding and limits FTPS servers to only 300 simultaneous connections instead of 10,000. If you must use an NLB, use port 21 for health checks and enable TLS session resumption by setting `TlsSessionResumptionMode = ENFORCED` . For optimal performance, migrate to VPC endpoints with Elastic IP addresses instead of using NLBs. For more details, see [Avoid placing NLBs and NATs in front of AWS Transfer Family](https://docs.aws.amazon.com/transfer/latest/userguide/infrastructure-security.html#nlb-considerations) . * * *Special values* * * The `AUTO` and `0.0.0.0` are special values for the `PassiveIp` parameter. The value `PassiveIp=AUTO` is assigned by default to FTP and FTPS type servers. In this case, the server automatically responds with one of the endpoint IPs within the PASV response. `PassiveIp=0.0.0.0` has a more unique application for its usage. For example, if you have a High Availability (HA) Network Load Balancer (NLB) environment, where you have 3 subnets, you can only specify a single IP address using the `PassiveIp` parameter. This reduces the effectiveness of having High Availability. In this case, you can specify `PassiveIp=0.0.0.0` . This tells the client to use the same IP address as the Control connection and utilize all AZs for their connections. Note, however, that not all FTP clients support the `PassiveIp=0.0.0.0` response. FileZilla and WinSCP do support it. If you are using other clients, check to see if your client supports the `PassiveIp=0.0.0.0` response. */ passiveIp?: pulumi.Input; /** * Use the `SetStatOption` to ignore the error that is generated when the client attempts to use `SETSTAT` on a file you are uploading to an S3 bucket. * * Some SFTP file transfer clients can attempt to change the attributes of remote files, including timestamp and permissions, using commands, such as `SETSTAT` when uploading the file. However, these commands are not compatible with object storage systems, such as Amazon S3. Due to this incompatibility, file uploads from these clients can result in errors even when the file is otherwise successfully uploaded. * * Set the value to `ENABLE_NO_OP` to have the Transfer Family server ignore the `SETSTAT` command, and upload files without needing to make any changes to your SFTP client. While the `SetStatOption` `ENABLE_NO_OP` setting ignores the error, it does generate a log entry in Amazon CloudWatch Logs, so you can determine when the client is making a `SETSTAT` call. * * > If you want to preserve the original timestamp for your file, and modify other file attributes using `SETSTAT` , you can use Amazon EFS as backend storage with Transfer Family. */ setStatOption?: pulumi.Input; /** * A property used with Transfer Family servers that use the FTPS protocol. TLS Session Resumption provides a mechanism to resume or share a negotiated secret key between the control and data connection for an FTPS session. `TlsSessionResumptionMode` determines whether or not the server resumes recent, negotiated sessions through a unique session ID. This property is available during `CreateServer` and `UpdateServer` calls. If a `TlsSessionResumptionMode` value is not specified during `CreateServer` , it is set to `ENFORCED` by default. * * - `DISABLED` : the server does not process TLS session resumption client requests and creates a new TLS session for each request. * - `ENABLED` : the server processes and accepts clients that are performing TLS session resumption. The server doesn't reject client data connections that do not perform the TLS session resumption client processing. * - `ENFORCED` : the server processes and accepts clients that are performing TLS session resumption. The server rejects client data connections that do not perform the TLS session resumption client processing. Before you set the value to `ENFORCED` , test your clients. * * > Not all FTPS clients perform TLS session resumption. So, if you choose to enforce TLS session resumption, you prevent any connections from FTPS clients that don't perform the protocol negotiation. To determine whether or not you can use the `ENFORCED` value, you need to test your clients. */ tlsSessionResumptionMode?: pulumi.Input; } interface ServerS3StorageOptionsArgs { /** * Specifies whether or not performance for your Amazon S3 directories is optimized. * * - If using the console, this is enabled by default. * - If using the API or CLI, this is disabled by default. * * By default, home directory mappings have a `TYPE` of `DIRECTORY` . If you enable this option, you would then need to explicitly set the `HomeDirectoryMapEntry` `Type` to `FILE` if you want a mapping to have a file target. */ directoryListingOptimization?: pulumi.Input; } interface ServerWorkflowDetailArgs { /** * Includes the necessary permissions for S3, EFS, and Lambda operations that Transfer can assume, so that all workflow steps can operate on the required resources */ executionRole: pulumi.Input; /** * A unique identifier for the workflow. */ workflowId: pulumi.Input; } interface ServerWorkflowDetailsArgs { /** * A trigger that starts a workflow if a file is only partially uploaded. You can attach a workflow to a server that executes whenever there is a partial upload. * * A *partial upload* occurs when a file is open when the session disconnects. * * > `OnPartialUpload` can contain a maximum of one `WorkflowDetail` object. */ onPartialUpload?: pulumi.Input[]>; /** * A trigger that starts a workflow: the workflow begins to execute after a file is uploaded. * * To remove an associated workflow from a server, you can provide an empty `OnUpload` object, as in the following example. * * `aws transfer update-server --server-id s-01234567890abcdef --workflow-details '{"OnUpload":[]}'` * * > `OnUpload` can contain a maximum of one `WorkflowDetail` object. */ onUpload?: pulumi.Input[]>; } /** * Configuration for an SFTP connector. */ interface SftpConfigPropertiesArgs { /** * Specifies the number of active connections that your connector can establish with the remote server at the same time. */ maxConcurrentConnections?: pulumi.Input; /** * List of public host keys, for the external server to which you are connecting. */ trustedHostKeys?: pulumi.Input[]>; /** * ARN or name of the secret in AWS Secrets Manager which contains the SFTP user's private keys or passwords. */ userSecretId?: pulumi.Input; } interface UserHomeDirectoryMapEntryArgs { /** * Represents an entry for `HomeDirectoryMappings` . */ entry: pulumi.Input; /** * Represents the map target that is used in a `HomeDirectoryMapEntry` . */ target: pulumi.Input; /** * Specifies the type of mapping. Set the type to `FILE` if you want the mapping to point to a file, or `DIRECTORY` for the directory to point to a directory. * * > By default, home directory mappings have a `Type` of `DIRECTORY` when you create a Transfer Family server. You would need to explicitly set `Type` to `FILE` if you want a mapping to have a file target. */ type?: pulumi.Input; } interface UserPosixProfileArgs { /** * The POSIX group ID used for all EFS operations by this user. */ gid: pulumi.Input; /** * The secondary POSIX group IDs used for all EFS operations by this user. */ secondaryGids?: pulumi.Input[]>; /** * The POSIX user ID used for all EFS operations by this user. */ uid: pulumi.Input; } interface WebAppCustomizationArgs { /** * Specifies a favicon to display in the browser tab. */ faviconFile?: pulumi.Input; /** * Specifies a logo to display on the web app. */ logoFile?: pulumi.Input; /** * Specifies a title to display on the web app. */ title?: pulumi.Input; } interface WebAppEndpointDetailsArgs { vpc?: pulumi.Input; } /** * You can provide a structure that contains the details for the identity provider to use with your web app. */ interface WebAppIdentityProviderDetailsArgs { /** * The Amazon Resource Name (ARN) for the IAM Identity Center application: this value is set automatically when you create your web app. */ applicationArn?: pulumi.Input; /** * The Amazon Resource Name (ARN) for the IAM Identity Center used for the web app. */ instanceArn?: pulumi.Input; /** * The IAM role in IAM Identity Center used for the web app. */ role?: pulumi.Input; } /** * A union that contains the value for number of concurrent connections or the user sessions on your web app. */ interface WebAppUnitsPropertiesArgs { provisioned: pulumi.Input; } /** * You can provide a structure that contains the details for the VPC endpoint to use with your web app. */ interface WebAppVpcArgs { securityGroupIds?: pulumi.Input[]>; subnetIds?: pulumi.Input[]>; vpcId?: pulumi.Input; } /** * Specifies the details for an EFS file. */ interface WorkflowEfsInputFileLocationArgs { /** * Specifies the EFS filesystem that contains the file. */ fileSystemId?: pulumi.Input; /** * The name assigned to the file when it was created in EFS. You use the object path to retrieve the object. */ path?: pulumi.Input; } /** * Specifies the location for the file being decrypted. Only applicable for the Decrypt type of workflow steps. */ interface WorkflowInputFileLocationArgs { efsFileLocation?: pulumi.Input; s3FileLocation?: pulumi.Input; } /** * Specifies the location for the file being copied. Only applicable for the Copy type of workflow steps. */ interface WorkflowS3FileLocationArgs { /** * Specifies the details for the file location for the file that's being used in the workflow. Only applicable if you are using Amazon S3 storage. */ s3FileLocation?: pulumi.Input; } /** * Specifies the details for a S3 file. */ interface WorkflowS3InputFileLocationArgs { /** * Specifies the S3 bucket that contains the file. */ bucket?: pulumi.Input; /** * The name assigned to the file when it was created in S3. You use the object key to retrieve the object. */ key?: pulumi.Input; } /** * Specifies the key-value pair that are assigned to a file during the execution of a Tagging step. */ interface WorkflowS3TagArgs { /** * The name assigned to the tag that you create. */ key: pulumi.Input; /** * The value that corresponds to the key. */ value: pulumi.Input; } /** * The basic building block of a workflow. */ interface WorkflowStepArgs { /** * Details for a step that performs a file copy. */ copyStepDetails?: pulumi.Input; /** * Details for a step that invokes a lambda function. */ customStepDetails?: pulumi.Input; /** * Details for a step that performs a file decryption. */ decryptStepDetails?: pulumi.Input; /** * Details for a step that deletes the file. */ deleteStepDetails?: pulumi.Input; /** * Details for a step that creates one or more tags. */ tagStepDetails?: pulumi.Input; type?: pulumi.Input; } /** * Details for a step that performs a file copy. */ interface WorkflowStepCopyStepDetailsPropertiesArgs { destinationFileLocation?: pulumi.Input; /** * The name of the step, used as an identifier. */ name?: pulumi.Input; /** * A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE. */ overwriteExisting?: pulumi.Input; /** * Specifies which file to use as input to the workflow step. */ sourceFileLocation?: pulumi.Input; } /** * Details for a step that invokes a lambda function. */ interface WorkflowStepCustomStepDetailsPropertiesArgs { /** * The name of the step, used as an identifier. */ name?: pulumi.Input; /** * Specifies which file to use as input to the workflow step. */ sourceFileLocation?: pulumi.Input; /** * The ARN for the lambda function that is being called. */ target?: pulumi.Input; /** * Timeout, in seconds, for the step. */ timeoutSeconds?: pulumi.Input; } /** * Details for a step that performs a file decryption. */ interface WorkflowStepDecryptStepDetailsPropertiesArgs { destinationFileLocation: pulumi.Input; /** * The name of the step, used as an identifier. */ name?: pulumi.Input; /** * A flag that indicates whether or not to overwrite an existing file of the same name. The default is FALSE. */ overwriteExisting?: pulumi.Input; /** * Specifies which file to use as input to the workflow step. */ sourceFileLocation?: pulumi.Input; /** * Specifies which encryption method to use. */ type: pulumi.Input; } /** * Details for a step that deletes the file. */ interface WorkflowStepDeleteStepDetailsPropertiesArgs { /** * The name of the step, used as an identifier. */ name?: pulumi.Input; /** * Specifies which file to use as input to the workflow step. */ sourceFileLocation?: pulumi.Input; } /** * Details for a step that creates one or more tags. */ interface WorkflowStepTagStepDetailsPropertiesArgs { /** * The name of the step, used as an identifier. */ name?: pulumi.Input; /** * Specifies which file to use as input to the workflow step. */ sourceFileLocation?: pulumi.Input; /** * Array that contains from 1 to 10 key/value pairs. */ tags?: pulumi.Input[]>; } } export declare namespace verifiedpermissions { interface IdentitySourceCognitoGroupConfigurationArgs { groupEntityType: pulumi.Input; } interface IdentitySourceCognitoUserPoolConfigurationArgs { clientIds?: pulumi.Input[]>; groupConfiguration?: pulumi.Input; userPoolArn: pulumi.Input; } interface IdentitySourceConfiguration0PropertiesArgs { cognitoUserPoolConfiguration: pulumi.Input; } interface IdentitySourceConfiguration1PropertiesArgs { openIdConnectConfiguration: pulumi.Input; } interface IdentitySourceOpenIdConnectAccessTokenConfigurationArgs { audiences?: pulumi.Input[]>; principalIdClaim?: pulumi.Input; } interface IdentitySourceOpenIdConnectConfigurationArgs { entityIdPrefix?: pulumi.Input; groupConfiguration?: pulumi.Input; issuer: pulumi.Input; tokenSelection: pulumi.Input; } interface IdentitySourceOpenIdConnectGroupConfigurationArgs { groupClaim: pulumi.Input; groupEntityType: pulumi.Input; } interface IdentitySourceOpenIdConnectIdentityTokenConfigurationArgs { clientIds?: pulumi.Input[]>; principalIdClaim?: pulumi.Input; } interface IdentitySourceOpenIdConnectTokenSelection0PropertiesArgs { accessTokenOnly: pulumi.Input; } interface IdentitySourceOpenIdConnectTokenSelection1PropertiesArgs { identityTokenOnly: pulumi.Input; } interface PolicyDefinition0PropertiesArgs { static: pulumi.Input; } interface PolicyDefinition1PropertiesArgs { templateLinked: pulumi.Input; } interface PolicyEntityIdentifierArgs { entityId: pulumi.Input; entityType: pulumi.Input; } interface PolicyStaticPolicyDefinitionArgs { description?: pulumi.Input; statement: pulumi.Input; } interface PolicyStoreDeletionProtectionArgs { /** * Specifies whether the policy store can be deleted. If enabled, the policy store can't be deleted. * * The default state is `DISABLED` . */ mode: pulumi.Input; } interface PolicyStoreEncryptionSettingsArgs { } interface PolicyStoreSchemaDefinitionArgs { /** * A JSON string representation of the schema supported by applications that use this policy store. For more information, see [Policy store schema](https://docs.aws.amazon.com/verifiedpermissions/latest/userguide/schema.html) in the AVP User Guide. */ cedarJson?: pulumi.Input; } interface PolicyStoreValidationSettingsArgs { /** * The validation mode currently configured for this policy store. The valid values are: * * - *OFF* – Neither Verified Permissions nor Cedar perform any validation on policies. No validation errors are reported by either service. * - *STRICT* – Requires a schema to be present in the policy store. Cedar performs validation on all submitted new or updated static policies and policy templates. Any that fail validation are rejected and Cedar doesn't store them in the policy store. * * > If `Mode=STRICT` and the policy store doesn't contain a schema, Verified Permissions rejects all static policies and policy templates because there is no schema to validate against. * > * > To submit a static policy or policy template without a schema, you must turn off validation. */ mode: pulumi.Input; } interface PolicyTemplateLinkedPolicyDefinitionArgs { policyTemplateId: pulumi.Input; principal?: pulumi.Input; resource?: pulumi.Input; } } export declare namespace voiceid { interface DomainServerSideEncryptionConfigurationArgs { /** * The identifier of the KMS key to use to encrypt data stored by Voice ID. Voice ID doesn't support asymmetric customer managed keys. */ kmsKeyId: pulumi.Input; } } export declare namespace vpclattice { interface ListenerDefaultActionArgs { /** * Describes an action that returns a custom HTTP response. */ fixedResponse?: pulumi.Input; /** * Describes a forward action. You can use forward actions to route requests to one or more target groups. */ forward?: pulumi.Input; } interface ListenerFixedResponseArgs { /** * The HTTP response code. Only `404` and `500` status codes are supported. */ statusCode: pulumi.Input; } interface ListenerForwardArgs { /** * The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic. * * The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group. */ targetGroups: pulumi.Input[]>; } interface ListenerWeightedTargetGroupArgs { /** * The ID of the target group. */ targetGroupIdentifier: pulumi.Input; /** * Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100. */ weight?: pulumi.Input; } /** * Identifies the resource configuration in one of the following ways: * * - *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN. * - *Domain name* - Any domain name that is publicly resolvable. * - *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported. */ interface ResourceConfigurationDefinition0PropertiesArgs { ipResource: pulumi.Input; } /** * Identifies the resource configuration in one of the following ways: * * - *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN. * - *Domain name* - Any domain name that is publicly resolvable. * - *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported. */ interface ResourceConfigurationDefinition1PropertiesArgs { arnResource: pulumi.Input; } /** * Identifies the resource configuration in one of the following ways: * * - *Amazon Resource Name (ARN)* - Supported resource-types that are provisioned by AWS services, such as RDS databases, can be identified by their ARN. * - *Domain name* - Any domain name that is publicly resolvable. * - *IP address* - For IPv4 and IPv6, only IP addresses in the VPC are supported. */ interface ResourceConfigurationDefinition2PropertiesArgs { dnsResource: pulumi.Input; } interface ResourceConfigurationDnsResourceArgs { domainName: pulumi.Input; ipAddressType: pulumi.Input; } interface RuleActionArgs { /** * The fixed response action. The rule returns a custom HTTP response. */ fixedResponse?: pulumi.Input; /** * The forward action. Traffic that matches the rule is forwarded to the specified target groups. */ forward?: pulumi.Input; } interface RuleFixedResponseArgs { /** * The HTTP response code. Only `404` and `500` status codes are supported. */ statusCode: pulumi.Input; } interface RuleForwardArgs { /** * The target groups. Traffic matching the rule is forwarded to the specified target groups. With forward actions, you can assign a weight that controls the prioritization and selection of each target group. This means that requests are distributed to individual target groups based on their weights. For example, if two target groups have the same weight, each target group receives half of the traffic. * * The default value is 1. This means that if only one target group is provided, there is no need to set the weight; 100% of the traffic goes to that target group. */ targetGroups: pulumi.Input[]>; } interface RuleHeaderMatchArgs { /** * Indicates whether the match is case sensitive. */ caseSensitive?: pulumi.Input; /** * The header match type. */ match: pulumi.Input; /** * The name of the header. */ name: pulumi.Input; } interface RuleHeaderMatchTypeArgs { /** * A contains type match. */ contains?: pulumi.Input; /** * An exact type match. */ exact?: pulumi.Input; /** * A prefix type match. Matches the value with the prefix. */ prefix?: pulumi.Input; } interface RuleHttpMatchArgs { /** * The header matches. Matches incoming requests with rule based on request header value before applying rule action. */ headerMatches?: pulumi.Input[]>; /** * The HTTP method type. */ method?: pulumi.Input; /** * The path match. */ pathMatch?: pulumi.Input; } interface RuleMatchArgs { /** * The HTTP criteria that a rule must match. */ httpMatch: pulumi.Input; } interface RulePathMatchArgs { /** * Indicates whether the match is case sensitive. */ caseSensitive?: pulumi.Input; /** * The type of path match. */ match: pulumi.Input; } interface RulePathMatchTypeArgs { /** * An exact match of the path. */ exact?: pulumi.Input; /** * A prefix match of the path. */ prefix?: pulumi.Input; } interface RuleWeightedTargetGroupArgs { /** * The ID of the target group. */ targetGroupIdentifier: pulumi.Input; /** * Only required if you specify multiple target groups for a forward action. The weight determines how requests are distributed to the target group. For example, if you specify two target groups, each with a weight of 10, each target group receives half the requests. If you specify two target groups, one with a weight of 10 and the other with a weight of 20, the target group with a weight of 20 receives twice as many requests as the other target group. If there's only one target group specified, then the default value is 100. */ weight?: pulumi.Input; } interface ServiceDnsEntryArgs { /** * The domain name of the service. */ domainName?: pulumi.Input; /** * The ID of the hosted zone. */ hostedZoneId?: pulumi.Input; } interface ServiceNetworkServiceAssociationDnsEntryArgs { /** * The domain name of the service. */ domainName?: pulumi.Input; /** * The ID of the hosted zone. */ hostedZoneId?: pulumi.Input; } interface ServiceNetworkSharingConfigArgs { /** * Specify if the service network should be enabled for sharing. */ enabled: pulumi.Input; } interface ServiceNetworkVpcAssociationDnsOptionsArgs { /** * The preference for which private domains have a private hosted zone created for and associated with the specified VPC. Only supported when private DNS is enabled and when the VPC endpoint type is ServiceNetwork or Resource. */ privateDnsPreference?: pulumi.Input; /** * Indicates which of the private domains to create private hosted zones for and associate with the specified VPC. Only supported when private DNS is enabled and the private DNS preference is `VERIFIED_DOMAINS_AND_SPECIFIED_DOMAINS` or `SPECIFIED_DOMAINS_ONLY` . */ privateDnsSpecifiedDomains?: pulumi.Input[]>; } interface TargetGroupConfigArgs { /** * The health check configuration. Not supported if the target group type is `LAMBDA` or `ALB` . */ healthCheck?: pulumi.Input; /** * The type of IP address used for the target group. Supported only if the target group type is `IP` . The default is `IPV4` . */ ipAddressType?: pulumi.Input; /** * The version of the event structure that your Lambda function receives. Supported only if the target group type is `LAMBDA` . The default is `V1` . */ lambdaEventStructureVersion?: pulumi.Input; /** * The port on which the targets are listening. For HTTP, the default is 80. For HTTPS, the default is 443. Not supported if the target group type is `LAMBDA` . */ port?: pulumi.Input; /** * The protocol to use for routing traffic to the targets. The default is the protocol of the target group. Not supported if the target group type is `LAMBDA` . */ protocol?: pulumi.Input; /** * The protocol version. The default is `HTTP1` . Not supported if the target group type is `LAMBDA` . */ protocolVersion?: pulumi.Input; /** * The ID of the VPC. Not supported if the target group type is `LAMBDA` . */ vpcIdentifier?: pulumi.Input; } interface TargetGroupHealthCheckConfigArgs { /** * Indicates whether health checking is enabled. */ enabled?: pulumi.Input; /** * The approximate amount of time, in seconds, between health checks of an individual target. The range is 5–300 seconds. The default is 30 seconds. */ healthCheckIntervalSeconds?: pulumi.Input; /** * The amount of time, in seconds, to wait before reporting a target as unhealthy. The range is 1–120 seconds. The default is 5 seconds. */ healthCheckTimeoutSeconds?: pulumi.Input; /** * The number of consecutive successful health checks required before considering an unhealthy target healthy. The range is 2–10. The default is 5. */ healthyThresholdCount?: pulumi.Input; /** * The codes to use when checking for a successful response from a target. */ matcher?: pulumi.Input; /** * The destination for health checks on the targets. If the protocol version is `HTTP/1.1` or `HTTP/2` , specify a valid URI (for example, `/path?query` ). The default path is `/` . Health checks are not supported if the protocol version is `gRPC` , however, you can choose `HTTP/1.1` or `HTTP/2` and specify a valid URI. */ path?: pulumi.Input; /** * The port used when performing health checks on targets. The default setting is the port that a target receives traffic on. */ port?: pulumi.Input; /** * The protocol used when performing health checks on targets. The possible protocols are `HTTP` and `HTTPS` . The default is `HTTP` . */ protocol?: pulumi.Input; /** * The protocol version used when performing health checks on targets. The possible protocol versions are `HTTP1` and `HTTP2` . */ protocolVersion?: pulumi.Input; /** * The number of consecutive failed health checks required before considering a target unhealthy. The range is 2–10. The default is 2. */ unhealthyThresholdCount?: pulumi.Input; } interface TargetGroupMatcherArgs { /** * The HTTP code to use when checking for a successful response from a target. */ httpCode: pulumi.Input; } interface TargetGroupTargetArgs { /** * The ID of the target. If the target group type is `INSTANCE` , this is an instance ID. If the target group type is `IP` , this is an IP address. If the target group type is `LAMBDA` , this is the ARN of a Lambda function. If the target group type is `ALB` , this is the ARN of an Application Load Balancer. */ id: pulumi.Input; /** * The port on which the target is listening. For HTTP, the default is 80. For HTTPS, the default is 443. */ port?: pulumi.Input; } } export declare namespace wafv2 { interface LoggingConfigurationConditionArgs { /** * A single action condition. */ actionCondition?: pulumi.Input; /** * A single label name condition. */ labelNameCondition?: pulumi.Input; } /** * A single action condition. */ interface LoggingConfigurationConditionActionConditionPropertiesArgs { /** * Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition. */ action: pulumi.Input; } /** * A single label name condition. */ interface LoggingConfigurationConditionLabelNameConditionPropertiesArgs { /** * The label name that a log record must contain in order to meet the condition. This must be a fully qualified label name. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. */ labelName: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface LoggingConfigurationFieldToMatchArgs { /** * Inspect the HTTP method. The method indicates the type of operation that the request is asking the origin to perform. */ method?: any; /** * Inspect the query string. This is the part of a URL that appears after a ? character, if any. */ queryString?: any; /** * Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive. */ singleHeader?: pulumi.Input; /** * Inspect the request URI path. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. */ uriPath?: any; } /** * Inspect a single header. Provide the name of the header to inspect, for example, User-Agent or Referer. This setting isn't case sensitive. */ interface LoggingConfigurationFieldToMatchSingleHeaderPropertiesArgs { /** * The name of the query header to inspect. */ name: pulumi.Input; } interface LoggingConfigurationFilterArgs { /** * How to handle logs that satisfy the filter's conditions and requirement. */ behavior: pulumi.Input; /** * Match conditions for the filter. */ conditions: pulumi.Input[]>; /** * Logic to apply to the filtering conditions. You can specify that, in order to satisfy the filter, a log must match all conditions or must match at least one condition. */ requirement: pulumi.Input; } /** * Filtering that specifies which web requests are kept in the logs and which are dropped. You can filter on the rule action and on the web request labels that were applied by matching rules during web ACL evaluation. */ interface LoggingFilterPropertiesArgs { /** * Default handling for logs that don't match any of the specified filtering conditions. */ defaultBehavior: pulumi.Input; /** * The filters that you want to apply to the logs. */ filters: pulumi.Input[]>; } /** * Allow traffic towards application. */ interface RuleGroupAllowActionArgs { /** * Defines custom handling for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } interface RuleGroupAndStatementArgs { /** * The statements to combine with AND logic. You can use any statements that can be nested. */ statements: pulumi.Input[]>; } interface RuleGroupAsnMatchStatementArgs { /** * Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies. */ asnList?: pulumi.Input[]>; /** * The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. */ forwardedIpConfig?: pulumi.Input; } /** * Block traffic towards application. */ interface RuleGroupBlockActionArgs { /** * Defines a custom response for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customResponse?: pulumi.Input; } /** * The body of a web request. This immediately follows the request headers. */ interface RuleGroupBodyArgs { /** * What AWS WAF should do if the body is larger than AWS WAF can inspect. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * You can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit. * * Default: `CONTINUE` */ oversizeHandling?: pulumi.Input; } /** * Byte Match statement. */ interface RuleGroupByteMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following: * * *CONTAINS* * * The specified part of the web request must include the value of `SearchString` , but the location doesn't matter. * * *CONTAINS_WORD* * * The specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true: * * - `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` . * - `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` . * * *EXACTLY* * * The value of the specified part of the web request must exactly match the value of `SearchString` . * * *STARTS_WITH* * * The value of `SearchString` must appear at the beginning of the specified part of the web request. * * *ENDS_WITH* * * The value of `SearchString` must appear at the end of the specified part of the web request. */ positionalConstraint: pulumi.Input; /** * A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive. * * Don't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you. * * For example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` . * * You must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` . */ searchString?: pulumi.Input; /** * String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead. * * You must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` . */ searchStringBase64?: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Checks valid token exists with request. */ interface RuleGroupCaptchaActionArgs { /** * Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } interface RuleGroupCaptchaConfigArgs { /** * Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle. */ immunityTimeProperty?: pulumi.Input; } /** * Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client. */ interface RuleGroupChallengeActionArgs { /** * Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } interface RuleGroupChallengeConfigArgs { /** * Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge. */ immunityTimeProperty?: pulumi.Input; } /** * The pattern to look for in the request cookies. */ interface RuleGroupCookieMatchPatternArgs { /** * Inspect all parts of the web request cookies. */ all?: any; /** * Inspect only the cookies whose keys don't match any of the strings specified here. */ excludedCookies?: pulumi.Input[]>; /** * Inspect only the cookies that have a key that matches one of the strings specified here. */ includedCookies?: pulumi.Input[]>; } /** * Includes cookies of a web request. */ interface RuleGroupCookiesArgs { /** * The filter to use to identify the subset of cookies to inspect in a web request. * * You must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` . * * Example JSON: `"MatchPattern": { "IncludedCookies": [ "session-id-time", "session-id" ] }` */ matchPattern: pulumi.Input; /** * The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF . * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ oversizeHandling: pulumi.Input; } /** * Count traffic towards application. */ interface RuleGroupCountActionArgs { /** * Defines custom handling for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } /** * HTTP header. */ interface RuleGroupCustomHttpHeaderArgs { /** * The name of the custom header. * * For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` . */ name: pulumi.Input; /** * The value of the custom header. */ value: pulumi.Input; } /** * Custom request handling. */ interface RuleGroupCustomRequestHandlingArgs { /** * Collection of HTTP headers. */ insertHeaders: pulumi.Input[]>; } /** * Custom response. */ interface RuleGroupCustomResponseArgs { /** * Custom response body key. */ customResponseBodyKey?: pulumi.Input; /** * The HTTP status code to return to the client. * * For a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* . */ responseCode: pulumi.Input; /** * Collection of HTTP headers. */ responseHeaders?: pulumi.Input[]>; } /** * Custom response body. */ interface RuleGroupCustomResponseBodyArgs { /** * The payload of the custom response. * * You can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting. * * For information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* . */ content: pulumi.Input; /** * The type of content in the payload that you are defining in the `Content` string. */ contentType: pulumi.Input; } /** * Field of the request to match. */ interface RuleGroupFieldToMatchArgs { /** * All query arguments of a web request. */ allQueryArguments?: any; /** * Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * For information about how to handle oversized request bodies, see the `Body` object configuration. */ body?: pulumi.Input; /** * Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service. */ cookies?: pulumi.Input; headerOrder?: pulumi.Input; /** * Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service. */ headers?: pulumi.Input; /** * Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. * * > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . * * You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . * * Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. */ ja3Fingerprint?: pulumi.Input; /** * Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. * * > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . * * You can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . * * Provide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. */ ja4Fingerprint?: pulumi.Input; /** * Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * For information about how to handle oversized request bodies, see the `JsonBody` object configuration. */ jsonBody?: pulumi.Input; /** * The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform. */ method?: any; /** * The query string of a web request. This is the part of a URL that appears after a ? character, if any. */ queryString?: any; /** * Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive. * * Example JSON: `"SingleHeader": { "Name": "haystack" }` * * Alternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting. */ singleHeader?: pulumi.Input; /** * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive. */ singleQueryArgument?: pulumi.Input; /** * Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service. */ uriFragment?: pulumi.Input; /** * The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. */ uriPath?: any; } /** * Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive. * * Example JSON: `"SingleHeader": { "Name": "haystack" }` * * Alternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting. */ interface RuleGroupFieldToMatchSingleHeaderPropertiesArgs { name: pulumi.Input; } /** * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive. */ interface RuleGroupFieldToMatchSingleQueryArgumentPropertiesArgs { name: pulumi.Input; } interface RuleGroupForwardedIpConfigurationArgs { /** * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; /** * The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` . * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ headerName: pulumi.Input; } interface RuleGroupGeoMatchStatementArgs { /** * An array of two-character country codes that you want to match against, for example, `[ "US", "CN" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard. * * When you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site. */ countryCodes?: pulumi.Input[]>; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ forwardedIpConfig?: pulumi.Input; } /** * The pattern to look for in the request headers. */ interface RuleGroupHeaderMatchPatternArgs { /** * Inspect all parts of the web request headers. */ all?: any; /** * Inspect only the headers whose keys don't match any of the strings specified here. */ excludedHeaders?: pulumi.Input[]>; /** * Inspect only the headers that have a key that matches one of the strings specified here. */ includedHeaders?: pulumi.Input[]>; } /** * The string containing the list of a web request's header names, ordered as they appear in the web request, separated by colons. */ interface RuleGroupHeaderOrderArgs { oversizeHandling: pulumi.Input; } /** * Includes headers of a web request. */ interface RuleGroupHeadersArgs { /** * The filter to use to identify the subset of headers to inspect in a web request. * * You must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` . * * Example JSON: `"MatchPattern": { "ExcludedHeaders": [ "KeyToExclude1", "KeyToExclude2" ] }` */ matchPattern: pulumi.Input; /** * The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF . * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ oversizeHandling: pulumi.Input; } interface RuleGroupImmunityTimePropertyArgs { /** * The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300. * * For the Challenge action, the minimum setting is 300. */ immunityTime: pulumi.Input; } interface RuleGroupIpSetForwardedIpConfigurationArgs { /** * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; /** * The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` . * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ headerName: pulumi.Input; /** * The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through. * * The options for this setting are the following: * * - FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP. * - LAST - Inspect the last IP address in the list of IP addresses in the header. * - ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10. */ position: pulumi.Input; } interface RuleGroupIpSetReferenceStatementArgs { /** * The Amazon Resource Name (ARN) of the `IPSet` that this statement references. */ arn: pulumi.Input; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ ipSetForwardedIpConfig?: pulumi.Input; } /** * Includes the JA3 fingerprint of a web request. */ interface RuleGroupJa3FingerprintArgs { /** * The match status to assign to the web request if the request doesn't have a JA3 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Includes the JA4 fingerprint of a web request. */ interface RuleGroupJa4FingerprintArgs { /** * The match status to assign to the web request if the request doesn't have a JA4 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Inspect the request body as JSON. The request body immediately follows the request headers. */ interface RuleGroupJsonBodyArgs { /** * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following: * * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters. * * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . */ invalidFallbackBehavior?: pulumi.Input; /** * The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria. */ matchPattern: pulumi.Input; /** * The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the body is larger than AWS WAF can inspect. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * You can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit. * * Default: `CONTINUE` */ oversizeHandling?: pulumi.Input; } /** * The pattern to look for in the JSON body. */ interface RuleGroupJsonMatchPatternArgs { /** * Inspect all parts of the web request's JSON body. */ all?: any; /** * Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification. * * Provide the include paths using JSON Pointer syntax. For example, `"IncludedPaths": ["/dogs/0/name", "/dogs/1/name"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * You must specify either this setting or the `All` setting, but not both. * * > Don't use this option to include all paths. Instead, use the `All` setting. */ includedPaths?: pulumi.Input[]>; } interface RuleGroupLabelArgs { /** * The label string. */ name: pulumi.Input; } interface RuleGroupLabelMatchStatementArgs { /** * The string to match against. The setting you provide for this depends on the match statement's `Scope` setting: * * - If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name. * - If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates. * * Labels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` . */ key: pulumi.Input; /** * Specify whether you want to match using the label name or just the namespace. */ scope: pulumi.Input; } interface RuleGroupLabelSummaryArgs { /** * An individual label specification. */ name?: pulumi.Input; } interface RuleGroupNotStatementArgs { /** * The statement to negate. You can use any statement that can be nested. */ statement: pulumi.Input; } interface RuleGroupOrStatementArgs { /** * The statements to combine with OR logic. You can use any statements that can be nested. */ statements: pulumi.Input[]>; } interface RuleGroupRateBasedStatementArgs { /** * Setting that indicates how to aggregate the request counts. * * > Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. * * - `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement. * * With this option, you must configure the `ScopeDownStatement` property. * - `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys. * * With this option, you must specify the aggregate keys in the `CustomKeys` property. * * To aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` . * - `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header. * * With this option, you must specify the header to use in the `ForwardedIPConfig` property. * * To aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` . * - `IP` - Aggregate the request counts on the IP address from the web request origin. * * To aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` . */ aggregateKeyType: pulumi.Input; /** * Specifies the aggregate keys to use in a rate-base rule. */ customKeys?: pulumi.Input[]>; /** * The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600. * * This setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds. * * Default: `300` (5 minutes) */ evaluationWindowSec?: pulumi.Input; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * This is required if you specify a forwarded IP in the rule's aggregate key settings. */ forwardedIpConfig?: pulumi.Input; /** * The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement. * * Examples: * * - If you aggregate on just the IP address, this is the limit on requests from any single IP address. * - If you aggregate on the HTTP method and the query argument name "city", then this is the limit on requests for any single method, city pair. */ limit: pulumi.Input; /** * An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement. */ scopeDownStatement?: pulumi.Input; } /** * Specifies a single custom aggregate key for a rate-base rule. */ interface RuleGroupRateBasedStatementCustomKeyArgs { /** * Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance. */ asn?: pulumi.Input; /** * Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance. */ cookie?: pulumi.Input; /** * Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance. * * When you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` . * * With this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property. */ forwardedIp?: pulumi.Input; /** * Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance. */ header?: pulumi.Input; /** * Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance. */ httpMethod?: pulumi.Input; /** * Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance. * * When you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` . */ ip?: pulumi.Input; /** * Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance. */ ja3Fingerprint?: pulumi.Input; /** * Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance. */ ja4Fingerprint?: pulumi.Input; /** * Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance. * * This uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL. * * For information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* . */ labelNamespace?: pulumi.Input; /** * Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance. */ queryArgument?: pulumi.Input; /** * Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance. */ queryString?: pulumi.Input; /** * Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance. */ uriPath?: pulumi.Input; } /** * Specifies the request's ASN as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitAsnArgs { } /** * Specifies a cookie as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitCookieArgs { /** * The name of the cookie to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitForwardedIpArgs { } /** * Specifies a header as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitHeaderArgs { /** * The name of the header to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's HTTP method as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitHttpMethodArgs { } /** * Specifies the IP address in the web request as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitIpArgs { } /** * Specifies the request's JA3 fingerprint as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitJa3FingerprintArgs { /** * The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Specifies the request's JA4 fingerprint as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitJa4FingerprintArgs { /** * The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Specifies a label namespace to use as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitLabelNamespaceArgs { /** * The namespace to use for aggregation. */ namespace: pulumi.Input; } /** * Specifies a query argument in the request as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitQueryArgumentArgs { /** * The name of the query argument to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's query string as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitQueryStringArgs { /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's URI Path as an aggregate key for a rate-based rule. */ interface RuleGroupRateLimitUriPathArgs { /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } interface RuleGroupRegexMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The string representing the regular expression. */ regexString: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } interface RuleGroupRegexPatternSetReferenceStatementArgs { /** * The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references. */ arn: pulumi.Input; /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Rule of RuleGroup that contains condition and action. */ interface RuleGroupRuleArgs { /** * The action that AWS WAF should take on a web request when it matches the rule statement. Settings at the web ACL level can override the rule action setting. */ action?: pulumi.Input; /** * Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL. */ captchaConfig?: pulumi.Input; /** * Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL. */ challengeConfig?: pulumi.Input; /** * The name of the rule. * * If you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name. */ name: pulumi.Input; /** * If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different. */ priority: pulumi.Input; /** * Collection of Rule Labels. */ ruleLabels?: pulumi.Input[]>; /** * The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` . */ statement: pulumi.Input; /** * Defines and enables Amazon CloudWatch metrics and web request sample collection. * * If you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name. */ visibilityConfig: pulumi.Input; } /** * Action taken when Rule matches its condition. */ interface RuleGroupRuleActionArgs { /** * Instructs AWS WAF to allow the web request. */ allow?: pulumi.Input; /** * Instructs AWS WAF to block the web request. */ block?: pulumi.Input; /** * Specifies that AWS WAF should run a `CAPTCHA` check against the request: * * - If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` . * - If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination. * * AWS WAF generates a response that it sends back to the client, which includes the following: * * - The header `x-amzn-waf-action` with a value of `captcha` . * - The HTTP status code `405 Method Not Allowed` . * - If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge. * * You can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting. * * This action option is available for rules. It isn't available for web ACL default actions. */ captcha?: pulumi.Input; /** * Instructs AWS WAF to run a `Challenge` check against the web request. */ challenge?: pulumi.Input; /** * Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL. */ count?: pulumi.Input; } /** * Size Constraint statement. */ interface RuleGroupSizeConstraintStatementArgs { /** * The operator to use to compare the request part to the size setting. */ comparisonOperator: pulumi.Input; /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The size, in byte, to compare to the request part, after any transformations. */ size: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Sqli Match Statement. */ interface RuleGroupSqliMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. * * `HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* . * * `LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives. * * Default: `LOW` */ sensitivityLevel?: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc */ interface RuleGroupStatementArgs { /** * A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` . */ andStatement?: pulumi.Input; /** * A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. * * For additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . */ asnMatchStatement?: pulumi.Input; /** * A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement. */ byteMatchStatement?: pulumi.Input; /** * A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match. * * - To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array. * - Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed. * * AWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` . * * If you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` . * * If you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` . * * For additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . */ geoMatchStatement?: pulumi.Input; /** * A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement. * * Each IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it. */ ipSetReferenceStatement?: pulumi.Input; /** * A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL. * * The label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement. */ labelMatchStatement?: pulumi.Input; /** * A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` . */ notStatement?: pulumi.Input; /** * A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` . */ orStatement?: pulumi.Input; /** * A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance. * * > If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. * * You can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie. * * Each unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition. * * For example, assume the rule evaluates web requests with the following IP address and HTTP method values: * * - IP address 10.1.1.1, HTTP method POST * - IP address 10.1.1.1, HTTP method GET * - IP address 127.0.0.0, HTTP method POST * - IP address 10.1.1.1, HTTP method GET * * The rule would create different aggregation instances according to your aggregation criteria, for example: * * - If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following: * * - IP address 10.1.1.1: count 3 * - IP address 127.0.0.0: count 1 * - If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following: * * - HTTP method POST: count 2 * - HTTP method GET: count 2 * - If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following: * * - IP address 10.1.1.1, HTTP method POST: count 1 * - IP address 10.1.1.1, HTTP method GET: count 2 * - IP address 127.0.0.0, HTTP method POST: count 1 * * For any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually. * * You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule. * * You cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group. * * For additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* . * * If you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations. * * AWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF . */ rateBasedStatement?: pulumi.Input; /** * A rule statement used to search web request components for a match against a single regular expression. */ regexMatchStatement?: pulumi.Input; /** * A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set. * * Each regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it. */ regexPatternSetReferenceStatement?: pulumi.Input; /** * A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes. * * If you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type. * * If you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long. */ sizeConstraintStatement?: pulumi.Input; /** * A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it. */ sqliMatchStatement?: pulumi.Input; /** * A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers. */ xssMatchStatement?: pulumi.Input; } /** * Text Transformation on the Search String before match. */ interface RuleGroupTextTransformationArgs { /** * Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different. */ priority: pulumi.Input; /** * For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* . */ type: pulumi.Input; } /** * The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction */ interface RuleGroupUriFragmentArgs { /** * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following: * * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters. * * Example JSON: `{ "UriFragment": { "FallbackBehavior": "MATCH"} }` * * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . */ fallbackBehavior?: pulumi.Input; } /** * Visibility Metric of the RuleGroup. */ interface RuleGroupVisibilityConfigArgs { /** * Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* . * * For web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information, * see [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* . */ cloudWatchMetricsEnabled: pulumi.Input; /** * A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` . */ metricName: pulumi.Input; /** * Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console. * * If you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data. * * > Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL. */ sampledRequestsEnabled: pulumi.Input; } /** * Xss Match Statement. */ interface RuleGroupXssMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Allow traffic towards application. */ interface WebAclAllowActionArgs { /** * Defines custom handling for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } interface WebAclAndStatementArgs { /** * The statements to combine with AND logic. You can use any statements that can be nested. */ statements: pulumi.Input[]>; } /** * Application details defined during the &webacl; creation process. Application attributes help WAF; give recommendations for protection packs. */ interface WebAclApplicationAttributeArgs { name: pulumi.Input; values: pulumi.Input[]>; } /** * Configures the ability for the WAF; console to store and retrieve application attributes during the webacl; creation process. Application attributes help WAF; give recommendations for protection packs. */ interface WebAclApplicationConfigArgs { /** * Contains the attribute name and a list of values for that attribute. */ attributes: pulumi.Input[]>; } interface WebAclAsnMatchStatementArgs { /** * Contains one or more Autonomous System Numbers (ASNs). ASNs are unique identifiers assigned to large internet networks managed by organizations such as internet service providers, enterprises, universities, or government agencies. */ asnList?: pulumi.Input[]>; /** * The configuration for inspecting IP addresses to match against an ASN in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. */ forwardedIpConfig?: pulumi.Input; } /** * AssociationConfig for body inspection */ interface WebAclAssociationConfigArgs { /** * Customizes the maximum size of the request body that your protected CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access resources forward to AWS WAF for inspection. The default size is 16 KB (16,384 bytes). You can change the setting for any of the available resource types. * * > You are charged additional fees when your protected resources forward body sizes that are larger than the default. For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . * * Example JSON: `{ "API_GATEWAY": "KB_48", "APP_RUNNER_SERVICE": "KB_32" }` * * For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). */ requestBody?: pulumi.Input<{ [key: string]: pulumi.Input; }>; } /** * Configures how to use the Account creation fraud prevention managed rule group in the web ACL */ interface WebAclAwsManagedRulesAcfpRuleSetArgs { /** * The path of the account creation endpoint for your application. This is the page on your website that accepts the completed registration form for a new user. This page must accept `POST` requests. * * For example, for the URL `https://example.com/web/newaccount` , you would provide the path `/web/newaccount` . Account creation page paths that start with the path that you provide are considered a match. For example `/web/newaccount` matches the account creation paths `/web/newaccount` , `/web/newaccount/` , `/web/newaccountPage` , and `/web/newaccount/thisPage` , but doesn't match the path `/home/web/newaccount` or `/website/newaccount` . */ creationPath: pulumi.Input; /** * Allow the use of regular expressions in the registration page path and the account creation path. */ enableRegexInPath?: pulumi.Input; /** * The path of the account registration endpoint for your application. This is the page on your website that presents the registration form to new users. * * > This page must accept `GET` text/html requests. * * For example, for the URL `https://example.com/web/registration` , you would provide the path `/web/registration` . Registration page paths that start with the path that you provide are considered a match. For example `/web/registration` matches the registration paths `/web/registration` , `/web/registration/` , `/web/registrationPage` , and `/web/registration/thisPage` , but doesn't match the path `/home/web/registration` or `/website/registration` . */ registrationPagePath: pulumi.Input; /** * The criteria for inspecting account creation requests, used by the ACFP rule group to validate and track account creation attempts. */ requestInspection: pulumi.Input; /** * The criteria for inspecting responses to account creation requests, used by the ACFP rule group to track account creation success rates. * * > Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. * * The ACFP rule group evaluates the responses that your protected resources send back to client account creation attempts, keeping count of successful and failed attempts from each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many successful account creation attempts in a short amount of time. */ responseInspection?: pulumi.Input; } /** * Configures how to use the AntiDDOS AWS managed rule group in the web ACL */ interface WebAclAwsManagedRulesAntiDDoSRuleSetArgs { /** * Configures the request handling that's applied by the managed rule group rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` during a distributed denial of service (DDoS) attack. */ clientSideActionConfig: pulumi.Input; /** * The sensitivity that the rule group rule `DDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `DDoSRequests` rule runs. * * The higher the sensitivity, the more levels of labeling that the rule matches: * * - Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` . * - Medium sensitivity causes the rule to match on the medium and high suspicion labels. * - High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high. * * Default: `LOW` */ sensitivityToBlock?: pulumi.Input; } /** * Configures how to use the Account Takeover Prevention managed rule group in the web ACL */ interface WebAclAwsManagedRulesAtpRuleSetArgs { /** * Allow the use of regular expressions in the login page path. */ enableRegexInPath?: pulumi.Input; /** * The path of the login endpoint for your application. For example, for the URL `https://example.com/web/login` , you would provide the path `/web/login` . Login paths that start with the path that you provide are considered a match. For example `/web/login` matches the login paths `/web/login` , `/web/login/` , `/web/loginPage` , and `/web/login/thisPage` , but doesn't match the login path `/home/web/login` or `/website/login` . * * The rule group inspects only HTTP `POST` requests to your specified login endpoint. */ loginPath: pulumi.Input; /** * The criteria for inspecting login requests, used by the ATP rule group to validate credentials usage. */ requestInspection?: pulumi.Input; /** * The criteria for inspecting responses to login requests, used by the ATP rule group to track login failure rates. * * > Response inspection is available only in web ACLs that protect Amazon CloudFront distributions. * * The ATP rule group evaluates the responses that your protected resources send back to client login attempts, keeping count of successful and failed attempts for each IP address and client session. Using this information, the rule group labels and mitigates requests from client sessions and IP addresses that have had too many failed login attempts in a short amount of time. */ responseInspection?: pulumi.Input; } /** * Configures how to use the Bot Control managed rule group in the web ACL */ interface WebAclAwsManagedRulesBotControlRuleSetArgs { /** * Applies only to the targeted inspection level. * * Determines whether to use machine learning (ML) to analyze your web traffic for bot-related activity. Machine learning is required for the Bot Control rules `TGT_ML_CoordinatedActivityLow` and `TGT_ML_CoordinatedActivityMedium` , which * inspect for anomalous behavior that might indicate distributed, coordinated bot activity. * * For more information about this choice, see the listing for these rules in the table at [Bot Control rules listing](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html#aws-managed-rule-groups-bot-rules) in the *AWS WAF Developer Guide* . * * Default: `TRUE` */ enableMachineLearning?: pulumi.Input; /** * The inspection level to use for the Bot Control rule group. The common level is the least expensive. The targeted level includes all common level rules and adds rules with more advanced inspection criteria. For details, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) in the *AWS WAF Developer Guide* . */ inspectionLevel: pulumi.Input; } /** * Block traffic towards application. */ interface WebAclBlockActionArgs { /** * Defines a custom response for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customResponse?: pulumi.Input; } /** * The body of a web request. This immediately follows the request headers. */ interface WebAclBodyArgs { /** * What AWS WAF should do if the body is larger than AWS WAF can inspect. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * You can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit. * * Default: `CONTINUE` */ oversizeHandling?: pulumi.Input; } /** * Byte Match statement. */ interface WebAclByteMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The area within the portion of the web request that you want AWS WAF to search for `SearchString` . Valid values include the following: * * *CONTAINS* * * The specified part of the web request must include the value of `SearchString` , but the location doesn't matter. * * *CONTAINS_WORD* * * The specified part of the web request must include the value of `SearchString` , and `SearchString` must contain only alphanumeric characters or underscore (A-Z, a-z, 0-9, or _). In addition, `SearchString` must be a word, which means that both of the following are true: * * - `SearchString` is at the beginning of the specified part of the web request or is preceded by a character other than an alphanumeric character or underscore (_). Examples include the value of a header and `;BadBot` . * - `SearchString` is at the end of the specified part of the web request or is followed by a character other than an alphanumeric character or underscore (_), for example, `BadBot;` and `-BadBot;` . * * *EXACTLY* * * The value of the specified part of the web request must exactly match the value of `SearchString` . * * *STARTS_WITH* * * The value of `SearchString` must appear at the beginning of the specified part of the web request. * * *ENDS_WITH* * * The value of `SearchString` must appear at the end of the specified part of the web request. */ positionalConstraint: pulumi.Input; /** * A string value that you want AWS WAF to search for. AWS WAF searches only in the part of web requests that you designate for inspection in `FieldToMatch` . The maximum length of the value is 200 bytes. For alphabetic characters A-Z and a-z, the value is case sensitive. * * Don't encode this string. Provide the value that you want AWS WAF to search for. AWS CloudFormation automatically base64 encodes the value for you. * * For example, suppose the value of `Type` is `HEADER` and the value of `Data` is `User-Agent` . If you want to search the `User-Agent` header for the value `BadBot` , you provide the string `BadBot` in the value of `SearchString` . * * You must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` . */ searchString?: pulumi.Input; /** * String to search for in a web request component, base64-encoded. If you don't want to encode the string, specify the unencoded value in `SearchString` instead. * * You must specify either `SearchString` or `SearchStringBase64` in a `ByteMatchStatement` . */ searchStringBase64?: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Checks valid token exists with request. */ interface WebAclCaptchaActionArgs { /** * Defines custom handling for the web request, used when the `CAPTCHA` inspection determines that the request's token is valid and unexpired. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } interface WebAclCaptchaConfigArgs { /** * Determines how long a `CAPTCHA` timestamp in the token remains valid after the client successfully solves a `CAPTCHA` puzzle. */ immunityTimeProperty?: pulumi.Input; } /** * Checks that the request has a valid token with an unexpired challenge timestamp and, if not, returns a browser challenge to the client. */ interface WebAclChallengeActionArgs { /** * Defines custom handling for the web request, used when the challenge inspection determines that the request's token is valid and unexpired. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the [AWS WAF developer guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . */ customRequestHandling?: pulumi.Input; } interface WebAclChallengeConfigArgs { /** * Determines how long a challenge timestamp in the token remains valid after the client successfully responds to a challenge. */ immunityTimeProperty?: pulumi.Input; } /** * Client side action config for AntiDDOS AMR. */ interface WebAclClientSideActionArgs { /** * The regular expression to match against the web request URI, used to identify requests that can't handle a silent browser challenge. When the `ClientSideAction` setting `UsageOfAction` is enabled, the managed rule group uses this setting to determine which requests to label with `awswaf:managed:aws:anti-ddos:challengeable-request` . If `UsageOfAction` is disabled, this setting has no effect and the managed rule group doesn't add the label to any requests. * * The anti-DDoS managed rule group doesn't evaluate the rules `ChallengeDDoSRequests` or `ChallengeAllDuringEvent` for web requests whose URIs match this regex. This is true regardless of whether you override the rule action for either of the rules in your web ACL configuration. * * AWS recommends using a regular expression. * * This setting is required if `UsageOfAction` is set to `ENABLED` . If required, you can provide between 1 and 5 regex objects in the array of settings. * * AWS recommends starting with the following setting. Review and update it for your application's needs: * * `\/api\/|\.(acc|avi|css|gif|jpe?g|js|mp[34]|ogg|otf|pdf|png|tiff?|ttf|webm|webp|woff2?)$` */ exemptUriRegularExpressions?: pulumi.Input[]>; /** * The sensitivity that the rule group rule `ChallengeDDoSRequests` uses when matching against the DDoS suspicion labeling on a request. The managed rule group adds the labeling during DDoS events, before the `ChallengeDDoSRequests` rule runs. * * The higher the sensitivity, the more levels of labeling that the rule matches: * * - Low sensitivity is less sensitive, causing the rule to match only on the most likely participants in an attack, which are the requests with the high suspicion label `awswaf:managed:aws:anti-ddos:high-suspicion-ddos-request` . * - Medium sensitivity causes the rule to match on the medium and high suspicion labels. * - High sensitivity causes the rule to match on all of the suspicion labels: low, medium, and high. * * Default: `HIGH` */ sensitivity?: pulumi.Input; /** * Determines whether to use the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the rule group evaluation and the related label `awswaf:managed:aws:anti-ddos:challengeable-request` . * * - If usage is enabled: * * - The managed rule group adds the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web request whose URL does *NOT* match the regular expressions provided in the `ClientSideAction` setting `ExemptUriRegularExpressions` . * - The two rules are evaluated against web requests for protected resources that are experiencing a DDoS attack. The two rules only apply their action to matching requests that have the label `awswaf:managed:aws:anti-ddos:challengeable-request` . * - If usage is disabled: * * - The managed rule group doesn't add the label `awswaf:managed:aws:anti-ddos:challengeable-request` to any web requests. * - The two rules are not evaluated. * - None of the other `ClientSideAction` settings have any effect. * * > This setting only enables or disables the use of the two anti-DDOS rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` in the anti-DDoS managed rule group. * > * > This setting doesn't alter the action setting in the two rules. To override the actions used by the rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` , enable this setting, and then override the rule actions in the usual way, in your managed rule group configuration. */ usageOfAction: pulumi.Input; } /** * Client side action config for AntiDDOS AMR. */ interface WebAclClientSideActionConfigArgs { /** * Configuration for the use of the `AWSManagedRulesAntiDDoSRuleSet` rules `ChallengeAllDuringEvent` and `ChallengeDDoSRequests` . * * > This setting isn't related to the configuration of the `Challenge` action itself. It only configures the use of the two anti-DDoS rules named here. * * You can enable or disable the use of these rules, and you can configure how to use them when they are enabled. */ challenge: pulumi.Input; } /** * The pattern to look for in the request cookies. */ interface WebAclCookieMatchPatternArgs { /** * Inspect all parts of the web request cookies. */ all?: any; /** * Inspect only the cookies whose keys don't match any of the strings specified here. */ excludedCookies?: pulumi.Input[]>; /** * Inspect only the cookies that have a key that matches one of the strings specified here. */ includedCookies?: pulumi.Input[]>; } /** * Includes cookies of a web request. */ interface WebAclCookiesArgs { /** * The filter to use to identify the subset of cookies to inspect in a web request. * * You must specify exactly one setting: either `All` , `IncludedCookies` , or `ExcludedCookies` . * * Example JSON: `"MatchPattern": { "IncludedCookies": [ "session-id-time", "session-id" ] }` */ matchPattern: pulumi.Input; /** * The parts of the cookies to inspect with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the cookies of the request are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request cookies when they exceed 8 KB (8192 bytes) or 200 total cookies. The underlying host service forwards a maximum of 200 cookies and at most 8 KB of cookie contents to AWS WAF . * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available cookies normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ oversizeHandling: pulumi.Input; } /** * Allow traffic towards application. */ interface WebAclCountActionArgs { /** * Defines custom handling for the web request. * * For information about customizing web requests and responses, see [Customizing web requests and responses in AWS WAF](https://docs.aws.amazon.com/waf/latest/developerguide/waf-custom-request-response.html) in the *AWS WAF Developer Guide* . */ customRequestHandling?: pulumi.Input; } /** * HTTP header. */ interface WebAclCustomHttpHeaderArgs { /** * The name of the custom header. * * For custom request header insertion, when AWS WAF inserts the header into the request, it prefixes this name `x-amzn-waf-` , to avoid confusion with the headers that are already in the request. For example, for the header name `sample` , AWS WAF inserts the header `x-amzn-waf-sample` . */ name: pulumi.Input; /** * The value of the custom header. */ value: pulumi.Input; } /** * Custom request handling. */ interface WebAclCustomRequestHandlingArgs { /** * Collection of HTTP headers. */ insertHeaders: pulumi.Input[]>; } /** * Custom response. */ interface WebAclCustomResponseArgs { /** * Custom response body key. */ customResponseBodyKey?: pulumi.Input; /** * The HTTP status code to return to the client. * * For a list of status codes that you can use in your custom responses, see [Supported status codes for custom response](https://docs.aws.amazon.com/waf/latest/developerguide/customizing-the-response-status-codes.html) in the *AWS WAF Developer Guide* . */ responseCode: pulumi.Input; /** * Collection of HTTP headers. */ responseHeaders?: pulumi.Input[]>; } /** * Custom response body. */ interface WebAclCustomResponseBodyArgs { /** * The payload of the custom response. * * You can use JSON escape strings in JSON content. To do this, you must specify JSON content in the `ContentType` setting. * * For information about the limits on count and size for custom request and response settings, see [AWS WAF quotas](https://docs.aws.amazon.com/waf/latest/developerguide/limits.html) in the *AWS WAF Developer Guide* . */ content: pulumi.Input; /** * The type of content in the payload that you are defining in the `Content` string. */ contentType: pulumi.Input; } interface WebAclDataProtectArgs { action: pulumi.Input; excludeRateBasedDetails?: pulumi.Input; excludeRuleMatchDetails?: pulumi.Input; field: pulumi.Input; } interface WebAclDataProtectionConfigArgs { /** * An array of data protection configurations for specific web request field types. This is defined for each web ACL. AWS WAF applies the specified protection to all web requests that the web ACL inspects. */ dataProtections: pulumi.Input[]>; } /** * Default Action WebACL will take against ingress traffic when there is no matching Rule. */ interface WebAclDefaultActionArgs { /** * Specifies that AWS WAF should allow requests by default. */ allow?: pulumi.Input; /** * Specifies that AWS WAF should block requests by default. */ block?: pulumi.Input; } /** * Excluded Rule in the RuleGroup or ManagedRuleGroup will not be evaluated. */ interface WebAclExcludedRuleArgs { /** * The name of the rule whose action you want to override to `Count` . */ name: pulumi.Input; } interface WebAclFieldIdentifierArgs { /** * The name of the field. * * When the `PayloadType` in the request inspection is `JSON` , this identifier must be in JSON pointer syntax. For example `/form/username` . For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * When the `PayloadType` is `FORM_ENCODED` , use the HTML form names. For example, `username` . * * For more information, see the descriptions for each field type in the request inspection properties. */ identifier: pulumi.Input; } /** * Field of the request to match. */ interface WebAclFieldToMatchArgs { /** * All query arguments of a web request. */ allQueryArguments?: any; /** * Inspect the request body as plain text. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * For information about how to handle oversized request bodies, see the `Body` object configuration. */ body?: pulumi.Input; /** * Inspect the request cookies. You must configure scope and pattern matching filters in the `Cookies` object, to define the set of cookies and the parts of the cookies that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's cookies and only the first 200 cookies are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize cookie content in the `Cookies` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service. */ cookies?: pulumi.Input; headerOrder?: pulumi.Input; /** * Inspect the request headers. You must configure scope and pattern matching filters in the `Headers` object, to define the set of headers to and the parts of the headers that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's headers and only the first 200 headers are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize header content in the `Headers` object. AWS WAF applies the pattern matching filters to the headers that it receives from the underlying host service. */ headers?: pulumi.Input; /** * Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA3 fingerprint. The JA3 fingerprint is a 32-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. * * > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . * * You can obtain the JA3 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . * * Provide the JA3 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. */ ja3Fingerprint?: pulumi.Input; /** * Available for use with Amazon CloudFront distributions and Application Load Balancers. Match against the request's JA4 fingerprint. The JA4 fingerprint is a 36-character hash derived from the TLS Client Hello of an incoming request. This fingerprint serves as a unique identifier for the client's TLS configuration. AWS WAF calculates and logs this fingerprint for each request that has enough TLS Client Hello information for the calculation. Almost all web requests include this information. * * > You can use this choice only with a string match `ByteMatchStatement` with the `PositionalConstraint` set to `EXACTLY` . * * You can obtain the JA4 fingerprint for client requests from the web ACL logs. If AWS WAF is able to calculate the fingerprint, it includes it in the logs. For information about the logging fields, see [Log fields](https://docs.aws.amazon.com/waf/latest/developerguide/logging-fields.html) in the *AWS WAF Developer Guide* . * * Provide the JA4 fingerprint string from the logs in your string match statement specification, to match with any future requests that have the same TLS configuration. */ ja4Fingerprint?: pulumi.Input; /** * Inspect the request body as JSON. The request body immediately follows the request headers. This is the part of a request that contains any additional data that you want to send to your web server as the HTTP request body, such as data from a form. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * For information about how to handle oversized request bodies, see the `JsonBody` object configuration. */ jsonBody?: pulumi.Input; /** * The HTTP method of a web request. The method indicates the type of operation that the request is asking the origin to perform. */ method?: any; /** * The query string of a web request. This is the part of a URL that appears after a ? character, if any. */ queryString?: any; /** * Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive. * * Example JSON: `"SingleHeader": { "Name": "haystack" }` * * Alternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting. */ singleHeader?: pulumi.Input; /** * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive. */ singleQueryArgument?: pulumi.Input; /** * Inspect fragments of the request URI. You must configure scope and pattern matching filters in the `UriFragment` object, to define the fragment of a URI that AWS WAF inspects. * * Only the first 8 KB (8192 bytes) of a request's URI fragments and only the first 200 URI fragments are forwarded to AWS WAF for inspection by the underlying host service. You must configure how to handle any oversize URI fragment content in the `UriFragment` object. AWS WAF applies the pattern matching filters to the cookies that it receives from the underlying host service. */ uriFragment?: pulumi.Input; /** * The path component of the URI of a web request. This is the part of a web request that identifies a resource, for example, /images/daily-ad.jpg. */ uriPath?: any; } /** * Inspect a single header. Provide the name of the header to inspect, for example, `User-Agent` or `Referer` . This setting isn't case sensitive. * * Example JSON: `"SingleHeader": { "Name": "haystack" }` * * Alternately, you can filter and inspect all headers with the `Headers` `FieldToMatch` setting. */ interface WebAclFieldToMatchSingleHeaderPropertiesArgs { name: pulumi.Input; } /** * One query argument in a web request, identified by name, for example UserName or SalesRegion. The name can be up to 30 characters long and isn't case sensitive. */ interface WebAclFieldToMatchSingleQueryArgumentPropertiesArgs { name: pulumi.Input; } /** * Field in log to protect. */ interface WebAclFieldToProtectArgs { /** * List of field keys to protect */ fieldKeys?: pulumi.Input[]>; /** * Field type to protect */ fieldType: pulumi.Input; } interface WebAclForwardedIpConfigurationArgs { /** * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; /** * The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` . * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ headerName: pulumi.Input; } interface WebAclGeoMatchStatementArgs { /** * An array of two-character country codes that you want to match against, for example, `[ "US", "CN" ]` , from the alpha-2 country ISO codes of the ISO 3166 international standard. * * When you use a geo match statement just for the region and country labels that it adds to requests, you still have to supply a country code for the rule to evaluate. In this case, you configure the rule to only count matching requests, but it will still generate logging and count metrics for any matches. You can reduce the logging and metrics that the rule produces by specifying a country that's unlikely to be a source of traffic to your site. */ countryCodes?: pulumi.Input[]>; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ forwardedIpConfig?: pulumi.Input; } /** * The pattern to look for in the request headers. */ interface WebAclHeaderMatchPatternArgs { /** * Inspect all parts of the web request headers. */ all?: any; /** * Inspect only the headers whose keys don't match any of the strings specified here. */ excludedHeaders?: pulumi.Input[]>; /** * Inspect only the headers that have a key that matches one of the strings specified here. */ includedHeaders?: pulumi.Input[]>; } /** * The string containing the list of a web request's header names, ordered as they appear in the web request, separated by colons. */ interface WebAclHeaderOrderArgs { oversizeHandling: pulumi.Input; } /** * Includes headers of a web request. */ interface WebAclHeadersArgs { /** * The filter to use to identify the subset of headers to inspect in a web request. * * You must specify exactly one setting: either `All` , `IncludedHeaders` , or `ExcludedHeaders` . * * Example JSON: `"MatchPattern": { "ExcludedHeaders": [ "KeyToExclude1", "KeyToExclude2" ] }` */ matchPattern: pulumi.Input; /** * The parts of the headers to match with the rule inspection criteria. If you specify `ALL` , AWS WAF inspects both keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the headers determined by your match scope are more numerous or larger than AWS WAF can inspect. AWS WAF does not support inspecting the entire contents of request headers when they exceed 8 KB (8192 bytes) or 200 total headers. The underlying host service forwards a maximum of 200 headers and at most 8 KB of header contents to AWS WAF . * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available headers normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ oversizeHandling: pulumi.Input; } interface WebAclImmunityTimePropertyArgs { /** * The amount of time, in seconds, that a `CAPTCHA` or challenge timestamp is considered valid by AWS WAF . The default setting is 300. * * For the Challenge action, the minimum setting is 300. */ immunityTime: pulumi.Input; } interface WebAclIpSetForwardedIpConfigurationArgs { /** * The match status to assign to the web request if the request doesn't have a valid IP address in the specified position. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; /** * The name of the HTTP header to use for the IP address. For example, to use the X-Forwarded-For (XFF) header, set this to `X-Forwarded-For` . * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ headerName: pulumi.Input; /** * The position in the header to search for the IP address. The header can contain IP addresses of the original client and also of proxies. For example, the header value could be `10.1.1.1, 127.0.0.0, 10.10.10.10` where the first IP address identifies the original client and the rest identify proxies that the request went through. * * The options for this setting are the following: * * - FIRST - Inspect the first IP address in the list of IP addresses in the header. This is usually the client's original IP. * - LAST - Inspect the last IP address in the list of IP addresses in the header. * - ANY - Inspect all IP addresses in the header for a match. If the header contains more than 10 IP addresses, AWS WAF inspects the last 10. */ position: pulumi.Input; } interface WebAclIpSetReferenceStatementArgs { /** * The Amazon Resource Name (ARN) of the `IPSet` that this statement references. */ arn: pulumi.Input; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. */ ipSetForwardedIpConfig?: pulumi.Input; } /** * Includes the JA3 fingerprint of a web request. */ interface WebAclJa3FingerprintArgs { /** * The match status to assign to the web request if the request doesn't have a JA3 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Includes the JA4 fingerprint of a web request. */ interface WebAclJa4FingerprintArgs { /** * The match status to assign to the web request if the request doesn't have a JA4 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Inspect the request body as JSON. The request body immediately follows the request headers. */ interface WebAclJsonBodyArgs { /** * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following: * * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters. * * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . */ invalidFallbackBehavior?: pulumi.Input; /** * The patterns to look for in the JSON body. AWS WAF inspects the results of these pattern matches against the rule inspection criteria. */ matchPattern: pulumi.Input; /** * The parts of the JSON to match against using the `MatchPattern` . If you specify `ALL` , AWS WAF matches against keys and values. * * `All` does not require a match to be found in the keys and a match to be found in the values. It requires a match to be found in the keys or the values or both. To require a match in the keys and in the values, use a logical `AND` statement to combine two match rules, one that inspects the keys and another that inspects the values. */ matchScope: pulumi.Input; /** * What AWS WAF should do if the body is larger than AWS WAF can inspect. * * AWS WAF does not support inspecting the entire contents of the web request body if the body exceeds the limit for the resource type. When a web request body is larger than the limit, the underlying host service only forwards the contents that are within the limit to AWS WAF for inspection. * * - For Application Load Balancer and AWS AppSync , the limit is fixed at 8 KB (8,192 bytes). * - For CloudFront, API Gateway, Amazon Cognito, App Runner, and Verified Access, the default limit is 16 KB (16,384 bytes), and you can increase the limit for each resource type in the web ACL `AssociationConfig` , for additional processing fees. * - For AWS Amplify , use the CloudFront limit. * * The options for oversize handling are the following: * * - `CONTINUE` - Inspect the available body contents normally, according to the rule inspection criteria. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * You can combine the `MATCH` or `NO_MATCH` settings for oversize handling with your rule and web ACL action settings, so that you block any request whose body is over the limit. * * Default: `CONTINUE` */ oversizeHandling?: pulumi.Input; } /** * The pattern to look for in the JSON body. */ interface WebAclJsonMatchPatternArgs { /** * Inspect all parts of the web request's JSON body. */ all?: any; /** * Match only the specified include paths. See also `MatchScope` in the `JsonBody` `FieldToMatch` specification. * * Provide the include paths using JSON Pointer syntax. For example, `"IncludedPaths": ["/dogs/0/name", "/dogs/1/name"]` . For information about this syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * You must specify either this setting or the `All` setting, but not both. * * > Don't use this option to include all paths. Instead, use the `All` setting. */ includedPaths?: pulumi.Input[]>; } interface WebAclLabelArgs { /** * The label string. */ name: pulumi.Input; } interface WebAclLabelMatchStatementArgs { /** * The string to match against. The setting you provide for this depends on the match statement's `Scope` setting: * * - If the `Scope` indicates `LABEL` , then this specification must include the name and can include any number of preceding namespace specifications and prefix up to providing the fully qualified label name. * - If the `Scope` indicates `NAMESPACE` , then this specification can include any number of contiguous namespace strings, and can include the entire label namespace prefix from the rule group or web ACL where the label originates. * * Labels are case sensitive and components of a label must be separated by colon, for example `NS1:NS2:name` . */ key: pulumi.Input; /** * Specify whether you want to match using the label name or just the namespace. */ scope: pulumi.Input; } /** * ManagedRuleGroupConfig. */ interface WebAclManagedRuleGroupConfigArgs { /** * Additional configuration for using the account creation fraud prevention (ACFP) managed rule group, `AWSManagedRulesACFPRuleSet` . Use this to provide account creation request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to account creation requests. * * For information about using the ACFP managed rule group, see [AWS WAF Fraud Control account creation fraud prevention (ACFP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-acfp.html) and [AWS WAF Fraud Control account creation fraud prevention (ACFP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-acfp.html) in the *AWS WAF Developer Guide* . */ awsManagedRulesAcfpRuleSet?: pulumi.Input; /** * Additional configuration for using the anti-DDoS managed rule group, `AWSManagedRulesAntiDDoSRuleSet` . Use this to configure anti-DDoS behavior for the rule group. * * For information about using the anti-DDoS managed rule group, see [AWS WAF Anti-DDoS rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-anti-ddos.html) and [Distributed Denial of Service (DDoS) prevention](https://docs.aws.amazon.com/waf/latest/developerguide/waf-anti-ddos.html) in the *AWS WAF Developer Guide* . */ awsManagedRulesAntiDDoSRuleSet?: pulumi.Input; /** * Additional configuration for using the account takeover prevention (ATP) managed rule group, `AWSManagedRulesATPRuleSet` . Use this to provide login request information to the rule group. For web ACLs that protect CloudFront distributions, use this to also provide the information about how your distribution responds to login requests. * * This configuration replaces the individual configuration fields in `ManagedRuleGroupConfig` and provides additional feature configuration. * * For information about using the ATP managed rule group, see [AWS WAF Fraud Control account takeover prevention (ATP) rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-atp.html) and [AWS WAF Fraud Control account takeover prevention (ATP)](https://docs.aws.amazon.com/waf/latest/developerguide/waf-atp.html) in the *AWS WAF Developer Guide* . */ awsManagedRulesAtpRuleSet?: pulumi.Input; /** * Additional configuration for using the Bot Control managed rule group. Use this to specify the inspection level that you want to use. For information about using the Bot Control managed rule group, see [AWS WAF Bot Control rule group](https://docs.aws.amazon.com/waf/latest/developerguide/aws-managed-rule-groups-bot.html) and [AWS WAF Bot Control](https://docs.aws.amazon.com/waf/latest/developerguide/waf-bot-control.html) in the *AWS WAF Developer Guide* . */ awsManagedRulesBotControlRuleSet?: pulumi.Input; /** * > Instead of this setting, provide your configuration under `AWSManagedRulesATPRuleSet` . */ loginPath?: pulumi.Input; /** * > Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` . */ passwordField?: pulumi.Input; /** * > Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` . */ payloadType?: pulumi.Input; /** * > Instead of this setting, provide your configuration under the request inspection configuration for `AWSManagedRulesATPRuleSet` or `AWSManagedRulesACFPRuleSet` . */ usernameField?: pulumi.Input; } interface WebAclManagedRuleGroupStatementArgs { /** * Rules in the referenced rule group whose actions are set to `Count` . * * > Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` . */ excludedRules?: pulumi.Input[]>; /** * Collection of ManagedRuleGroupConfig. */ managedRuleGroupConfigs?: pulumi.Input[]>; /** * The name of the managed rule group. You use this, along with the vendor name, to identify the rule group. */ name: pulumi.Input; /** * Action overrides for rules in the rule group. */ ruleActionOverrides?: pulumi.Input[]>; /** * An optional nested statement that narrows the scope of the web requests that are evaluated by the managed rule group. Requests are only evaluated by the rule group if they match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement. */ scopeDownStatement?: pulumi.Input; /** * The name of the managed rule group vendor. You use this, along with the rule group name, to identify a rule group. */ vendorName: pulumi.Input; /** * The version of the managed rule group to use. If you specify this, the version setting is fixed until you change it. If you don't specify this, AWS WAF uses the vendor's default version, and then keeps the version at the vendor's default when the vendor updates the managed rule group settings. */ version?: pulumi.Input; } interface WebAclNotStatementArgs { /** * The statement to negate. You can use any statement that can be nested. */ statement: pulumi.Input; } /** * Configures the options for on-source DDoS protection provided by supported resource type. */ interface WebAclOnSourceDDoSProtectionConfigArgs { /** * The level of DDoS protection that applies to web ACLs associated with Application Load Balancers. `ACTIVE_UNDER_DDOS` protection is enabled by default whenever a web ACL is associated with an Application Load Balancer. In the event that an Application Load Balancer experiences high-load conditions or suspected DDoS attacks, the `ACTIVE_UNDER_DDOS` protection automatically rate limits traffic from known low reputation sources without disrupting Application Load Balancer availability. `ALWAYS_ON` protection provides constant, always-on monitoring of known low reputation sources for suspected DDoS attacks. While this provides a higher level of protection, there may be potential impacts on legitimate traffic. */ albLowReputationMode: pulumi.Input; } interface WebAclOrStatementArgs { /** * The statements to combine with OR logic. You can use any statements that can be nested. */ statements: pulumi.Input[]>; } /** * Override a RuleGroup or ManagedRuleGroup behavior. This can only be applied to Rule that has RuleGroupReferenceStatement or ManagedRuleGroupReferenceStatement. */ interface WebAclOverrideActionArgs { /** * Count traffic towards application. */ count?: any; /** * Keep the RuleGroup or ManagedRuleGroup behavior as is. */ none?: any; } interface WebAclRateBasedStatementArgs { /** * Setting that indicates how to aggregate the request counts. * * > Web requests that are missing any of the components specified in the aggregation keys are omitted from the rate-based rule evaluation and handling. * * - `CONSTANT` - Count and limit the requests that match the rate-based rule's scope-down statement. With this option, the counted requests aren't further aggregated. The scope-down statement is the only specification used. When the count of all requests that satisfy the scope-down statement goes over the limit, AWS WAF applies the rule action to all requests that satisfy the scope-down statement. * * With this option, you must configure the `ScopeDownStatement` property. * - `CUSTOM_KEYS` - Aggregate the request counts using one or more web request components as the aggregate keys. * * With this option, you must specify the aggregate keys in the `CustomKeys` property. * * To aggregate on only the IP address or only the forwarded IP address, don't use custom keys. Instead, set the aggregate key type to `IP` or `FORWARDED_IP` . * - `FORWARDED_IP` - Aggregate the request counts on the first IP address in an HTTP header. * * With this option, you must specify the header to use in the `ForwardedIPConfig` property. * * To aggregate on a combination of the forwarded IP address with other aggregate keys, use `CUSTOM_KEYS` . * - `IP` - Aggregate the request counts on the IP address from the web request origin. * * To aggregate on a combination of the IP address with other aggregate keys, use `CUSTOM_KEYS` . */ aggregateKeyType: pulumi.Input; /** * Specifies the aggregate keys to use in a rate-base rule. */ customKeys?: pulumi.Input[]>; /** * The amount of time, in seconds, that AWS WAF should include in its request counts, looking back from the current time. For example, for a setting of 120, when AWS WAF checks the rate, it counts the requests for the 2 minutes immediately preceding the current time. Valid settings are 60, 120, 300, and 600. * * This setting doesn't determine how often AWS WAF checks the rate, but how far back it looks each time it checks. AWS WAF checks the rate about every 10 seconds. * * Default: `300` (5 minutes) */ evaluationWindowSec?: pulumi.Input; /** * The configuration for inspecting IP addresses in an HTTP header that you specify, instead of using the IP address that's reported by the web request origin. Commonly, this is the X-Forwarded-For (XFF) header, but you can specify any header name. * * > If the specified header isn't present in the request, AWS WAF doesn't apply the rule to the web request at all. * * This is required if you specify a forwarded IP in the rule's aggregate key settings. */ forwardedIpConfig?: pulumi.Input; /** * The limit on requests during the specified evaluation window for a single aggregation instance for the rate-based rule. If the rate-based statement includes a `ScopeDownStatement` , this limit is applied only to the requests that match the statement. * * Examples: * * - If you aggregate on just the IP address, this is the limit on requests from any single IP address. * - If you aggregate on the HTTP method and the query argument name "city", then this is the limit on requests for any single method, city pair. */ limit: pulumi.Input; /** * An optional nested statement that narrows the scope of the web requests that are evaluated and managed by the rate-based statement. When you use a scope-down statement, the rate-based rule only tracks and rate limits requests that match the scope-down statement. You can use any nestable `Statement` in the scope-down statement, and you can nest statements at any level, the same as you can for a rule statement. */ scopeDownStatement?: pulumi.Input; } /** * Specifies a single custom aggregate key for a rate-base rule. */ interface WebAclRateBasedStatementCustomKeyArgs { /** * Use an Autonomous System Number (ASN) derived from the request's originating or forwarded IP address as an aggregate key. Each distinct ASN contributes to the aggregation instance. */ asn?: pulumi.Input; /** * Use the value of a cookie in the request as an aggregate key. Each distinct value in the cookie contributes to the aggregation instance. If you use a single cookie as your custom key, then each value fully defines an aggregation instance. */ cookie?: pulumi.Input; /** * Use the first IP address in an HTTP header as an aggregate key. Each distinct forwarded IP address contributes to the aggregation instance. * * When you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the forwarded IP address by specifying `FORWARDED_IP` in your rate-based statement's `AggregateKeyType` . * * With this option, you must specify the header to use in the rate-based rule's `ForwardedIPConfig` property. */ forwardedIp?: pulumi.Input; /** * Use the value of a header in the request as an aggregate key. Each distinct value in the header contributes to the aggregation instance. If you use a single header as your custom key, then each value fully defines an aggregation instance. */ header?: pulumi.Input; /** * Use the request's HTTP method as an aggregate key. Each distinct HTTP method contributes to the aggregation instance. If you use just the HTTP method as your custom key, then each method fully defines an aggregation instance. */ httpMethod?: pulumi.Input; /** * Use the request's originating IP address as an aggregate key. Each distinct IP address contributes to the aggregation instance. * * When you specify an IP or forwarded IP in the custom key settings, you must also specify at least one other key to use. You can aggregate on only the IP address by specifying `IP` in your rate-based statement's `AggregateKeyType` . */ ip?: pulumi.Input; /** * Use the request's JA3 fingerprint as an aggregate key. If you use a single JA3 fingerprint as your custom key, then each value fully defines an aggregation instance. */ ja3Fingerprint?: pulumi.Input; /** * Use the request's JA4 fingerprint as an aggregate key. If you use a single JA4 fingerprint as your custom key, then each value fully defines an aggregation instance. */ ja4Fingerprint?: pulumi.Input; /** * Use the specified label namespace as an aggregate key. Each distinct fully qualified label name that has the specified label namespace contributes to the aggregation instance. If you use just one label namespace as your custom key, then each label name fully defines an aggregation instance. * * This uses only labels that have been added to the request by rules that are evaluated before this rate-based rule in the web ACL. * * For information about label namespaces and names, see [Label syntax and naming requirements](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-label-requirements.html) in the *AWS WAF Developer Guide* . */ labelNamespace?: pulumi.Input; /** * Use the specified query argument as an aggregate key. Each distinct value for the named query argument contributes to the aggregation instance. If you use a single query argument as your custom key, then each value fully defines an aggregation instance. */ queryArgument?: pulumi.Input; /** * Use the request's query string as an aggregate key. Each distinct string contributes to the aggregation instance. If you use just the query string as your custom key, then each string fully defines an aggregation instance. */ queryString?: pulumi.Input; /** * Use the request's URI path as an aggregate key. Each distinct URI path contributes to the aggregation instance. If you use just the URI path as your custom key, then each URI path fully defines an aggregation instance. */ uriPath?: pulumi.Input; } /** * Specifies the request's ASN as an aggregate key for a rate-based rule. */ interface WebAclRateLimitAsnArgs { } /** * Specifies a cookie as an aggregate key for a rate-based rule. */ interface WebAclRateLimitCookieArgs { /** * The name of the cookie to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the first IP address in an HTTP header as an aggregate key for a rate-based rule. */ interface WebAclRateLimitForwardedIpArgs { } /** * Specifies a header as an aggregate key for a rate-based rule. */ interface WebAclRateLimitHeaderArgs { /** * The name of the header to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's HTTP method as an aggregate key for a rate-based rule. */ interface WebAclRateLimitHttpMethodArgs { } /** * Specifies the IP address in the web request as an aggregate key for a rate-based rule. */ interface WebAclRateLimitIpArgs { } /** * Specifies the request's JA3 fingerprint as an aggregate key for a rate-based rule. */ interface WebAclRateLimitJa3FingerprintArgs { /** * The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA3 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Specifies the request's JA4 fingerprint as an aggregate key for a rate-based rule. */ interface WebAclRateLimitJa4FingerprintArgs { /** * The match status to assign to the web request if there is insufficient TSL Client Hello information to compute the JA4 fingerprint. * * You can specify the following fallback behaviors: * * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. */ fallbackBehavior: pulumi.Input; } /** * Specifies a label namespace to use as an aggregate key for a rate-based rule. */ interface WebAclRateLimitLabelNamespaceArgs { /** * The namespace to use for aggregation. */ namespace: pulumi.Input; } /** * Specifies a query argument in the request as an aggregate key for a rate-based rule. */ interface WebAclRateLimitQueryArgumentArgs { /** * The name of the query argument to use. */ name: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's query string as an aggregate key for a rate-based rule. */ interface WebAclRateLimitQueryStringArgs { /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Specifies the request's URI Path as an aggregate key for a rate-based rule. */ interface WebAclRateLimitUriPathArgs { /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. Text transformations are used in rule match statements, to transform the `FieldToMatch` request component before inspecting it, and they're used in rate-based rule statements, to transform request components before using them as custom aggregation keys. If you specify one or more transformations to apply, AWS WAF performs all transformations on the specified content, starting from the lowest priority setting, and then uses the transformed component contents. */ textTransformations: pulumi.Input[]>; } /** * Regex */ interface WebAclRegexArgs { regexString?: pulumi.Input; } interface WebAclRegexMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The string representing the regular expression. */ regexString: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } interface WebAclRegexPatternSetReferenceStatementArgs { /** * The Amazon Resource Name (ARN) of the `RegexPatternSet` that this statement references. */ arn: pulumi.Input; /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Configures the inspection size in the request body. */ interface WebAclRequestBodyAssociatedResourceTypeConfigArgs { /** * Specifies the maximum size of the web request body component that an associated CloudFront, API Gateway, Amazon Cognito, App Runner, or Verified Access resource should send to AWS WAF for inspection. This applies to statements in the web ACL that inspect the body or JSON body. * * Default: `16 KB (16,384 bytes)` */ defaultSizeInspectionLimit: pulumi.Input; } /** * Configures the inspection of login requests */ interface WebAclRequestInspectionArgs { /** * The name of the field in the request payload that contains your customer's password. * * How you specify this depends on the request inspection payload type. * * - For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "password": "THE_PASSWORD" } }` , the password field specification is `/form/password` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with the input element named `password1` , the password field specification is `password1` . */ passwordField: pulumi.Input; /** * The payload type for your login endpoint, either JSON or form encoded. */ payloadType: pulumi.Input; /** * The name of the field in the request payload that contains your customer's username. * * How you specify this depends on the request inspection payload type. * * - For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "username": "THE_USERNAME" } }` , the username field specification is `/form/username` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with the input element named `username1` , the username field specification is `username1` */ usernameField: pulumi.Input; } /** * Configures the inspection of sign-up requests */ interface WebAclRequestInspectionAcfpArgs { /** * The names of the fields in the request payload that contain your customer's primary physical address. * * Order the address fields in the array exactly as they are ordered in the request payload. * * How you specify the address fields depends on the request inspection payload type. * * - For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "primaryaddressline1": "THE_ADDRESS1", "primaryaddressline2": "THE_ADDRESS2", "primaryaddressline3": "THE_ADDRESS3" } }` , the address field idenfiers are `/form/primaryaddressline1` , `/form/primaryaddressline2` , and `/form/primaryaddressline3` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with input elements named `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` , the address fields identifiers are `primaryaddressline1` , `primaryaddressline2` , and `primaryaddressline3` . */ addressFields?: pulumi.Input[]>; /** * The name of the field in the request payload that contains your customer's email. * * How you specify this depends on the request inspection payload type. * * - For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "email": "THE_EMAIL" } }` , the email field specification is `/form/email` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with the input element named `email1` , the email field specification is `email1` . */ emailField?: pulumi.Input; /** * The name of the field in the request payload that contains your customer's password. * * How you specify this depends on the request inspection payload type. * * - For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "password": "THE_PASSWORD" } }` , the password field specification is `/form/password` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with the input element named `password1` , the password field specification is `password1` . */ passwordField?: pulumi.Input; /** * The payload type for your account creation endpoint, either JSON or form encoded. */ payloadType: pulumi.Input; /** * The names of the fields in the request payload that contain your customer's primary phone number. * * Order the phone number fields in the array exactly as they are ordered in the request payload. * * How you specify the phone number fields depends on the request inspection payload type. * * - For JSON payloads, specify the field identifiers in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "primaryphoneline1": "THE_PHONE1", "primaryphoneline2": "THE_PHONE2", "primaryphoneline3": "THE_PHONE3" } }` , the phone number field identifiers are `/form/primaryphoneline1` , `/form/primaryphoneline2` , and `/form/primaryphoneline3` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with input elements named `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` , the phone number field identifiers are `primaryphoneline1` , `primaryphoneline2` , and `primaryphoneline3` . */ phoneNumberFields?: pulumi.Input[]>; /** * The name of the field in the request payload that contains your customer's username. * * How you specify this depends on the request inspection payload type. * * - For JSON payloads, specify the field name in JSON pointer syntax. For information about the JSON Pointer syntax, see the Internet Engineering Task Force (IETF) documentation [JavaScript Object Notation (JSON) Pointer](https://docs.aws.amazon.com/https://tools.ietf.org/html/rfc6901) . * * For example, for the JSON payload `{ "form": { "username": "THE_USERNAME" } }` , the username field specification is `/form/username` . * - For form encoded payload types, use the HTML form names. * * For example, for an HTML form with the input element named `username1` , the username field specification is `username1` */ usernameField?: pulumi.Input; } /** * Configures the inspection of login responses */ interface WebAclResponseInspectionArgs { /** * Configures inspection of the response body for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response body. */ bodyContains?: pulumi.Input; /** * Configures inspection of the response header for success and failure indicators. */ header?: pulumi.Input; /** * Configures inspection of the response JSON for success and failure indicators. AWS WAF can inspect the first 65,536 bytes (64 KB) of the response JSON. */ json?: pulumi.Input; /** * Configures inspection of the response status code for success and failure indicators. */ statusCode?: pulumi.Input; } /** * Response body contents that indicate success or failure of a login request */ interface WebAclResponseInspectionBodyContainsArgs { /** * Strings in the body of the response that indicate a failed login or account creation attempt. To be counted as a failure, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings. * * JSON example: `"FailureStrings": [ "Request failed" ]` */ failureStrings: pulumi.Input[]>; /** * Strings in the body of the response that indicate a successful login or account creation attempt. To be counted as a success, the string can be anywhere in the body and must be an exact match, including case. Each string must be unique among the success and failure strings. * * JSON examples: `"SuccessStrings": [ "Login successful" ]` and `"SuccessStrings": [ "Account creation successful", "Welcome to our site!" ]` */ successStrings: pulumi.Input[]>; } /** * Response headers that indicate success or failure of a login request */ interface WebAclResponseInspectionHeaderArgs { /** * Values in the response header with the specified name that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values. * * JSON examples: `"FailureValues": [ "LoginFailed", "Failed login" ]` and `"FailureValues": [ "AccountCreationFailed" ]` */ failureValues: pulumi.Input[]>; /** * The name of the header to match against. The name must be an exact match, including case. * * JSON example: `"Name": [ "RequestResult" ]` */ name: pulumi.Input; /** * Values in the response header with the specified name that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values. * * JSON examples: `"SuccessValues": [ "LoginPassed", "Successful login" ]` and `"SuccessValues": [ "AccountCreated", "Successful account creation" ]` */ successValues: pulumi.Input[]>; } /** * Response JSON that indicate success or failure of a login request */ interface WebAclResponseInspectionJsonArgs { /** * Values for the specified identifier in the response JSON that indicate a failed login or account creation attempt. To be counted as a failure, the value must be an exact match, including case. Each value must be unique among the success and failure values. * * JSON example: `"FailureValues": [ "False", "Failed" ]` */ failureValues: pulumi.Input[]>; /** * The identifier for the value to match against in the JSON. The identifier must be an exact match, including case. * * JSON examples: `"Identifier": [ "/login/success" ]` and `"Identifier": [ "/sign-up/success" ]` */ identifier: pulumi.Input; /** * Values for the specified identifier in the response JSON that indicate a successful login or account creation attempt. To be counted as a success, the value must be an exact match, including case. Each value must be unique among the success and failure values. * * JSON example: `"SuccessValues": [ "True", "Succeeded" ]` */ successValues: pulumi.Input[]>; } /** * Response status codes that indicate success or failure of a login request */ interface WebAclResponseInspectionStatusCodeArgs { /** * Status codes in the response that indicate a failed login or account creation attempt. To be counted as a failure, the response status code must match one of these. Each code must be unique among the success and failure status codes. * * JSON example: `"FailureCodes": [ 400, 404 ]` */ failureCodes: pulumi.Input[]>; /** * Status codes in the response that indicate a successful login or account creation attempt. To be counted as a success, the response status code must match one of these. Each code must be unique among the success and failure status codes. * * JSON example: `"SuccessCodes": [ 200, 201 ]` */ successCodes: pulumi.Input[]>; } /** * Rule of WebACL that contains condition and action. */ interface WebAclRuleArgs { /** * The action that AWS WAF should take on a web request when it matches the rule's statement. Settings at the web ACL level can override the rule action setting. * * This is used only for rules whose statements don't reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` . * * You must set either this `Action` setting or the rule's `OverrideAction` , but not both: * * - If the rule statement doesn't reference a rule group, you must set this rule action setting and you must not set the rule's override action setting. * - If the rule statement references a rule group, you must not set this action setting, because the actions are already set on the rules inside the rule group. You must set the rule's override action setting to indicate specifically whether to override the actions that are set on the rules in the rule group. */ action?: pulumi.Input; /** * Specifies how AWS WAF should handle `CAPTCHA` evaluations. If you don't specify this, AWS WAF uses the `CAPTCHA` configuration that's defined for the web ACL. */ captchaConfig?: pulumi.Input; /** * Specifies how AWS WAF should handle `Challenge` evaluations. If you don't specify this, AWS WAF uses the challenge configuration that's defined for the web ACL. */ challengeConfig?: pulumi.Input; /** * The name of the rule. * * If you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name in the rule's `VisibilityConfig` settings. AWS WAF doesn't automatically update the metric name when you update the rule name. */ name: pulumi.Input; /** * The override action to apply to the rules in a rule group, instead of the individual rule action settings. This is used only for rules whose statements reference a rule group. Rule statements that reference a rule group are `RuleGroupReferenceStatement` and `ManagedRuleGroupStatement` . * * Set the override action to none to leave the rule group rule actions in effect. Set it to count to only count matches, regardless of the rule action settings. * * You must set either this `OverrideAction` setting or the `Action` setting, but not both: * * - If the rule statement references a rule group, you must set this override action setting and you must not set the rule's action setting. * - If the rule statement doesn't reference a rule group, you must set the rule action setting and you must not set the rule's override action setting. */ overrideAction?: pulumi.Input; /** * If you define more than one `Rule` in a `WebACL` , AWS WAF evaluates each request against the `Rules` in order based on the value of `Priority` . AWS WAF processes rules with lower priority first. The priorities don't need to be consecutive, but they must all be different. */ priority: pulumi.Input; /** * Collection of Rule Labels. */ ruleLabels?: pulumi.Input[]>; /** * The AWS WAF processing statement for the rule, for example `ByteMatchStatement` or `SizeConstraintStatement` . */ statement: pulumi.Input; /** * Defines and enables Amazon CloudWatch metrics and web request sample collection. * * If you change the name of a `Rule` after you create it and you want the rule's metric name to reflect the change, update the metric name as well. AWS WAF doesn't automatically update the metric name. */ visibilityConfig: pulumi.Input; } /** * Action taken when Rule matches its condition. */ interface WebAclRuleActionArgs { /** * Instructs AWS WAF to allow the web request. */ allow?: pulumi.Input; /** * Instructs AWS WAF to block the web request. */ block?: pulumi.Input; /** * Specifies that AWS WAF should run a `CAPTCHA` check against the request: * * - If the request includes a valid, unexpired `CAPTCHA` token, AWS WAF allows the web request inspection to proceed to the next rule, similar to a `CountAction` . * - If the request doesn't include a valid, unexpired `CAPTCHA` token, AWS WAF discontinues the web ACL evaluation of the request and blocks it from going to its intended destination. * * AWS WAF generates a response that it sends back to the client, which includes the following: * * - The header `x-amzn-waf-action` with a value of `captcha` . * - The HTTP status code `405 Method Not Allowed` . * - If the request contains an `Accept` header with a value of `text/html` , the response includes a `CAPTCHA` challenge. * * You can configure the expiration time in the `CaptchaConfig` `ImmunityTimeProperty` setting at the rule and web ACL level. The rule setting overrides the web ACL setting. * * This action option is available for rules. It isn't available for web ACL default actions. */ captcha?: pulumi.Input; /** * Instructs AWS WAF to run a `Challenge` check against the web request. */ challenge?: pulumi.Input; /** * Instructs AWS WAF to count the web request and then continue evaluating the request using the remaining rules in the web ACL. */ count?: pulumi.Input; } /** * Action override for rules in the rule group. */ interface WebAclRuleActionOverrideArgs { /** * The override action to use, in place of the configured action of the rule in the rule group. */ actionToUse: pulumi.Input; /** * The name of the rule to override. */ name: pulumi.Input; } interface WebAclRuleGroupReferenceStatementArgs { /** * The Amazon Resource Name (ARN) of the entity. */ arn: pulumi.Input; /** * Rules in the referenced rule group whose actions are set to `Count` . * * > Instead of this option, use `RuleActionOverrides` . It accepts any valid action setting, including `Count` . */ excludedRules?: pulumi.Input[]>; /** * Action overrides for rules in the rule group. */ ruleActionOverrides?: pulumi.Input[]>; } /** * Size Constraint statement. */ interface WebAclSizeConstraintStatementArgs { /** * The operator to use to compare the request part to the size setting. */ comparisonOperator: pulumi.Input; /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The size, in byte, to compare to the request part, after any transformations. */ size: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * Sqli Match Statement. */ interface WebAclSqliMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * The sensitivity that you want AWS WAF to use to inspect for SQL injection attacks. * * `HIGH` detects more attacks, but might generate more false positives, especially if your web requests frequently contain unusual strings. For information about identifying and mitigating false positives, see [Testing and tuning](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-testing.html) in the *AWS WAF Developer Guide* . * * `LOW` is generally a better choice for resources that already have other protections against SQL injection attacks or that have a low tolerance for false positives. * * Default: `LOW` */ sensitivityLevel?: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } /** * First level statement that contains conditions, such as ByteMatch, SizeConstraint, etc */ interface WebAclStatementArgs { /** * A logical rule statement used to combine other rule statements with AND logic. You provide more than one `Statement` within the `AndStatement` . */ andStatement?: pulumi.Input; /** * A rule statement that inspects web traffic based on the Autonomous System Number (ASN) associated with the request's IP address. * * For additional details, see [ASN match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-asn-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . */ asnMatchStatement?: pulumi.Input; /** * A rule statement that defines a string match search for AWS WAF to apply to web requests. The byte match statement provides the bytes to search for, the location in requests that you want AWS WAF to search, and other settings. The bytes to search for are typically a string that corresponds with ASCII characters. In the AWS WAF console and the developer guide, this is called a string match statement. */ byteMatchStatement?: pulumi.Input; /** * A rule statement that labels web requests by country and region and that matches against web requests based on country code. A geo match rule labels every request that it inspects regardless of whether it finds a match. * * - To manage requests only by country, you can use this statement by itself and specify the countries that you want to match against in the `CountryCodes` array. * - Otherwise, configure your geo match rule with Count action so that it only labels requests. Then, add one or more label match rules to run after the geo match rule and configure them to match against the geographic labels and handle the requests as needed. * * AWS WAF labels requests using the alpha-2 country and region codes from the International Organization for Standardization (ISO) 3166 standard. AWS WAF determines the codes using either the IP address in the web request origin or, if you specify it, the address in the geo match `ForwardedIPConfig` . * * If you use the web request origin, the label formats are `awswaf:clientip:geo:region:-` and `awswaf:clientip:geo:country:` . * * If you use a forwarded IP address, the label formats are `awswaf:forwardedip:geo:region:-` and `awswaf:forwardedip:geo:country:` . * * For additional details, see [Geographic match rule statement](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-type-geo-match.html) in the [AWS WAF Developer Guide](https://docs.aws.amazon.com/waf/latest/developerguide/waf-chapter.html) . */ geoMatchStatement?: pulumi.Input; /** * A rule statement used to detect web requests coming from particular IP addresses or address ranges. To use this, create an `IPSet` that specifies the addresses you want to detect, then use the ARN of that set in this statement. * * Each IP set rule statement references an IP set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it. */ ipSetReferenceStatement?: pulumi.Input; /** * A rule statement to match against labels that have been added to the web request by rules that have already run in the web ACL. * * The label match statement provides the label or namespace string to search for. The label string can represent a part or all of the fully qualified label name that had been added to the web request. Fully qualified labels have a prefix, optional namespaces, and label name. The prefix identifies the rule group or web ACL context of the rule that added the label. If you do not provide the fully qualified name in your label match string, AWS WAF performs the search for labels that were added in the same context as the label match statement. */ labelMatchStatement?: pulumi.Input; /** * A rule statement used to run the rules that are defined in a managed rule group. To use this, provide the vendor name and the name of the rule group in this statement. You can retrieve the required names through the API call `ListAvailableManagedRuleGroups` . * * You cannot nest a `ManagedRuleGroupStatement` , for example for use inside a `NotStatement` or `OrStatement` . It can only be referenced as a top-level statement within a rule. * * > You are charged additional fees when you use the AWS WAF Bot Control managed rule group `AWSManagedRulesBotControlRuleSet` , the AWS WAF Fraud Control account takeover prevention (ATP) managed rule group `AWSManagedRulesATPRuleSet` , or the AWS WAF Fraud Control account creation fraud prevention (ACFP) managed rule group `AWSManagedRulesACFPRuleSet` . For more information, see [AWS WAF Pricing](https://docs.aws.amazon.com/waf/pricing/) . */ managedRuleGroupStatement?: pulumi.Input; /** * A logical rule statement used to negate the results of another rule statement. You provide one `Statement` within the `NotStatement` . */ notStatement?: pulumi.Input; /** * A logical rule statement used to combine other rule statements with OR logic. You provide more than one `Statement` within the `OrStatement` . */ orStatement?: pulumi.Input; /** * A rate-based rule counts incoming requests and rate limits requests when they are coming at too fast a rate. The rule categorizes requests according to your aggregation criteria, collects them into aggregation instances, and counts and rate limits the requests for each instance. * * > If you change any of these settings in a rule that's currently in use, the change resets the rule's rate limiting counts. This can pause the rule's rate limiting activities for up to a minute. * * You can specify individual aggregation keys, like IP address or HTTP method. You can also specify aggregation key combinations, like IP address and HTTP method, or HTTP method, query argument, and cookie. * * Each unique set of values for the aggregation keys that you specify is a separate aggregation instance, with the value from each key contributing to the aggregation instance definition. * * For example, assume the rule evaluates web requests with the following IP address and HTTP method values: * * - IP address 10.1.1.1, HTTP method POST * - IP address 10.1.1.1, HTTP method GET * - IP address 127.0.0.0, HTTP method POST * - IP address 10.1.1.1, HTTP method GET * * The rule would create different aggregation instances according to your aggregation criteria, for example: * * - If the aggregation criteria is just the IP address, then each individual address is an aggregation instance, and AWS WAF counts requests separately for each. The aggregation instances and request counts for our example would be the following: * * - IP address 10.1.1.1: count 3 * - IP address 127.0.0.0: count 1 * - If the aggregation criteria is HTTP method, then each individual HTTP method is an aggregation instance. The aggregation instances and request counts for our example would be the following: * * - HTTP method POST: count 2 * - HTTP method GET: count 2 * - If the aggregation criteria is IP address and HTTP method, then each IP address and each HTTP method would contribute to the combined aggregation instance. The aggregation instances and request counts for our example would be the following: * * - IP address 10.1.1.1, HTTP method POST: count 1 * - IP address 10.1.1.1, HTTP method GET: count 2 * - IP address 127.0.0.0, HTTP method POST: count 1 * * For any n-tuple of aggregation keys, each unique combination of values for the keys defines a separate aggregation instance, which AWS WAF counts and rate-limits individually. * * You can optionally nest another statement inside the rate-based statement, to narrow the scope of the rule so that it only counts and rate limits requests that match the nested statement. You can use this nested scope-down statement in conjunction with your aggregation key specifications or you can just count and rate limit all requests that match the scope-down statement, without additional aggregation. When you choose to just manage all requests that match a scope-down statement, the aggregation instance is singular for the rule. * * You cannot nest a `RateBasedStatement` inside another statement, for example inside a `NotStatement` or `OrStatement` . You can define a `RateBasedStatement` inside a web ACL and inside a rule group. * * For additional information about the options, see [Rate limiting web requests using rate-based rules](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rate-based-rules.html) in the *AWS WAF Developer Guide* . * * If you only aggregate on the individual IP address or forwarded IP address, you can retrieve the list of IP addresses that AWS WAF is currently rate limiting for a rule through the API call `GetRateBasedStatementManagedKeys` . This option is not available for other aggregation configurations. * * AWS WAF tracks and manages web requests separately for each instance of a rate-based rule that you use. For example, if you provide the same rate-based rule settings in two web ACLs, each of the two rule statements represents a separate instance of the rate-based rule and gets its own tracking and management by AWS WAF . If you define a rate-based rule inside a rule group, and then use that rule group in multiple places, each use creates a separate instance of the rate-based rule that gets its own tracking and management by AWS WAF . */ rateBasedStatement?: pulumi.Input; /** * A rule statement used to search web request components for a match against a single regular expression. */ regexMatchStatement?: pulumi.Input; /** * A rule statement used to search web request components for matches with regular expressions. To use this, create a `RegexPatternSet` that specifies the expressions that you want to detect, then use the ARN of that set in this statement. A web request matches the pattern set rule statement if the request component matches any of the patterns in the set. * * Each regex pattern set rule statement references a regex pattern set. You create and maintain the set independent of your rules. This allows you to use the single set in multiple rules. When you update the referenced set, AWS WAF automatically updates all rules that reference it. */ regexPatternSetReferenceStatement?: pulumi.Input; /** * A rule statement used to run the rules that are defined in a `RuleGroup` . To use this, create a rule group with your rules, then provide the ARN of the rule group in this statement. * * You cannot nest a `RuleGroupReferenceStatement` , for example for use inside a `NotStatement` or `OrStatement` . You cannot use a rule group reference statement inside another rule group. You can only reference a rule group as a top-level statement within a rule that you define in a web ACL. */ ruleGroupReferenceStatement?: pulumi.Input; /** * A rule statement that compares a number of bytes against the size of a request component, using a comparison operator, such as greater than (>) or less than (<). For example, you can use a size constraint statement to look for query strings that are longer than 100 bytes. * * If you configure AWS WAF to inspect the request body, AWS WAF inspects only the number of bytes in the body up to the limit for the web ACL and protected resource type. If you know that the request body for your web requests should never exceed the inspection limit, you can use a size constraint statement to block requests that have a larger request body size. For more information about the inspection limits, see `Body` and `JsonBody` settings for the `FieldToMatch` data type. * * If you choose URI for the value of Part of the request to filter on, the slash (/) in the URI counts as one character. For example, the URI `/logo.jpg` is nine characters long. */ sizeConstraintStatement?: pulumi.Input; /** * A rule statement that inspects for malicious SQL code. Attackers insert malicious SQL code into web requests to do things like modify your database or extract data from it. */ sqliMatchStatement?: pulumi.Input; /** * A rule statement that inspects for cross-site scripting (XSS) attacks. In XSS attacks, the attacker uses vulnerabilities in a benign website as a vehicle to inject malicious client-site scripts into other legitimate web browsers. */ xssMatchStatement?: pulumi.Input; } /** * Text Transformation on the Search String before match. */ interface WebAclTextTransformationArgs { /** * Sets the relative processing order for multiple transformations. AWS WAF processes all transformations, from lowest priority to highest, before inspecting the transformed content. The priorities don't need to be consecutive, but they must all be different. */ priority: pulumi.Input; /** * For detailed descriptions of each of the transformation types, see [Text transformations](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-transformation.html) in the *AWS WAF Developer Guide* . */ type: pulumi.Input; } /** * The path component of the URI Fragment. This is the part of a web request that identifies a fragment uri, for example, /abcd#introduction */ interface WebAclUriFragmentArgs { /** * What AWS WAF should do if it fails to completely parse the JSON body. The options are the following: * * - `EVALUATE_AS_STRING` - Inspect the body as plain text. AWS WAF applies the text transformations and inspection criteria that you defined for the JSON inspection to the body text string. * - `MATCH` - Treat the web request as matching the rule statement. AWS WAF applies the rule action to the request. * - `NO_MATCH` - Treat the web request as not matching the rule statement. * * If you don't provide this setting, AWS WAF parses and evaluates the content only up to the first parsing failure that it encounters. * * Example JSON: `{ "UriFragment": { "FallbackBehavior": "MATCH"} }` * * > AWS WAF parsing doesn't fully validate the input JSON string, so parsing can succeed even for invalid JSON. When parsing succeeds, AWS WAF doesn't apply the fallback behavior. For more information, see [JSON body](https://docs.aws.amazon.com/waf/latest/developerguide/waf-rule-statement-fields-list.html#waf-rule-statement-request-component-json-body) in the *AWS WAF Developer Guide* . */ fallbackBehavior?: pulumi.Input; } /** * Visibility Metric of the WebACL. */ interface WebAclVisibilityConfigArgs { /** * Indicates whether the associated resource sends metrics to Amazon CloudWatch. For the list of available metrics, see [AWS WAF Metrics](https://docs.aws.amazon.com/waf/latest/developerguide/monitoring-cloudwatch.html#waf-metrics) in the *AWS WAF Developer Guide* . * * For web ACLs, the metrics are for web requests that have the web ACL default action applied. AWS WAF applies the default action to web requests that pass the inspection of all rules in the web ACL without being either allowed or blocked. For more information, * see [The web ACL default action](https://docs.aws.amazon.com/waf/latest/developerguide/web-acl-default-action.html) in the *AWS WAF Developer Guide* . */ cloudWatchMetricsEnabled: pulumi.Input; /** * A name of the Amazon CloudWatch metric dimension. The name can contain only the characters: A-Z, a-z, 0-9, - (hyphen), and _ (underscore). The name can be from one to 128 characters long. It can't contain whitespace or metric names that are reserved for AWS WAF , for example `All` and `Default_Action` . */ metricName: pulumi.Input; /** * Indicates whether AWS WAF should store a sampling of the web requests that match the rules. You can view the sampled requests through the AWS WAF console. * * If you configure data protection for the web ACL, the protection applies to the web ACL's sampled web request data. * * > Request sampling doesn't provide a field redaction option, and any field redaction that you specify in your logging configuration doesn't affect sampling. You can only exclude fields from request sampling by disabling sampling in the web ACL visibility configuration or by configuring data protection for the web ACL. */ sampledRequestsEnabled: pulumi.Input; } /** * Xss Match Statement. */ interface WebAclXssMatchStatementArgs { /** * The part of the web request that you want AWS WAF to inspect. */ fieldToMatch: pulumi.Input; /** * Text transformations eliminate some of the unusual formatting that attackers use in web requests in an effort to bypass detection. If you specify one or more transformations in a rule statement, AWS WAF performs all transformations on the content of the request component identified by `FieldToMatch` , starting from the lowest priority setting, before inspecting the content for a match. */ textTransformations: pulumi.Input[]>; } } export declare namespace wisdom { interface AiAgentAiAgentConfiguration0PropertiesArgs { manualSearchAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration1PropertiesArgs { answerRecommendationAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration2PropertiesArgs { selfServiceAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration3PropertiesArgs { emailResponseAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration4PropertiesArgs { emailOverviewAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration5PropertiesArgs { emailGenerativeAnswerAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration6PropertiesArgs { orchestrationAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration7PropertiesArgs { noteTakingAiAgentConfiguration: pulumi.Input; } interface AiAgentAiAgentConfiguration8PropertiesArgs { caseSummarizationAiAgentConfiguration: pulumi.Input; } interface AiAgentAnnotationArgs { } interface AiAgentAnswerRecommendationAiAgentConfigurationArgs { answerGenerationAiGuardrailId?: pulumi.Input; answerGenerationAiPromptId?: pulumi.Input; associationConfigurations?: pulumi.Input[]>; intentLabelingGenerationAiPromptId?: pulumi.Input; locale?: pulumi.Input; queryReformulationAiPromptId?: pulumi.Input; } interface AiAgentAssociationConfigurationArgs { associationConfigurationData?: pulumi.Input; associationId?: pulumi.Input; associationType?: pulumi.Input; } interface AiAgentAssociationConfigurationDataPropertiesArgs { knowledgeBaseAssociationConfigurationData: pulumi.Input; } interface AiAgentCaseSummarizationAiAgentConfigurationArgs { caseSummarizationAiGuardrailId?: pulumi.Input; caseSummarizationAiPromptId?: pulumi.Input; locale?: pulumi.Input; } interface AiAgentEmailGenerativeAnswerAiAgentConfigurationArgs { associationConfigurations?: pulumi.Input[]>; emailGenerativeAnswerAiPromptId?: pulumi.Input; emailQueryReformulationAiPromptId?: pulumi.Input; locale?: pulumi.Input; } interface AiAgentEmailOverviewAiAgentConfigurationArgs { emailOverviewAiPromptId?: pulumi.Input; locale?: pulumi.Input; } interface AiAgentEmailResponseAiAgentConfigurationArgs { associationConfigurations?: pulumi.Input[]>; emailQueryReformulationAiPromptId?: pulumi.Input; emailResponseAiPromptId?: pulumi.Input; locale?: pulumi.Input; } interface AiAgentKnowledgeBaseAssociationConfigurationDataArgs { contentTagFilter?: pulumi.Input; maxResults?: pulumi.Input; overrideKnowledgeBaseSearchType?: pulumi.Input; } interface AiAgentManualSearchAiAgentConfigurationArgs { answerGenerationAiGuardrailId?: pulumi.Input; answerGenerationAiPromptId?: pulumi.Input; associationConfigurations?: pulumi.Input[]>; locale?: pulumi.Input; } interface AiAgentNoteTakingAiAgentConfigurationArgs { locale?: pulumi.Input; noteTakingAiGuardrailId?: pulumi.Input; noteTakingAiPromptId?: pulumi.Input; } interface AiAgentOrCondition0PropertiesArgs { andConditions: pulumi.Input[]>; } interface AiAgentOrCondition1PropertiesArgs { tagCondition: pulumi.Input; } interface AiAgentOrchestrationAiAgentConfigurationArgs { connectInstanceArn?: pulumi.Input; locale?: pulumi.Input; orchestrationAiGuardrailId?: pulumi.Input; orchestrationAiPromptId: pulumi.Input; toolConfigurations?: pulumi.Input[]>; } interface AiAgentSelfServiceAiAgentConfigurationArgs { associationConfigurations?: pulumi.Input[]>; selfServiceAiGuardrailId?: pulumi.Input; selfServiceAnswerGenerationAiPromptId?: pulumi.Input; selfServicePreProcessingAiPromptId?: pulumi.Input; } interface AiAgentTagConditionArgs { key: pulumi.Input; value?: pulumi.Input; } interface AiAgentTagFilter0PropertiesArgs { tagCondition: pulumi.Input; } interface AiAgentTagFilter1PropertiesArgs { andConditions: pulumi.Input[]>; } interface AiAgentTagFilter2PropertiesArgs { orConditions: pulumi.Input[]>; } interface AiAgentToolConfigurationArgs { annotations?: pulumi.Input; description?: pulumi.Input; inputSchema?: any; instruction?: pulumi.Input; outputFilters?: pulumi.Input[]>; outputSchema?: any; overrideInputValues?: pulumi.Input[]>; title?: pulumi.Input; toolId?: pulumi.Input; toolName: pulumi.Input; toolType: pulumi.Input; userInteractionConfiguration?: pulumi.Input; } interface AiAgentToolInstructionArgs { examples?: pulumi.Input[]>; instruction?: pulumi.Input; } interface AiAgentToolOutputConfigurationArgs { outputVariableNameOverride?: pulumi.Input; sessionDataNamespace?: pulumi.Input; } interface AiAgentToolOutputFilterArgs { jsonPath: pulumi.Input; outputConfiguration?: pulumi.Input; } interface AiAgentToolOverrideConstantInputValueArgs { type: pulumi.Input; value: pulumi.Input; } interface AiAgentToolOverrideInputValueArgs { jsonPath: pulumi.Input; value: pulumi.Input; } interface AiAgentToolOverrideInputValueConfigurationPropertiesArgs { constant: pulumi.Input; } interface AiAgentUserInteractionConfigurationArgs { isUserConfirmationRequired?: pulumi.Input; } /** * Content policy config for a guardrail. */ interface AiGuardrailAiGuardrailContentPolicyConfigArgs { /** * List of content filter configs in content policy. */ filtersConfig: pulumi.Input[]>; } /** * Contextual grounding policy config for a guardrail. */ interface AiGuardrailAiGuardrailContextualGroundingPolicyConfigArgs { /** * List of contextual grounding filter configs. */ filtersConfig: pulumi.Input[]>; } /** * Sensitive information policy config for a guardrail. */ interface AiGuardrailAiGuardrailSensitiveInformationPolicyConfigArgs { /** * List of entities. */ piiEntitiesConfig?: pulumi.Input[]>; /** * List of regex. */ regexesConfig?: pulumi.Input[]>; } /** * Topic policy config for a guardrail. */ interface AiGuardrailAiGuardrailTopicPolicyConfigArgs { /** * List of topic configs in topic policy. */ topicsConfig: pulumi.Input[]>; } /** * Word policy config for a guardrail. */ interface AiGuardrailAiGuardrailWordPolicyConfigArgs { /** * A config for the list of managed words. */ managedWordListsConfig?: pulumi.Input[]>; /** * List of custom word configs. */ wordsConfig?: pulumi.Input[]>; } /** * Content filter config in content policy. */ interface AiGuardrailGuardrailContentFilterConfigArgs { /** * The strength of the input for the guardrail content filter. */ inputStrength: pulumi.Input; /** * The output strength of the guardrail content filter. */ outputStrength: pulumi.Input; /** * The type of the guardrail content filter. */ type: pulumi.Input; } /** * A config for grounding filter. */ interface AiGuardrailGuardrailContextualGroundingFilterConfigArgs { /** * The threshold for this filter. */ threshold: pulumi.Input; /** * The type of this filter. */ type: pulumi.Input; } /** * A managed words config. */ interface AiGuardrailGuardrailManagedWordsConfigArgs { /** * The type of guardrail managed words. */ type: pulumi.Input; } /** * Pii entity configuration. */ interface AiGuardrailGuardrailPiiEntityConfigArgs { /** * The action of guardrail PII entity configuration. */ action: pulumi.Input; /** * Configure AI Guardrail type when the PII entity is detected. * * The following PIIs are used to block or mask sensitive information: * * - *General* * * - *ADDRESS* * * A physical address, such as "100 Main Street, Anytown, USA" or "Suite #12, Building 123". An address can include information such as the street, building, location, city, state, country, county, zip code, precinct, and neighborhood. * - *AGE* * * An individual's age, including the quantity and unit of time. For example, in the phrase "I am 40 years old," Guarrails recognizes "40 years" as an age. * - *NAME* * * An individual's name. This entity type does not include titles, such as Dr., Mr., Mrs., or Miss. AI Guardrail doesn't apply this entity type to names that are part of organizations or addresses. For example, AI Guardrail recognizes the "John Doe Organization" as an organization, and it recognizes "Jane Doe Street" as an address. * - *EMAIL* * * An email address, such as *marymajor@email.com* . * - *PHONE* * * A phone number. This entity type also includes fax and pager numbers. * - *USERNAME* * * A user name that identifies an account, such as a login name, screen name, nick name, or handle. * - *PASSWORD* * * An alphanumeric string that is used as a password, such as "* *very20special#pass** ". * - *DRIVER_ID* * * The number assigned to a driver's license, which is an official document permitting an individual to operate one or more motorized vehicles on a public road. A driver's license number consists of alphanumeric characters. * - *LICENSE_PLATE* * * A license plate for a vehicle is issued by the state or country where the vehicle is registered. The format for passenger vehicles is typically five to eight digits, consisting of upper-case letters and numbers. The format varies depending on the location of the issuing state or country. * - *VEHICLE_IDENTIFICATION_NUMBER* * * A Vehicle Identification Number (VIN) uniquely identifies a vehicle. VIN content and format are defined in the *ISO 3779* specification. Each country has specific codes and formats for VINs. * - *Finance* * * - *CREDIT_DEBIT_CARD_CVV* * * A three-digit card verification code (CVV) that is present on VISA, MasterCard, and Discover credit and debit cards. For American Express credit or debit cards, the CVV is a four-digit numeric code. * - *CREDIT_DEBIT_CARD_EXPIRY* * * The expiration date for a credit or debit card. This number is usually four digits long and is often formatted as *month/year* or *MM/YY* . AI Guardrail recognizes expiration dates such as *01/21* , *01/2021* , and *Jan 2021* . * - *CREDIT_DEBIT_CARD_NUMBER* * * The number for a credit or debit card. These numbers can vary from 13 to 16 digits in length. However, Amazon Comprehend also recognizes credit or debit card numbers when only the last four digits are present. * - *PIN* * * A four-digit personal identification number (PIN) with which you can access your bank account. * - *INTERNATIONAL_BANK_ACCOUNT_NUMBER* * * An International Bank Account Number has specific formats in each country. For more information, see [www.iban.com/structure](https://docs.aws.amazon.com/https://www.iban.com/structure) . * - *SWIFT_CODE* * * A SWIFT code is a standard format of Bank Identifier Code (BIC) used to specify a particular bank or branch. Banks use these codes for money transfers such as international wire transfers. * * SWIFT codes consist of eight or 11 characters. The 11-digit codes refer to specific branches, while eight-digit codes (or 11-digit codes ending in 'XXX') refer to the head or primary office. * - *IT* * * - *IP_ADDRESS* * * An IPv4 address, such as *198.51.100.0* . * - *MAC_ADDRESS* * * A *media access control* (MAC) address is a unique identifier assigned to a network interface controller (NIC). * - *URL* * * A web address, such as *www.example.com* . * - *AWS_ACCESS_KEY* * * A unique identifier that's associated with a secret access key; you use the access key ID and secret access key to sign programmatic AWS requests cryptographically. * - *AWS_SECRET_KEY* * * A unique identifier that's associated with an access key. You use the access key ID and secret access key to sign programmatic AWS requests cryptographically. * - *USA specific* * * - *US_BANK_ACCOUNT_NUMBER* * * A US bank account number, which is typically 10 to 12 digits long. * - *US_BANK_ROUTING_NUMBER* * * A US bank account routing number. These are typically nine digits long, * - *US_INDIVIDUAL_TAX_IDENTIFICATION_NUMBER* * * A US Individual Taxpayer Identification Number (ITIN) is a nine-digit number that starts with a "9" and contain a "7" or "8" as the fourth digit. An ITIN can be formatted with a space or a dash after the third and forth digits. * - *US_PASSPORT_NUMBER* * * A US passport number. Passport numbers range from six to nine alphanumeric characters. * - *US_SOCIAL_SECURITY_NUMBER* * * A US Social Security Number (SSN) is a nine-digit number that is issued to US citizens, permanent residents, and temporary working residents. * - *Canada specific* * * - *CA_HEALTH_NUMBER* * * A Canadian Health Service Number is a 10-digit unique identifier, required for individuals to access healthcare benefits. * - *CA_SOCIAL_INSURANCE_NUMBER* * * A Canadian Social Insurance Number (SIN) is a nine-digit unique identifier, required for individuals to access government programs and benefits. * * The SIN is formatted as three groups of three digits, such as *123-456-789* . A SIN can be validated through a simple check-digit process called the [Luhn algorithm](https://docs.aws.amazon.com/https://www.wikipedia.org/wiki/Luhn_algorithm) . * - *UK Specific* * * - *UK_NATIONAL_HEALTH_SERVICE_NUMBER* * * A UK National Health Service Number is a 10-17 digit number, such as *485 555 3456* . The current system formats the 10-digit number with spaces after the third and sixth digits. The final digit is an error-detecting checksum. * - *UK_NATIONAL_INSURANCE_NUMBER* * * A UK National Insurance Number (NINO) provides individuals with access to National Insurance (social security) benefits. It is also used for some purposes in the UK tax system. * * The number is nine digits long and starts with two letters, followed by six numbers and one letter. A NINO can be formatted with a space or a dash after the two letters and after the second, forth, and sixth digits. * - *UK_UNIQUE_TAXPAYER_REFERENCE_NUMBER* * * A UK Unique Taxpayer Reference (UTR) is a 10-digit number that identifies a taxpayer or a business. * - *Custom* * * - *Regex filter* - You can use a regular expressions to define patterns for an AI Guardrail to recognize and act upon such as serial number, booking ID etc.. */ type: pulumi.Input; } /** * A regex configuration. */ interface AiGuardrailGuardrailRegexConfigArgs { /** * The action of the guardrail regex configuration. */ action: pulumi.Input; /** * The regex description. */ description?: pulumi.Input; /** * The regex name. */ name: pulumi.Input; /** * The regex pattern. */ pattern: pulumi.Input; } /** * Topic config in topic policy. */ interface AiGuardrailGuardrailTopicConfigArgs { /** * Definition of topic in topic policy */ definition: pulumi.Input; /** * List of text examples */ examples?: pulumi.Input[]>; /** * Name of topic in topic policy */ name: pulumi.Input; /** * Type of topic in a policy. */ type: pulumi.Input; } /** * A custom word config. */ interface AiGuardrailGuardrailWordConfigArgs { /** * The custom word text. */ text: pulumi.Input; } interface AiPromptAiPromptTemplateConfigurationArgs { } interface AssistantAssociationAssociationData0PropertiesArgs { knowledgeBaseId: pulumi.Input; } interface AssistantAssociationAssociationData1PropertiesArgs { externalBedrockKnowledgeBaseConfig: pulumi.Input; } interface AssistantAssociationExternalBedrockKnowledgeBaseConfigArgs { accessRoleArn: pulumi.Input; bedrockKnowledgeBaseArn: pulumi.Input; } interface AssistantServerSideEncryptionConfigurationArgs { /** * The customer managed key used for encryption. The customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. To use Wisdom with chat, the key policy must also allow `kms:Decrypt` , `kms:GenerateDataKey*` , and `kms:DescribeKey` permissions to the `connect.amazonaws.com` service principal. For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) in the *AWS Key Management Service Developer Guide* . */ kmsKeyId?: pulumi.Input; } interface KnowledgeBaseAppIntegrationsConfigurationArgs { appIntegrationArn: pulumi.Input; objectFields?: pulumi.Input[]>; } interface KnowledgeBaseBedrockFoundationModelConfigurationArgs { /** * The model ARN of the Bedrock foundation model. */ modelArn: pulumi.Input; /** * The parsing prompt of the Bedrock foundation model configuration. */ parsingPrompt?: pulumi.Input; } /** * The parsing prompt of the Bedrock foundation model configuration. */ interface KnowledgeBaseBedrockFoundationModelConfigurationParsingPromptPropertiesArgs { parsingPromptText: pulumi.Input; } interface KnowledgeBaseFixedSizeChunkingConfigurationArgs { /** * The maximum number of tokens to include in a chunk. */ maxTokens: pulumi.Input; /** * The percentage of overlap between adjacent chunks of a data source. */ overlapPercentage: pulumi.Input; } interface KnowledgeBaseHierarchicalChunkingConfigurationArgs { /** * Token settings for each layer. */ levelConfigurations: pulumi.Input[]>; /** * The number of tokens to repeat across chunks in the same layer. */ overlapTokens: pulumi.Input; } interface KnowledgeBaseHierarchicalChunkingLevelConfigurationArgs { /** * The maximum number of tokens that a chunk can contain in this layer. */ maxTokens: pulumi.Input; } interface KnowledgeBaseManagedSourceConfigurationPropertiesArgs { webCrawlerConfiguration: pulumi.Input; } interface KnowledgeBaseRenderingConfigurationArgs { /** * A URI template containing exactly one variable in `${variableName}` format. This can only be set for `EXTERNAL` knowledge bases. For Salesforce, ServiceNow, and Zendesk, the variable must be one of the following: * * - Salesforce: `Id` , `ArticleNumber` , `VersionNumber` , `Title` , `PublishStatus` , or `IsDeleted` * - ServiceNow: `number` , `short_description` , `sys_mod_count` , `workflow_state` , or `active` * - Zendesk: `id` , `title` , `updated_at` , or `draft` * * The variable is replaced with the actual value for a piece of content when calling [GetContent](https://docs.aws.amazon.com/amazon-q-connect/latest/APIReference/API_GetContent.html) . */ templateUri?: pulumi.Input; } interface KnowledgeBaseSeedUrlArgs { url?: pulumi.Input; } interface KnowledgeBaseSemanticChunkingConfigurationArgs { /** * The dissimilarity threshold for splitting chunks. */ breakpointPercentileThreshold: pulumi.Input; /** * The buffer size. */ bufferSize: pulumi.Input; /** * The maximum number of tokens that a chunk can contain. */ maxTokens: pulumi.Input; } interface KnowledgeBaseServerSideEncryptionConfigurationArgs { /** * The customer managed key used for encryption. * * This customer managed key must have a policy that allows `kms:CreateGrant` and `kms:DescribeKey` permissions to the IAM identity using the key to invoke Wisdom. * * For more information about setting up a customer managed key for Wisdom, see [Enable Amazon Connect Wisdom for your instance](https://docs.aws.amazon.com/connect/latest/adminguide/enable-wisdom.html) . For information about valid ID values, see [Key identifiers (KeyId)](https://docs.aws.amazon.com/kms/latest/developerguide/concepts.html#key-id) . */ kmsKeyId?: pulumi.Input; } interface KnowledgeBaseSourceConfiguration0PropertiesArgs { appIntegrations: pulumi.Input; } interface KnowledgeBaseSourceConfiguration1PropertiesArgs { managedSourceConfiguration: pulumi.Input; } interface KnowledgeBaseVectorIngestionConfigurationArgs { /** * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. */ chunkingConfiguration?: pulumi.Input; /** * A custom parser for data source documents. */ parsingConfiguration?: pulumi.Input; } /** * Details about how to chunk the documents in the data source. A chunk refers to an excerpt from a data source that is returned when the knowledge base that it belongs to is queried. */ interface KnowledgeBaseVectorIngestionConfigurationChunkingConfigurationPropertiesArgs { chunkingStrategy: pulumi.Input; fixedSizeChunkingConfiguration?: pulumi.Input; hierarchicalChunkingConfiguration?: pulumi.Input; semanticChunkingConfiguration?: pulumi.Input; } /** * A custom parser for data source documents. */ interface KnowledgeBaseVectorIngestionConfigurationParsingConfigurationPropertiesArgs { bedrockFoundationModelConfiguration?: pulumi.Input; parsingStrategy: pulumi.Input; } interface KnowledgeBaseWebCrawlerConfigurationArgs { crawlerLimits?: pulumi.Input; exclusionFilters?: pulumi.Input[]>; inclusionFilters?: pulumi.Input[]>; scope?: pulumi.Input; urlConfiguration: pulumi.Input; } interface KnowledgeBaseWebCrawlerConfigurationCrawlerLimitsPropertiesArgs { rateLimit?: pulumi.Input; } interface KnowledgeBaseWebCrawlerConfigurationUrlConfigurationPropertiesArgs { seedUrls?: pulumi.Input[]>; } /** * The agent attributes that are used with the message template. */ interface MessageTemplateAgentAttributesArgs { /** * The agent’s first name as entered in their Amazon Connect user account. */ firstName?: pulumi.Input; /** * The agent’s last name as entered in their Amazon Connect user account. */ lastName?: pulumi.Input; } interface MessageTemplateAttachmentArgs { /** * The identifier of the attachment file. */ attachmentId?: pulumi.Input; /** * The name of the attachment file being uploaded. The name should include the file extension. */ attachmentName: pulumi.Input; /** * The S3 Presigned URL for the attachment file. When generating the PreSignedUrl, please ensure that the expires-in time is set to 30 minutes. The URL can be generated through the AWS Console or through the AWS CLI. For more information, see [Sharing objects with presigned URLs](https://docs.aws.amazon.com/AmazonS3/latest/userguide/ShareObjectPreSignedURL.html) . */ s3PresignedUrl: pulumi.Input; } /** * An object that specifies the default values to use for variables in the message template. This object contains different categories of key-value pairs. Each key defines a variable or placeholder in the message template. The corresponding value defines the default value for that variable. */ interface MessageTemplateAttributesArgs { /** * The agent attributes that are used with the message template. */ agentAttributes?: pulumi.Input; /** * The custom attributes that are used with the message template. */ customAttributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The customer profile attributes that are used with the message template. */ customerProfileAttributes?: pulumi.Input; /** * The system attributes that are used with the message template. */ systemAttributes?: pulumi.Input; } /** * The container of message template body. */ interface MessageTemplateBodyContentProviderArgs { /** * The content of the message template. */ content?: pulumi.Input; } /** * The content of the message template. */ interface MessageTemplateContentArgs { /** * The content of the message template that applies to the email channel subtype. */ emailMessageTemplateContent?: pulumi.Input; /** * The content of message template that applies to SMS channel subtype. */ smsMessageTemplateContent?: pulumi.Input; } /** * The customer profile attributes that are used with the message template. */ interface MessageTemplateCustomerProfileAttributesArgs { /** * A unique account number that you have given to the customer. */ accountNumber?: pulumi.Input; /** * Any additional information relevant to the customer's profile. */ additionalInformation?: pulumi.Input; /** * The first line of a customer address. */ address1?: pulumi.Input; /** * The second line of a customer address. */ address2?: pulumi.Input; /** * The third line of a customer address. */ address3?: pulumi.Input; /** * The fourth line of a customer address. */ address4?: pulumi.Input; /** * The first line of a customer’s billing address. */ billingAddress1?: pulumi.Input; /** * The second line of a customer’s billing address. */ billingAddress2?: pulumi.Input; /** * The third line of a customer’s billing address. */ billingAddress3?: pulumi.Input; /** * The fourth line of a customer’s billing address. */ billingAddress4?: pulumi.Input; /** * The city of a customer’s billing address. */ billingCity?: pulumi.Input; /** * The country of a customer’s billing address. */ billingCountry?: pulumi.Input; /** * The county of a customer’s billing address. */ billingCounty?: pulumi.Input; /** * The postal code of a customer’s billing address. */ billingPostalCode?: pulumi.Input; /** * The province of a customer’s billing address. */ billingProvince?: pulumi.Input; /** * The state of a customer’s billing address. */ billingState?: pulumi.Input; /** * The customer's birth date. */ birthDate?: pulumi.Input; /** * The customer's business email address. */ businessEmailAddress?: pulumi.Input; /** * The name of the customer's business. */ businessName?: pulumi.Input; /** * The customer's business phone number. */ businessPhoneNumber?: pulumi.Input; /** * The city in which a customer lives. */ city?: pulumi.Input; /** * The country in which a customer lives. */ country?: pulumi.Input; /** * The county in which a customer lives. */ county?: pulumi.Input; /** * The custom attributes in customer profile attributes. */ custom?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The customer's email address, which has not been specified as a personal or business address. */ emailAddress?: pulumi.Input; /** * The customer's first name. */ firstName?: pulumi.Input; /** * The customer's gender. */ gender?: pulumi.Input; /** * The customer's home phone number. */ homePhoneNumber?: pulumi.Input; /** * The customer's last name. */ lastName?: pulumi.Input; /** * The first line of a customer’s mailing address. */ mailingAddress1?: pulumi.Input; /** * The second line of a customer’s mailing address. */ mailingAddress2?: pulumi.Input; /** * The third line of a customer’s mailing address. */ mailingAddress3?: pulumi.Input; /** * The fourth line of a customer’s mailing address. */ mailingAddress4?: pulumi.Input; /** * The city of a customer’s mailing address. */ mailingCity?: pulumi.Input; /** * The country of a customer’s mailing address. */ mailingCountry?: pulumi.Input; /** * The county of a customer’s mailing address. */ mailingCounty?: pulumi.Input; /** * The postal code of a customer’s mailing address */ mailingPostalCode?: pulumi.Input; /** * The province of a customer’s mailing address. */ mailingProvince?: pulumi.Input; /** * The state of a customer’s mailing address. */ mailingState?: pulumi.Input; /** * The customer's middle name. */ middleName?: pulumi.Input; /** * The customer's mobile phone number. */ mobilePhoneNumber?: pulumi.Input; /** * The customer's party type. */ partyType?: pulumi.Input; /** * The customer's phone number, which has not been specified as a mobile, home, or business number. */ phoneNumber?: pulumi.Input; /** * The postal code of a customer address. */ postalCode?: pulumi.Input; /** * The ARN of a customer profile. */ profileArn?: pulumi.Input; /** * The unique identifier of a customer profile. */ profileId?: pulumi.Input; /** * The province in which a customer lives. */ province?: pulumi.Input; /** * The first line of a customer’s shipping address. */ shippingAddress1?: pulumi.Input; /** * The second line of a customer’s shipping address. */ shippingAddress2?: pulumi.Input; /** * The third line of a customer’s shipping address. */ shippingAddress3?: pulumi.Input; /** * The fourth line of a customer’s shipping address */ shippingAddress4?: pulumi.Input; /** * The city of a customer’s shipping address. */ shippingCity?: pulumi.Input; /** * The country of a customer’s shipping address. */ shippingCountry?: pulumi.Input; /** * The county of a customer’s shipping address. */ shippingCounty?: pulumi.Input; /** * The postal code of a customer’s shipping address. */ shippingPostalCode?: pulumi.Input; /** * The province of a customer’s shipping address. */ shippingProvince?: pulumi.Input; /** * The state of a customer’s shipping address. */ shippingState?: pulumi.Input; /** * The state in which a customer lives. */ state?: pulumi.Input; } /** * The content of message template that applies to email channel subtype. */ interface MessageTemplateEmailMessageTemplateContentArgs { /** * The body to use in email messages. */ body: pulumi.Input; /** * The email headers to include in email messages. */ headers: pulumi.Input[]>; /** * The subject line, or title, to use in email messages. */ subject: pulumi.Input; } /** * The body to use in email messages. */ interface MessageTemplateEmailMessageTemplateContentBodyArgs { /** * The message body, in HTML format, to use in email messages that are based on the message template. We recommend using HTML format for email clients that render HTML content. You can include links, formatted text, and more in an HTML message. */ html?: pulumi.Input; /** * The message body, in plain text format, to use in email messages that are based on the message template. We recommend using plain text format for email clients that don't render HTML content and clients that are connected to high-latency networks, such as mobile devices. */ plainText?: pulumi.Input; } /** * The email header to include in email messages. */ interface MessageTemplateEmailMessageTemplateHeaderArgs { /** * The name of the email header. */ name?: pulumi.Input; /** * The value of the email header. */ value?: pulumi.Input; } /** * The configuration information of the user groups that the message template is accessible to. */ interface MessageTemplateGroupingConfigurationArgs { /** * The criteria used for grouping Amazon Q in Connect users. */ criteria: pulumi.Input; /** * The list of values that define different groups of Amazon Q in Connect users. */ values: pulumi.Input[]>; } /** * The content of message template that applies to SMS channel subtype. */ interface MessageTemplateSmsMessageTemplateContentArgs { /** * The body to use in SMS messages. */ body: pulumi.Input; } /** * The body to use in SMS messages. */ interface MessageTemplateSmsMessageTemplateContentBodyArgs { /** * The message body to use in SMS messages. */ plainText?: pulumi.Input; } /** * The system attributes that are used with the message template. */ interface MessageTemplateSystemAttributesArgs { /** * The CustomerEndpoint attribute. */ customerEndpoint?: pulumi.Input; /** * The name of the task. */ name?: pulumi.Input; /** * The SystemEndpoint attribute. */ systemEndpoint?: pulumi.Input; } /** * The system endpoint attributes that are used with the message template. */ interface MessageTemplateSystemEndpointAttributesArgs { /** * The customer's phone number if used with customerEndpoint, or the number the customer dialed to call your contact center if used with systemEndpoint. */ address?: pulumi.Input; } /** * The container of quick response content. */ interface QuickResponseContentProviderArgs { /** * The content of the quick response. */ content?: pulumi.Input; } /** * The configuration information of the user groups that the quick response is accessible to. */ interface QuickResponseGroupingConfigurationArgs { /** * The criteria used for grouping Amazon Q in Connect users. */ criteria: pulumi.Input; /** * The list of values that define different groups of Amazon Q in Connect users. */ values: pulumi.Input[]>; } } export declare namespace workspaces { interface WorkspacePropertiesArgs { /** * The compute type. For more information, see [Amazon WorkSpaces Bundles](https://docs.aws.amazon.com/workspaces/details/#Amazon_WorkSpaces_Bundles) . */ computeTypeName?: pulumi.Input; /** * The size of the root volume. For important information about how to modify the size of the root and user volumes, see [Modify a WorkSpace](https://docs.aws.amazon.com/workspaces/latest/adminguide/modify-workspaces.html) . */ rootVolumeSizeGib?: pulumi.Input; /** * The running mode. For more information, see [Manage the WorkSpace Running Mode](https://docs.aws.amazon.com/workspaces/latest/adminguide/running-mode.html) . */ runningMode?: pulumi.Input; /** * The time after a user logs off when WorkSpaces are automatically stopped. Configured in 60-minute intervals. */ runningModeAutoStopTimeoutInMinutes?: pulumi.Input; /** * The size of the user storage. For important information about how to modify the size of the root and user volumes, see [Modify a WorkSpace](https://docs.aws.amazon.com/workspaces/latest/adminguide/modify-workspaces.html) . */ userVolumeSizeGib?: pulumi.Input; } interface WorkspacesPoolApplicationSettingsArgs { /** * The path prefix for the S3 bucket where users’ persistent application settings are stored. */ settingsGroup?: pulumi.Input; /** * Enables or disables persistent application settings for users during their pool sessions. */ status: pulumi.Input; } interface WorkspacesPoolCapacityArgs { /** * The desired number of user sessions for the WorkSpaces in the pool. */ desiredUserSessions: pulumi.Input; } interface WorkspacesPoolTimeoutSettingsArgs { /** * Specifies the amount of time, in seconds, that a streaming session remains active after users disconnect. If users try to reconnect to the streaming session after a disconnection or network interruption within the time set, they are connected to their previous session. Otherwise, they are connected to a new session with a new streaming instance. */ disconnectTimeoutInSeconds?: pulumi.Input; /** * The amount of time in seconds a connection will stay active while idle. */ idleDisconnectTimeoutInSeconds?: pulumi.Input; /** * Specifies the maximum amount of time, in seconds, that a streaming session can remain active. If users are still connected to a streaming instance five minutes before this limit is reached, they are prompted to save any open documents before being disconnected. After this time elapses, the instance is terminated and replaced by a new instance. */ maxUserDurationInSeconds?: pulumi.Input; } } export declare namespace workspacesinstances { interface ManagedInstancePropertiesArgs { blockDeviceMappings?: pulumi.Input[]>; capacityReservationSpecification?: pulumi.Input; cpuOptions?: pulumi.Input; creditSpecification?: pulumi.Input; disableApiStop?: pulumi.Input; ebsOptimized?: pulumi.Input; enablePrimaryIpv6?: pulumi.Input; enclaveOptions?: pulumi.Input; hibernationOptions?: pulumi.Input; iamInstanceProfile?: pulumi.Input; imageId: pulumi.Input; instanceType: pulumi.Input; ipv6AddressCount?: pulumi.Input; keyName?: pulumi.Input; licenseSpecifications?: pulumi.Input[]>; maintenanceOptions?: pulumi.Input; metadataOptions?: pulumi.Input; monitoring?: pulumi.Input; networkInterfaces?: pulumi.Input[]>; networkPerformanceOptions?: pulumi.Input; placement?: pulumi.Input; privateDnsNameOptions?: pulumi.Input; subnetId?: pulumi.Input; tagSpecifications?: pulumi.Input[]>; userData?: pulumi.Input; } interface VolumeTagArgs { /** * The key name of the tag */ key: pulumi.Input; /** * The value for the tag */ value: pulumi.Input; } interface VolumeTagSpecificationArgs { resourceType?: pulumi.Input; /** * The tags to apply to the resource */ tags?: pulumi.Input[]>; } interface WorkspaceInstanceBlockDeviceMappingArgs { deviceName?: pulumi.Input; ebs?: pulumi.Input; noDevice?: pulumi.Input; virtualName?: pulumi.Input; } interface WorkspaceInstanceCapacityReservationSpecificationArgs { capacityReservationPreference?: pulumi.Input; capacityReservationTarget?: pulumi.Input; } interface WorkspaceInstanceCapacityReservationTargetArgs { capacityReservationId?: pulumi.Input; capacityReservationResourceGroupArn?: pulumi.Input; } interface WorkspaceInstanceCpuOptionsRequestArgs { coreCount?: pulumi.Input; threadsPerCore?: pulumi.Input; } interface WorkspaceInstanceCreditSpecificationRequestArgs { cpuCredits?: pulumi.Input; } interface WorkspaceInstanceEbsBlockDeviceArgs { encrypted?: pulumi.Input; iops?: pulumi.Input; kmsKeyId?: pulumi.Input; throughput?: pulumi.Input; volumeSize?: pulumi.Input; volumeType?: pulumi.Input; } interface WorkspaceInstanceEnclaveOptionsRequestArgs { enabled?: pulumi.Input; } interface WorkspaceInstanceHibernationOptionsRequestArgs { configured?: pulumi.Input; } interface WorkspaceInstanceIamInstanceProfileSpecificationArgs { arn?: pulumi.Input; name?: pulumi.Input; } interface WorkspaceInstanceInstanceMaintenanceOptionsRequestArgs { autoRecovery?: pulumi.Input; } interface WorkspaceInstanceInstanceMetadataOptionsRequestArgs { httpEndpoint?: pulumi.Input; httpProtocolIpv6?: pulumi.Input; httpPutResponseHopLimit?: pulumi.Input; httpTokens?: pulumi.Input; instanceMetadataTags?: pulumi.Input; } interface WorkspaceInstanceInstanceNetworkInterfaceSpecificationArgs { description?: pulumi.Input; deviceIndex?: pulumi.Input; groups?: pulumi.Input[]>; subnetId?: pulumi.Input; } interface WorkspaceInstanceInstanceNetworkPerformanceOptionsRequestArgs { bandwidthWeighting?: pulumi.Input; } interface WorkspaceInstanceLicenseConfigurationRequestArgs { licenseConfigurationArn?: pulumi.Input; } interface WorkspaceInstancePlacementArgs { availabilityZone?: pulumi.Input; groupId?: pulumi.Input; groupName?: pulumi.Input; partitionNumber?: pulumi.Input; tenancy?: pulumi.Input; } interface WorkspaceInstancePrivateDnsNameOptionsRequestArgs { enableResourceNameDnsARecord?: pulumi.Input; enableResourceNameDnsAaaaRecord?: pulumi.Input; hostnameType?: pulumi.Input; } interface WorkspaceInstanceRunInstancesMonitoringEnabledArgs { enabled?: pulumi.Input; } interface WorkspaceInstanceTagArgs { key: pulumi.Input; value?: pulumi.Input; } interface WorkspaceInstanceTagSpecificationArgs { resourceType?: pulumi.Input; tags?: pulumi.Input[]>; } } export declare namespace workspacesthinclient { interface EnvironmentMaintenanceWindowArgs { /** * The desired time zone maintenance window. */ applyTimeOf?: pulumi.Input; /** * The date of maintenance window. */ daysOfTheWeek?: pulumi.Input[]>; /** * The hour end time of maintenance window. */ endTimeHour?: pulumi.Input; /** * The minute end time of maintenance window. */ endTimeMinute?: pulumi.Input; /** * The hour start time of maintenance window. */ startTimeHour?: pulumi.Input; /** * The minute start time of maintenance window. */ startTimeMinute?: pulumi.Input; /** * The type of maintenance window. */ type: pulumi.Input; } /** * A key-value pair to associate with a resource. */ interface EnvironmentTagArgs { /** * The key name of the tag. You can specify a value that is 1 to 128 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ key: pulumi.Input; /** * The value for the tag. You can specify a value that is 1 to 256 Unicode characters in length and cannot be prefixed with aws:. You can use any of the following characters: the set of Unicode letters, digits, whitespace, _, ., /, =, +, and -. */ value: pulumi.Input; } } export declare namespace workspacesweb { interface BrowserSettingsWebContentFilteringPolicyArgs { /** * URLs and domains that are always accessible to end users. */ allowedUrls?: pulumi.Input[]>; /** * Categories of websites that are blocked on the end user's browsers. */ blockedCategories?: pulumi.Input[]>; /** * URLs and domains that end users cannot access. */ blockedUrls?: pulumi.Input[]>; } interface DataProtectionSettingsCustomPatternArgs { /** * The keyword regex for the customer pattern. After there is a match to the pattern regex, the keyword regex is used to search within the proximity of the match. If there is a keyword match, then the match is confirmed. If no keyword regex is provided, the pattern regex match will automatically be confirmed. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example, "/ab+c/gi" */ keywordRegex?: pulumi.Input; /** * The pattern description for the customer pattern. */ patternDescription?: pulumi.Input; /** * The pattern name for the custom pattern. */ patternName: pulumi.Input; /** * The pattern regex for the customer pattern. The format must follow JavaScript regex format. The pattern must be enclosed between slashes, and can have flags behind the second slash. For example: "/ab+c/gi". */ patternRegex: pulumi.Input; } interface DataProtectionSettingsInlineRedactionConfigurationArgs { /** * The global confidence level for the inline redaction configuration. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This is applied to patterns that do not have a pattern-level confidence level. Defaults to confidence level 2. */ globalConfidenceLevel?: pulumi.Input; /** * The global enforced URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level enforced URL list. */ globalEnforcedUrls?: pulumi.Input[]>; /** * The global exempt URL configuration for the inline redaction configuration. This is applied to patterns that do not have a pattern-level exempt URL list. */ globalExemptUrls?: pulumi.Input[]>; /** * The inline redaction patterns to be enabled for the inline redaction configuration. */ inlineRedactionPatterns: pulumi.Input[]>; } interface DataProtectionSettingsInlineRedactionPatternArgs { /** * The built-in pattern from the list of preconfigured patterns. Either a customPattern or builtInPatternId is required. To view the entire list of data types and their corresponding built-in pattern IDs, see [Base inline redaction](https://docs.aws.amazon.com/workspaces-web/latest/adminguide/base-inline-redaction.html) . */ builtInPatternId?: pulumi.Input; /** * The confidence level for inline redaction pattern. This indicates the certainty of data type matches in the redaction process. Confidence level 3 means high confidence, and requires a formatted text pattern match in order for content to be redacted. Confidence level 2 means medium confidence, and redaction considers both formatted and unformatted text, and adds keyword associate to the logic. Confidence level 1 means low confidence, and redaction is enforced for both formatted pattern + unformatted pattern without keyword. This overrides the global confidence level. */ confidenceLevel?: pulumi.Input; /** * The configuration for a custom pattern. Either a customPattern or builtInPatternId is required. */ customPattern?: pulumi.Input; /** * The enforced URL configuration for the inline redaction pattern. This will override the global enforced URL configuration. */ enforcedUrls?: pulumi.Input[]>; /** * The exempt URL configuration for the inline redaction pattern. This will override the global exempt URL configuration for the inline redaction pattern. */ exemptUrls?: pulumi.Input[]>; /** * The redaction placeholder that will replace the redacted text in session for the inline redaction pattern. */ redactionPlaceHolder: pulumi.Input; } interface DataProtectionSettingsRedactionPlaceHolderArgs { /** * The redaction placeholder text that will replace the redacted text in session for the custom text redaction placeholder type. */ redactionPlaceHolderText?: pulumi.Input; /** * The redaction placeholder type that will replace the redacted text in session. */ redactionPlaceHolderType: pulumi.Input; } interface IpAccessSettingsIpRuleArgs { /** * The description of the IP rule. */ description?: pulumi.Input; /** * A single IP address or an IP address range in CIDR notation */ ipRange: pulumi.Input; } interface SessionLoggerEventFilter0PropertiesArgs { all: pulumi.Input; } interface SessionLoggerEventFilter1PropertiesArgs { include: pulumi.Input[]>; } interface SessionLoggerLogConfigurationArgs { /** * The configuration for delivering the logs to S3. */ s3?: pulumi.Input; } interface SessionLoggerS3LogConfigurationArgs { /** * The S3 bucket name where logs are delivered. */ bucket: pulumi.Input; /** * The expected bucket owner of the target S3 bucket. The caller must have permissions to write to the target bucket. */ bucketOwner?: pulumi.Input; /** * The folder structure that defines the organizational structure for log files in S3. */ folderStructure: pulumi.Input; /** * The S3 path prefix that determines where log files are stored. */ keyPrefix?: pulumi.Input; /** * The format of the LogFile that is written to S3. */ logFileFormat: pulumi.Input; } interface SessionLoggerUnitArgs { } interface UserSettingsBrandingConfigurationArgs { /** * The color theme for components on the web portal. Choose `Light` if you upload a dark wallpaper, or `Dark` for a light wallpaper. */ colorTheme?: pulumi.Input; /** * The favicon image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 100 KB in JPEG, PNG, or ICO format. */ favicon?: pulumi.Input; /** * Read-only. Metadata for the favicon image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function. */ faviconMetadata?: pulumi.Input; /** * A map of localized text strings for different languages, allowing the portal to display content in the user's preferred language. */ localizedStrings?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The logo image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 100 KB in JPEG, PNG, or ICO format. */ logo?: pulumi.Input; /** * Read-only. Metadata for the logo image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function. */ logoMetadata?: pulumi.Input; /** * The terms of service text in Markdown format that users must accept before accessing the portal. */ termsOfService?: pulumi.Input; /** * The wallpaper image for the portal. Provide either a binary image file or an S3 URI pointing to the image file. Maximum 5 MB in JPEG or PNG format. */ wallpaper?: pulumi.Input; /** * Read-only. Metadata for the wallpaper image file, including the MIME type, file extension, and upload timestamp. This property is automatically populated by the service and cannot be specified in your template. It can be retrieved using the `Fn::GetAtt` intrinsic function. */ wallpaperMetadata?: pulumi.Input; } interface UserSettingsCookieSpecificationArgs { /** * The domain of the cookie. */ domain: pulumi.Input; /** * The name of the cookie. */ name?: pulumi.Input; /** * The path of the cookie. */ path?: pulumi.Input; } interface UserSettingsCookieSynchronizationConfigurationArgs { /** * The list of cookie specifications that are allowed to be synchronized to the remote browser. */ allowlist: pulumi.Input[]>; /** * The list of cookie specifications that are blocked from being synchronized to the remote browser. */ blocklist?: pulumi.Input[]>; } interface UserSettingsImageMetadataArgs { /** * The file extension of the image. */ fileExtension: pulumi.Input; /** * The timestamp when the image was last uploaded. */ lastUploadTimestamp: pulumi.Input; /** * The MIME type of the image. */ mimeType: pulumi.Input; } interface UserSettingsLocalizedBrandingStringsArgs { /** * The text displayed in the browser tab title. */ browserTabTitle: pulumi.Input; /** * The text displayed on the contact button. This field is optional and defaults to "Contact us". */ contactButtonText?: pulumi.Input; /** * A contact link URL. The URL must start with `https://` or `mailto:` . If not provided, the contact button will be hidden from the web portal screen. */ contactLink?: pulumi.Input; /** * The text displayed during session loading. This field is optional and defaults to "Loading your session". */ loadingText?: pulumi.Input; /** * The text displayed on the login button. This field is optional and defaults to "Sign In". */ loginButtonText?: pulumi.Input; /** * The description text for the login section. This field is optional and defaults to "Sign in to your session". */ loginDescription?: pulumi.Input; /** * The title text for the login section. This field is optional and defaults to "Sign In". */ loginTitle?: pulumi.Input; /** * The welcome text displayed on the sign-in page. */ welcomeText: pulumi.Input; } interface UserSettingsToolbarConfigurationArgs { /** * The list of toolbar items to be hidden. */ hiddenToolbarItems?: pulumi.Input[]>; /** * The maximum display resolution that is allowed for the session. */ maxDisplayResolution?: pulumi.Input; /** * The type of toolbar displayed during the session. */ toolbarType?: pulumi.Input; /** * The visual mode of the toolbar. */ visualMode?: pulumi.Input; } } export declare namespace xray { interface GroupInsightsConfigurationArgs { /** * Set the InsightsEnabled value to true to enable insights or false to disable insights. */ insightsEnabled?: pulumi.Input; /** * Set the NotificationsEnabled value to true to enable insights notifications. Notifications can only be enabled on a group with InsightsEnabled set to true. */ notificationsEnabled?: pulumi.Input; } interface SamplingRuleArgs { /** * Matches attributes derived from the request. */ attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The percentage of matching requests to instrument, after the reservoir is exhausted. */ fixedRate: pulumi.Input; /** * Matches the hostname from a request URL. */ host: pulumi.Input; /** * Matches the HTTP method from a request URL. */ httpMethod: pulumi.Input; /** * The priority of the sampling rule. */ priority: pulumi.Input; /** * A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively. */ reservoirSize: pulumi.Input; /** * Matches the ARN of the AWS resource on which the service runs. */ resourceArn: pulumi.Input; /** * The ARN of the sampling rule. Specify a rule by either name or ARN, but not both. * * > Specifying a sampling rule by name is recommended, as specifying by ARN will be deprecated in future. */ ruleArn?: pulumi.Input; /** * The name of the sampling rule. Specify a rule by either name or ARN, but not both. */ ruleName?: pulumi.Input; samplingRateBoost?: pulumi.Input; /** * Matches the name that the service uses to identify itself in segments. */ serviceName: pulumi.Input; /** * Matches the origin that the service uses to identify its type in segments. */ serviceType: pulumi.Input; /** * Matches the path from a request URL. */ urlPath: pulumi.Input; /** * The version of the sampling rule format (1) */ version?: pulumi.Input; } interface SamplingRuleRecordArgs { /** * When the rule was created, in Unix time seconds. */ createdAt?: pulumi.Input; /** * When the rule was modified, in Unix time seconds. */ modifiedAt?: pulumi.Input; samplingRule?: pulumi.Input; } interface SamplingRuleSamplingRateBoostArgs { /** * Time window (in minutes) in which only one sampling rate boost can be triggered. After a boost occurs, no further boosts are allowed until the next window. */ cooldownWindowMinutes: pulumi.Input; /** * The maximum sampling rate X-Ray will apply when it detects anomalies. X-Ray determines the appropriate rate between your baseline and the maximum, depending on anomaly activity. */ maxRate: pulumi.Input; } interface SamplingRuleUpdateArgs { /** * Matches attributes derived from the request. */ attributes?: pulumi.Input<{ [key: string]: pulumi.Input; }>; /** * The percentage of matching requests to instrument, after the reservoir is exhausted. */ fixedRate?: pulumi.Input; /** * Matches the hostname from a request URL. */ host?: pulumi.Input; /** * Matches the HTTP method from a request URL. */ httpMethod?: pulumi.Input; /** * The priority of the sampling rule. */ priority?: pulumi.Input; /** * A fixed number of matching requests to instrument per second, prior to applying the fixed rate. The reservoir is not used directly by services, but applies to all services using the rule collectively. */ reservoirSize?: pulumi.Input; /** * Matches the ARN of the AWS resource on which the service runs. */ resourceArn?: pulumi.Input; ruleArn?: pulumi.Input; ruleName?: pulumi.Input; samplingRateBoost?: pulumi.Input; /** * Matches the name that the service uses to identify itself in segments. */ serviceName?: pulumi.Input; /** * Matches the origin that the service uses to identify its type in segments. */ serviceType?: pulumi.Input; /** * Matches the path from a request URL. */ urlPath?: pulumi.Input; } }