Skip to content

Commit

Permalink
feat: update L1 CloudFormation resource definitions (#29606)
Browse files Browse the repository at this point in the history
Updates the L1 CloudFormation resource definitions with the latest changes from `@aws-cdk/aws-service-spec`

**L1 CloudFormation resource definition changes:**
```
├[~] service aws-cloudwatch
│ └ resources
│    └[~] resource AWS::CloudWatch::AnomalyDetector
│      └ types
│         └[~] type SingleMetricAnomalyDetector
│           └ properties
│              └[+] AccountId: string
├[~] service aws-docdbelastic
│ └ resources
│    └[~] resource AWS::DocDBElastic::Cluster
│      └ properties
│         ├[+] BackupRetentionPeriod: integer
│         ├[+] PreferredBackupWindow: string
│         └[+] ShardInstanceCount: integer
├[~] service aws-elasticache
│ └ resources
│    └[~] resource AWS::ElastiCache::ParameterGroup
│      └ attributes
│         └[-] CacheParameterGroupName: string
├[~] service aws-entityresolution
│ └ resources
│    └[~] resource AWS::EntityResolution::IdMappingWorkflow
│      ├ properties
│      │  └ OutputSourceConfig: - Array<IdMappingWorkflowOutputSource> (required)
│      │                        + Array<IdMappingWorkflowOutputSource>
│      └ types
│         └[~] type IdMappingWorkflowInputSource
│           └ properties
│              ├ SchemaArn: - string (required)
│              │            + string
│              └[+] Type: string
├[~] service aws-iam
│ └ resources
│    └[~] resource AWS::IAM::ManagedPolicy
│      └ properties
│         └ Path: - string (immutable)
│                 + string (default="/", immutable)
└[~] service aws-securityhub
  └ resources
     ├[-] resource AWS::SecurityHub::DelegatedAdmin
     │ ├  name: DelegatedAdmin
     │ │  cloudFormationType: AWS::SecurityHub::DelegatedAdmin
     │ │  documentation: The AWS::SecurityHub::DelegatedAdmin resource represents the AWS Security Hub delegated admin account in your organization. One delegated admin resource is allowed to create for the organization in each region in which you configure the AdminAccountId.
     │ ├ properties
     │ │  └AdminAccountId: string (required, immutable)
     │ └ attributes
     │    ├DelegatedAdminIdentifier: string
     │    └Status: string
     ├[-] resource AWS::SecurityHub::Insight
     │ ├  name: Insight
     │ │  cloudFormationType: AWS::SecurityHub::Insight
     │ │  documentation: Creates a custom insight in Security Hub. An insight is a consolidation of findings that relate to a security issue that requires attention or remediation.
     │ │  To group the related findings in the insight, use the `GroupByAttribute` .
     │ ├ properties
     │ │  ├Name: string (required)
     │ │  ├Filters: AwsSecurityFindingFilters (required)
     │ │  └GroupByAttribute: string (required)
     │ ├ attributes
     │ │  └InsightArn: string
     │ └ types
     │    ├type AwsSecurityFindingFilters
     │    │├  documentation: A collection of filters that are applied to all active findings aggregated by AWS Security Hub .
     │    ││  You can filter by up to ten finding attributes. For each attribute, you can provide up to 20 filter values.
     │    ││  name: AwsSecurityFindingFilters
     │    │└ properties
     │    │   ├ProductArn: Array<StringFilter>
     │    │   ├AwsAccountId: Array<StringFilter>
     │    │   ├AwsAccountName: Array<StringFilter>
     │    │   ├Id: Array<StringFilter>
     │    │   ├GeneratorId: Array<StringFilter>
     │    │   ├Type: Array<StringFilter>
     │    │   ├Region: Array<StringFilter>
     │    │   ├SeverityLabel: Array<StringFilter>
     │    │   ├Title: Array<StringFilter>
     │    │   ├Description: Array<StringFilter>
     │    │   ├RecommendationText: Array<StringFilter>
     │    │   ├SourceUrl: Array<StringFilter>
     │    │   ├ProductFields: Array<MapFilter>
     │    │   ├ProductName: Array<StringFilter>
     │    │   ├CompanyName: Array<StringFilter>
     │    │   ├UserDefinedFields: Array<MapFilter>
     │    │   ├MalwareName: Array<StringFilter>
     │    │   ├MalwareType: Array<StringFilter>
     │    │   ├MalwarePath: Array<StringFilter>
     │    │   ├MalwareState: Array<StringFilter>
     │    │   ├NetworkDirection: Array<StringFilter>
     │    │   ├NetworkProtocol: Array<StringFilter>
     │    │   ├NetworkSourceIpV4: Array<IpFilter>
     │    │   ├NetworkSourceIpV6: Array<IpFilter>
     │    │   ├NetworkSourceDomain: Array<StringFilter>
     │    │   ├NetworkSourceMac: Array<StringFilter>
     │    │   ├NetworkDestinationIpV4: Array<IpFilter>
     │    │   ├NetworkDestinationIpV6: Array<IpFilter>
     │    │   ├NetworkDestinationDomain: Array<StringFilter>
     │    │   ├ProcessName: Array<StringFilter>
     │    │   ├ProcessPath: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorType: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorValue: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorCategory: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSource: Array<StringFilter>
     │    │   ├ThreatIntelIndicatorSourceUrl: Array<StringFilter>
     │    │   ├ResourceType: Array<StringFilter>
     │    │   ├ResourceId: Array<StringFilter>
     │    │   ├ResourcePartition: Array<StringFilter>
     │    │   ├ResourceRegion: Array<StringFilter>
     │    │   ├ResourceTags: Array<MapFilter>
     │    │   ├ResourceAwsEc2InstanceType: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceImageId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIpV4Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceIpV6Addresses: Array<IpFilter>
     │    │   ├ResourceAwsEc2InstanceKeyName: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceIamInstanceProfileArn: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceVpcId: Array<StringFilter>
     │    │   ├ResourceAwsEc2InstanceSubnetId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerId: Array<StringFilter>
     │    │   ├ResourceAwsS3BucketOwnerName: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyStatus: Array<StringFilter>
     │    │   ├ResourceContainerName: Array<StringFilter>
     │    │   ├ResourceContainerImageId: Array<StringFilter>
     │    │   ├ResourceContainerImageName: Array<StringFilter>
     │    │   ├ResourceDetailsOther: Array<MapFilter>
     │    │   ├ComplianceStatus: Array<StringFilter>
     │    │   ├VerificationState: Array<StringFilter>
     │    │   ├WorkflowState: Array<StringFilter>
     │    │   ├WorkflowStatus: Array<StringFilter>
     │    │   ├RecordState: Array<StringFilter>
     │    │   ├RelatedFindingsProductArn: Array<StringFilter>
     │    │   ├RelatedFindingsId: Array<StringFilter>
     │    │   ├ResourceApplicationArn: Array<StringFilter>
     │    │   ├ResourceApplicationName: Array<StringFilter>
     │    │   ├NoteText: Array<StringFilter>
     │    │   ├NoteUpdatedBy: Array<StringFilter>
     │    │   ├Sample: Array<BooleanFilter>
     │    │   ├ComplianceAssociatedStandardsId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlId: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersName: Array<StringFilter>
     │    │   ├ComplianceSecurityControlParametersValue: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsId: Array<StringFilter>
     │    │   ├FindingProviderFieldsRelatedFindingsProductArn: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityLabel: Array<StringFilter>
     │    │   ├FindingProviderFieldsSeverityOriginal: Array<StringFilter>
     │    │   ├FindingProviderFieldsTypes: Array<StringFilter>
     │    │   ├ResourceAwsIamAccessKeyPrincipalName: Array<StringFilter>
     │    │   ├ResourceAwsIamUserUserName: Array<StringFilter>
     │    │   ├VulnerabilitiesExploitAvailable: Array<StringFilter>
     │    │   └VulnerabilitiesFixAvailable: Array<StringFilter>
     │    ├type StringFilter
     │    │├  documentation: A string filter for filtering AWS Security Hub findings.
     │    ││  name: StringFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   └Value: string (required)
     │    ├type MapFilter
     │    │├  documentation: A map filter for filtering AWS Security Hub findings. Each map filter provides the field to check for, the value to check for, and the comparison operator.
     │    ││  name: MapFilter
     │    │└ properties
     │    │   ├Comparison: string (required)
     │    │   ├Key: string (required)
     │    │   └Value: string (required)
     │    ├type IpFilter
     │    │├  documentation: The IP filter for querying findings.
     │    ││  name: IpFilter
     │    │└ properties
     │    │   └Cidr: string
     │    └type BooleanFilter
     │     ├  documentation: Boolean filter for querying findings.
     │     │  name: BooleanFilter
     │     └ properties
     │        └Value: boolean (required)
     └[-] resource AWS::SecurityHub::ProductSubscription
       ├  name: ProductSubscription
       │  cloudFormationType: AWS::SecurityHub::ProductSubscription
       │  documentation: The AWS::SecurityHub::ProductSubscription resource represents a subscription to a service that is allowed to generate findings for your Security Hub account. One product subscription resource is created for each product enabled.
       ├ properties
       │  └ProductArn: string (required, immutable)
       └ attributes
          └ProductSubscriptionArn: string
```
  • Loading branch information
aws-cdk-automation authored Mar 25, 2024
1 parent bf34b6c commit 432f97d
Show file tree
Hide file tree
Showing 5 changed files with 15 additions and 15 deletions.
4 changes: 2 additions & 2 deletions packages/@aws-cdk/cloudformation-diff/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -23,8 +23,8 @@
},
"license": "Apache-2.0",
"dependencies": {
"@aws-cdk/aws-service-spec": "^0.0.59",
"@aws-cdk/service-spec-types": "^0.0.59",
"@aws-cdk/aws-service-spec": "^0.0.60",
"@aws-cdk/service-spec-types": "^0.0.60",
"aws-sdk": "2.1583.0",
"chalk": "^4",
"diff": "^5.2.0",
Expand Down
2 changes: 1 addition & 1 deletion packages/@aws-cdk/integ-runner/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -74,7 +74,7 @@
"@aws-cdk/cloud-assembly-schema": "0.0.0",
"@aws-cdk/cloudformation-diff": "0.0.0",
"@aws-cdk/cx-api": "0.0.0",
"@aws-cdk/aws-service-spec": "^0.0.59",
"@aws-cdk/aws-service-spec": "^0.0.60",
"cdk-assets": "0.0.0",
"@aws-cdk/cdk-cli-wrapper": "0.0.0",
"aws-cdk": "0.0.0",
Expand Down
2 changes: 1 addition & 1 deletion packages/aws-cdk-lib/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -135,7 +135,7 @@
"mime-types": "^2.1.35"
},
"devDependencies": {
"@aws-cdk/aws-service-spec": "^0.0.59",
"@aws-cdk/aws-service-spec": "^0.0.60",
"@aws-cdk/cdk-build-tools": "0.0.0",
"@aws-cdk/custom-resource-handlers": "0.0.0",
"@aws-cdk/pkglint": "0.0.0",
Expand Down
4 changes: 2 additions & 2 deletions tools/@aws-cdk/spec2cdk/package.json
Original file line number Diff line number Diff line change
Expand Up @@ -32,9 +32,9 @@
},
"license": "Apache-2.0",
"dependencies": {
"@aws-cdk/aws-service-spec": "^0.0.59",
"@aws-cdk/aws-service-spec": "^0.0.60",
"@aws-cdk/service-spec-importers": "^0.0.27",
"@aws-cdk/service-spec-types": "^0.0.59",
"@aws-cdk/service-spec-types": "^0.0.60",
"@cdklabs/tskb": "^0.0.3",
"@cdklabs/typewriter": "^0.0.3",
"camelcase": "^6",
Expand Down
18 changes: 9 additions & 9 deletions yarn.lock
Original file line number Diff line number Diff line change
Expand Up @@ -56,12 +56,12 @@
resolved "https://registry.npmjs.org/@aws-cdk/asset-node-proxy-agent-v6/-/asset-node-proxy-agent-v6-2.0.1.tgz#6dc9b7cdb22ff622a7176141197962360c33e9ac"
integrity sha512-DDt4SLdLOwWCjGtltH4VCST7hpOI5DzieuhGZsBpZ+AgJdSI2GCjklCXm0GCTwJG/SolkL5dtQXyUKgg9luBDg==

"@aws-cdk/aws-service-spec@^0.0.59":
version "0.0.59"
resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.59.tgz#4d3f64e42b566fa75d8228e19c8e95feec1f225c"
integrity sha512-uIk+FmA/giiDs8gORSUa8dKfJvkMPi6wQHcnZw7a0B1hQ6hA8WVXv+yxCmz5xd1b2Y7Zd/ww36XHTu9CvGKEvg==
"@aws-cdk/aws-service-spec@^0.0.60":
version "0.0.60"
resolved "https://registry.npmjs.org/@aws-cdk/aws-service-spec/-/aws-service-spec-0.0.60.tgz#6ed18a6f9cd8bce649a49f26ecf5e3c7a1360cf0"
integrity sha512-HyIQGKkPz3olFP5JKXxxVomTZFcpwRvDQ5e+deJ2srTS4EpUTFs8jB/Etw4gNvv0ka0y6Vv3dZ4Tvz6EhZ9t3A==
dependencies:
"@aws-cdk/service-spec-types" "^0.0.59"
"@aws-cdk/service-spec-types" "^0.0.60"
"@cdklabs/tskb" "^0.0.3"

"@aws-cdk/lambda-layer-kubectl-v24@^2.0.242":
Expand Down Expand Up @@ -92,10 +92,10 @@
dependencies:
"@cdklabs/tskb" "^0.0.3"

"@aws-cdk/service-spec-types@^0.0.59":
version "0.0.59"
resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.59.tgz#79605be022b21dcda73c2422821c41ac7f104db7"
integrity sha512-uFTPHuQ3/qBZy+pusVvXcfbM5dCbeOiItxHv2se/nOzRlrCz024aEq334oIpE1QET9rY1XWR8ji8tPlSimXcIA==
"@aws-cdk/service-spec-types@^0.0.60":
version "0.0.60"
resolved "https://registry.npmjs.org/@aws-cdk/service-spec-types/-/service-spec-types-0.0.60.tgz#497a45d223f9a5e8dcfc90c614271c54a92588a9"
integrity sha512-yXjN5vP1DmB7XJ4SmAvbvSusEklM9xe8e7QcETbokn3ghr0HHXjUkkzdVWaySr5EBBg92ANBG5dP/WZV2vHo/Q==
dependencies:
"@cdklabs/tskb" "^0.0.3"

Expand Down

0 comments on commit 432f97d

Please sign in to comment.